The Knowledge, Skills, and Abilities Used by Penetration Testers: Results of Interviews with Cybersecurity Professionals in Vulnerability Assessment and Management

Abstract

There is a growing need for cybersecurity professionals with the knowledge, skills and abilities (KSAs) necessary for risk and vulnerability analysis of security incidents. Currently, little is known about the relative importance of KSAs or tools used in vulnerability assessment and management, which leads to inefficiencies in education, personnel selection, and research. We interviewed 38 cybersecurity professionals to determine which KSAs are most important in Vulnerability Assessment and Management work. Of the 31 KSAs, 12 were rated as being significantly important to Vulnerability Assessment and Management work and indicate that four key areas should be prioritized in education, recruitment, and research: 1) knowledge of and skills in identifying vulnerabilities and robustness of systems and applications; 2) conceptual familiarity with classes of attacks and attack stages; 3) knowledge of and skills in penetration testing principles and tools; and 4) knowledge of network traffic and network protocols.