Abstract
One of the challenges in writing an article reviewing the current state of cyber education and workforce development is that there is a paucity of quantitative assessment regarding the cognitive aptitudes, work roles, or team organization required by cybersecurity professionals to be successful. In this review, we argue that the people who operate within the cyber domain need a combination of technical skills, domain specific knowledge, and social intelligence to be successful. They, like the networks they operate, must also be reliable, trustworthy, and resilient. Defining the knowledge, skills, attributes, and other characteristics is not as simple as defining a group of technical skills that people can be trained on; the complexity of the cyber domain makes this a unique challenge. There has been little research devoted to exactly what attributes individuals in the cyber domain need. What research does exist places an emphasis on technical and engineering skills while discounting the important social and organizational influences that dictate success or failure in everyday settings. This paper reviews the literature on cyber expertise and cyber workforce development to identify gaps and then argues for the important contribution of social fit in the highly complex and heterogenous cyber workforce. We then identify six assumptions for the future of cybersecurity workforce development, including the requirement for systemic thinkers, team players, a love for continued learning, strong communication ability, a sense of civic duty, and a blend of technical and social skill. Finally, we make recommendations for social and cognitive metrics which may be indicative of future performance in cyber work roles to provide a roadmap for future scholars.
Highlights
The cyber domain is a multi-disciplinary joining of computer science, mathematics, economics, law, psychology, and engineering
We argue that the development of any cybersecurity workforce that neglects the social aspect of human behavior on the network neglects a critical component of the cyber domain
A recurring theme is the focus on technical aspects of cyber workforce development, which leads to a knowledge gap, and we argue that closing this knowledge gap is essential to meet the demands of the future cyber workforce
Summary
The cyber domain is a multi-disciplinary joining of computer science, mathematics, economics, law, psychology, and engineering It encompasses the networking of online devices together, but how humans interact and are influenced by these devices. Necessarily correspond to their ‘actual’ persona used in real-world social interactions This complexity of human interactions across layers creates the uniqueness of the cyber domain, and it is understanding these human interactions that create underlying vulnerabilities on the network (Arachchilage and Love, 2013; Shillair et al, 2015). While there is a general appreciation of the social layer in broader cyber operations (e.g., the role of social networking in recent political unrest) and in intelligence analysis, there is less emphasis placed on understanding the role of social traits of the individual cybersecurity professional and their work performance. Social information is seen as a data point for cyber operations rather than an indicator for success in cyber workforce development
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
