The increasing complexity of cyber threats, particularly in critical infrastructure sectors, has amplified the need for a skilled and adaptable cybersecurity workforce. While frameworks such as the European Cybersecurity Skills Framework (ECSF) and the Cyber Security Body of Knowledge (CyBOK) offer structured representations of professional cyber career roles, skills and foundational knowledge areas, practical guidance on how to use them together for designing industry-aligned training programs remains limited. This paper addresses this gap by demonstrating how the compatibility between ECSF and CyBOK can inform the development of targeted, role-based training programs aimed at accelerating the upskilling of the cybersecurity workforce. Building on our recent compatibility study that mapped ECSF career role profiles to CyBOK knowledge areas, we present a practical use case focused on the Cyber Threat Intelligence Specialist career role. We detail a methodology for translating ECSF-CyBOK mappings into a modular training program, showcasing the design approach and the practical value of “joining the dots” between career roles, skills and knowledge. The proposed approach offers a replicable methodology to be applied to other roles and sectors, supporting the systematic design of tailored training programs aligned with evolving industry needs and regulatory requirements.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Joining the Dots Between Cybersecurity Career Roles, Skills and Knowledge

  • Eliana Stavrou,
  • Steven Furnell

摘要

The increasing complexity of cyber threats, particularly in critical infrastructure sectors, has amplified the need for a skilled and adaptable cybersecurity workforce. While frameworks such as the European Cybersecurity Skills Framework (ECSF) and the Cyber Security Body of Knowledge (CyBOK) offer structured representations of professional cyber career roles, skills and foundational knowledge areas, practical guidance on how to use them together for designing industry-aligned training programs remains limited. This paper addresses this gap by demonstrating how the compatibility between ECSF and CyBOK can inform the development of targeted, role-based training programs aimed at accelerating the upskilling of the cybersecurity workforce. Building on our recent compatibility study that mapped ECSF career role profiles to CyBOK knowledge areas, we present a practical use case focused on the Cyber Threat Intelligence Specialist career role. We detail a methodology for translating ECSF-CyBOK mappings into a modular training program, showcasing the design approach and the practical value of “joining the dots” between career roles, skills and knowledge. The proposed approach offers a replicable methodology to be applied to other roles and sectors, supporting the systematic design of tailored training programs aligned with evolving industry needs and regulatory requirements.