Thu. Dec 1st, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment: Building a Cybersecurity Workforce? The European Cybersecurity Skills Framework

    Information - 95%
    Insight - 94%
    Relevance - 92%
    Objectivity - 93%
    Authority - 95%



    A short percentage-based assessment of the qualitative benefit of the recently released publications from the European Union Agency for Cybersecurity (ENISA) on building cybersecurity workforces.

    Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

    To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.

    Background Note: The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. Established in 2004 and strengthened by the EU Cybersecurity Act, the European Union Agency for Cybersecurity contributes to EU cyber policy, enhances the trustworthiness of ICT products, services, and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. Through knowledge sharing, capacity building, and awareness-raising, the Agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the Union’s infrastructure, and, ultimately, to keep Europe’s society and citizens digitally secure.

    Designed to contribute to building a competent cybersecurity workforce, the European Cybersecurity Skills Framework was the focus of the recent Cybersecurity Skills Conference organized by ENISA. This new framework may be beneficial for cybersecurity, information governance, and legal discovery professionals seeking to better understand and address cybersecurity threats.

    Publication Overview*

    The European Cybersecurity Skills Framework (ECSF)

    European Union Agency for Cybersecurity (ENISA)

    The European Cybersecurity Skills Framework (ECSF) is the result of the joint effort of ENISA and the ENISA Ad-hoc working group on Cybersecurity Skills Framework

    The aim of the ECSF is to create a common understanding of the relevant roles, competencies, skills, and knowledge; to facilitate cybersecurity skills recognition; and to support the design of cybersecurity-related training programs. It summarises all cybersecurity-related roles into 12 profiles, which are individually analyzed into the details of the responsibilities, skills, synergies, and interdependencies it corresponds to.

    The ECSF provides an open European tool to build a common understanding of the cybersecurity professional role profiles and common mappings with the appropriate skills and competencies required.

    The framework is complemented by a user manual, which constitutes a practical guide for its utilization, based on examples and use cases. The manual includes three examples for private organizations, that need to hire, upskill and/or reskill their personnel in cybersecurity, along with use cases, which represent the experience of seven organizations using the ECSF in different contexts.

    ECSF Goals in Brief

    1. Use of the ECSF ensures a common terminology and shared understanding between Cybersecurity professional demand (workplace, recruitment) and supply (qualification, training) across the EU.
    2. The ECSF supports the identification of a critical skill-set required from a workforce perspective. It enables learning providers to support the development of this set and policymakers to support targeted initiatives to mitigate the identified skills gap.
    3. The framework facilitates the understanding of leading Cybersecurity professional roles and the required essential skills -including soft skills- and sometimes also legislative aspects. In particular, it enables non-experts and HR departments to understand the requirements for cybersecurity-support resource planning, recruitment, and career planning.
    4. The framework promotes harmonization in cybersecurity education, training, and workforce development. At the same time, this common European language for the cybersecurity skills and roles context connects well with the entire ICT professional domain.
    5. The ECSF contributes to achieving enhanced shielding against cyber-attacks and ensuring secure IT systems in society. It provides a standard structure and advises on how to implement capacity building within the European cybersecurity workforce.

    More Information about the ECSF

    The cybersecurity workforce shortage and skills gap are major concerns for both economic development and national security, especially in the rapid digitization of the global economy. Thus, the development of a European Cybersecurity Skills Framework taking into account the needs of the EU and each one of its Member States was an essential step toward Europe’s digital future.

    The framework provides a practical tool to support the identification and articulation of tasks, competencies, skills, and knowledge associated with the roles of European cybersecurity professionals. The main purpose of the framework is to create a common understanding between individuals, employers, and providers of learning programs across EU Member States, making it a valuable tool to bridge the gap between the cybersecurity professional workplace and learning environments.

    The Framework will strengthen European cybersecurity culture, by providing a common European language across communities, thus making an essential step forward towards Europe’s digital future.

