Cybersecurity skills: Foundational theory and the cornerstone of advanced persistent threats (APTs) mitigation

Abstract

Cyber threats have been growing with social engineering and business e-mail compromise reported as the two most rising penetration vectors. Advanced Persistent Threats (APTs) are penetration techniques that combine several approaches to gain access to organizational networks. Organizations need a team of skilled individuals to mitigate or prevent the complexity and seriousness of cyber threats such as APTs. A skill is defined as the combination of ability, knowledge, and experience to do something well. Therefore, cybersecurity skills correspond to individual’s ability, knowledge, and experience surrounding the hardware and software required to identify, protect, detect, respond, and recover against damage, unauthorized use, modification, and/or exploitation of cyber infrastructure. Moreover, a strong security posture cannot exist without individuals that possess high level of cybersecurity skills as cyber-attackers prejudice against all nationalities. Therefore, the importance to find individuals that use their cybersecurity skills for good is paramount. This paper presents an-in-depth discussion on the theoretical rationale for cybersecurity skills as the cornerstone of APTs and other cyber threat mitigation.