Cybersecurity competence building trends

8 Apr 2016

Event report

Read the executive summary of the report.

Cyberspace has become an essential component of modern society, yet its merits are accompanied by threats. The number of reported cyber-incidents has increased the need to build cybersecurity competences, especially for protecting the critical infrastructure.

The study Cybersecurity Competence Building Trends, conducted by DiploFoundation’s researchers Vladimir Radunović and David Rüfenacht, analyses measures that ten OECD member states have applied to promote competence building in the field of cybersecurity. The study was commissioned by the Federal Department of Foreign Affairs of Switzerland.

The increasing dependence of the corporate sector on the Internet has also created a demand for qualified labour, which is being recognised by states as a possible driver for employment, economic growth, and global competitiveness. All the studied countries are developing the means to transform their national labour markets to meet this changing environment.

Eight dominant cybersecurity competence-building trends were identified in the study, and clustered within two categories:

  • Measures for strengthening the academic programmes, with long-term effects.
  • Measures related to professional training and knowledge frameworks, with shorter-term effects.

The first category includes measures such as: governmental support for university programmes; regional partnerships between research labs and multinational companies, aimed at increasing the country’s or region’s competitiveness in global cybersecurity markets; partnerships between universities and state security institutions; and university labelling programmes aimed to better correlate the curricula with the needs of public institutions.

One key trend in the second category is the collaboration between public institutions and professional certification bodies, leading to a soft standardisation of the minimum knowledge and ability requirements for cybersecurity personnel.

Other trends include: measures to improve the competences of the private sector, especially small and medium enterprises and operators of critical infrastructure;  cybersecurity training for decision-makers, managers, and senior executives; as well as the development of cybersecurity-related job descriptions, and the definition of the required knowledge training for such jobs.

The study concludes by saying that the identified trends lead not only to the development of national competences for responses to cyber-threats, but also to the consolidation of cutting-edge cyber-industries that increase the competitiveness of states in the global cyber-markets.