    The 12 cybersecurity role profiles defined by the framework provide a common understanding of the main cybersecurity missions, tasks and skills needed in a professional cybersecurity context, making it the perfect reference for profiling skills and knowledge needed by cybersecurity professionals. The framework was designed to be easily understood and comprehensive enough to provide appropriate in-depth cybersecurity insights as well as flexible enough to allow customization based on each user’s needs. By incorporating all stakeholder perspectives, the framework is applicable to all types of organizations and supports the development of all cybersecurity professions.

    The framework consists of 2 documents:

    • The ECSF Role Profiles Document – Listing the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, and competencies.
    • The ECSF User Manual Document – Providing guidance and practical examples on how to leverage the framework and benefit from it as an organization, provider of learning programs, or individual.

    Read the original announcement.

    Complete Report: ENISA ECSF Role Provides Document (PDF) – Mouseover to Scroll

    European Cybersecurity Skills Framework Role Profiles

    Complete Report: ENISA ECSF User Manual Document (PDF) – Mouseover to Scroll

    European Cybersecurity Skills Framework User Manual

    Read the original overview.

    *Shared with permission.

    Additional Reading

    Source: ComplexDiscovery


    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Beyond the Perimeter? The DoD Zero Trust Strategy and Roadmap

    Current and future cyber threats and attacks drive the need for...

    Balancing Spend and Standards? Cybersecurity Investments in the European Union

    According to EU Agency for Cybersecurity Executive Director Juhan Lepassaar, “The...

    Stricter Supervisory and Enforcement Measures? European Parliament Adopts New Cybersecurity Law

    According to European Member of Parliament (MEP) Bart Groothuis, “Ransomware and...

    Geopolitical Shakedowns? The Annual ENISA Threat Landscape Report – 10th Edition

    According to EU Agency for Cybersecurity Executive Director Juhan Lepassaar, “Today's...

    A Technology-Driven Solution? Integreon Announces New Chief Executive Officer

    Subroto’s people-first leadership style combined with his passion for leveraging technology...

    A Magnet for Revenue? Magnet Forensics Announces 2022 Third Quarter Results

    According to Adam Belsher, Magnet Forensics' CEO, "Our solutions address the...

    Progress and Opportunity? Cellebrite Announces Third Quarter 2022 Results

    “We are pleased to report a solid third quarter, delivering strong...

    Fueling Continued Growth? Renovus Capital Acquires Advisory Business from HBR Consulting

    "The legal industry remains in the early stages of digital and...

    An eDiscovery Market Size Mashup: 2022-2027 Worldwide Software and Services Overview

    From retraction to resurgence and acceleration, the worldwide market for eDiscovery...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for November 2022

    From cyber shakedowns and threats to the total cost of eDiscovery...

    Five Great Reads on Cyber, Data, and Legal Discovery for October 2022

    From cyber claims and data privacy to corporate litigation and the...

    Five Great Reads on Cyber, Data, and Legal Discovery for September 2022

    From privacy legislation and special masters to acquisitions and investigations, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for August 2022

    From AI and Big Data challenges to intriguing financial and investment...

    Onsite or Remote? Document Reviewer Preferences Survey (Winter 2023)

    Today CompexDiscovery expands that survey portfolio by introducing a new business...

    In The House? The Fall 2022 eDiscovery Total Cost of Ownership Survey – Final Results

    Today CompexDiscovery shares the results of a new business survey focused...

    Cold Front Concerns? Eighteen Observations on eDiscovery Business Confidence in the Fall of 2022

    In the fall of 2022, 49.0% of survey respondents felt that...

    Stereotyping Data? Issues Impacting eDiscovery Business Performance: A Fall 2022 Overview

    In the fall of 2022, 28.0% of respondents viewed increasing types...

    The Arrival of General Winter? Ukraine Conflict Assessments in Maps (November 21-27, 2022)

    According to a recent update from the Institute for the Study...

    Digging Out and Digging In? Ukraine Conflict Assessments in Maps (November 14-20, 2022)

    According to a recent update from the Institute for the Study...

    A Liberating Momentum? Ukraine Conflict Assessments in Maps (November 7-13, 2022)

    According to a recent update from the Institute for the Study...

    Rhetoric or Reality? Ukraine Conflict Assessments in Maps (November 1-6, 2022)

    According to a recent update from the Institute for the Study...