Desired cybersecurity skills and skills acquisition methods in the organizations

Abstract

Key personnel and their competences play important roles in continuity management and improving resilience of cybersecurity in organizations. Researchers have addressed many topics and studies in the cybersecurity domain. However, relevant cybersecurity skills and acquisition of them in expertise development, have only been partially touched. If designed systematically and properly, cybersecurity training can improve cybersecurity expertise to ensure better performance in complex cybersecurity situations. More through study on the acquisition of cybersecurity skills, and work-life needs are needed. The research three questions of this study are: How do work-life representatives see cybersecurity? How do work-life representatives see cybersecurity related skills? How do work-life representatives see methods for skills acquisition in the organizations? The work is multi-method, as it builds on both a literature review on skills acquisition in cybersecurity, and on empirical findings of a questionnaire study on cybersecurity skills desired by the work-life representatives. The findings show that cybersecurity is seen important in the organizations. The demanded skills from the employees focus especially on communication and situational awareness. There is a specific need for training with Cyber Ranges (CR) to ensure skills acquisition on cybersecurity. These results can be used to plan and design training and education for future professionals. This study aims to promote constructive discussion on skills and their acquisition in the cybersecurity domain.