The cybersecurity labour shortage in Europe: Moving to a new concept for education and training

Abstract

Recruiting, retaining and maintaining sufficient numbers of cybersecurity professionals in the workplace is a constant battle, not only for the technical side of cybersecurity, but also for the overlooked area of non-technical, managerial-related jobs in the cyber sector. This paper addresses the lack of cybersecurity skills in the European labour force market and the actions taken to improve the education in cybersecurity for meeting the identified needs. The paper analyses what kind of topics are missing within the cybersecurity curricula of the high-level educational institutions in Europe and in the courses provided by the cybersecurity trainers on the market. The findings are based on the data collected by the surveys carried out by the European competence centres on cybersecurity and the European CyberSecurity organization. These findings show that there are missing topics in the context of higher education cybersecurity programmes and within the private courses offered on the market. The problem of common programme accreditation of European higher education institutes (HEI) and the competence certifications for different work profiles in the area of cybersecurity are briefly presented and discussed as well. The actions undertaken to improve the education in both sectors are presented and the emerging educational landscape is proposed based on our findings. Recommendations to the stakeholders and scholars for improving the current state of cybersecurity education and training are explained in the concluding section.