TOWARD OVERCOMING THE DISPROPORTION BETWEEN THE DEMAND FOR PROFESSIONALS AND THE PROVISION OF TRAINING IN CYBERSECURITY
The threat of cyber attacks is rapidly growing and transforming - as people become more and more connected with technology, exposing personal and confidential information to them, the possibility of abuse is growing. This leads to a growing danger for organizations, employees, and consumers. The fact is that cybersecurity is no longer a key issue only for technology companies; this is something that is prominent in the strategic plan of any major organization, as a cyberattack can mean not only the loss or compromise of certain data but even worse it can endanger the reputation and survival of the affected company.
The evolution of the understanding of cyber threats and challenges over the last decade has shown that significant measures are needed to regulate the security of the cyber-world to achieve Europe's goals of a digital single market. Together with NIS, the GDPR and e-Privacy Directive are also a need for actions to reduce the cyber-security deficit and enhance corporate intelligence on the subject. SMEs are in a particularly risky position in their efforts against malicious actors, as they have limited resources to protect their information systems. The problem is even worse in cases where small companies run a business that processes huge amounts of personal and sensitive data.
The main focus of the study is to identify existing disproportion in the supply and demand of cybersecurity professionals. For the current state of the problem were analyzed cybersecurity competences frameworks, taking into account both the regulatory requirements of Europe and some national ones. Based on this, policy and recommendation for implementing the Cybersecurity Competence Map for educating trainees and SME, in general, was developed.
In order to define the available disproportions in the discussed area, an analysis was carried out for the requirements for the security specialists work positions, an analysis of the offered training in the sector, as well as analysis of the realization of professionals in the area discussed.
Today, the need to regulate security measures in the cyber-physical world has been recognized. The dynamic change affects the management of risks to business and is due to the continuous improvement of the sophisticated technologies of malicious actors. This article contains a research based on the results of the data and fact-finding study in the implementation of the project REDCyberSG project (reducing skills for managing cyber skills in SMEs). The analyses, conclusions, and recommendations of the team are aimed at reducing the deficits in the training of cybersecurity experts in the educational structures and filling the gap of SME cyber security expertize. It is a step towards implementing the EU's common competences for cybersecurity skills in the SME sector on the road for the simultaneous promotion of technical and organizational expertise and corporate culture to comply with emerging regulations, directives and laws related to cybersecurity and protection of privacy and confidentiality.
This article presents in the efforts of the team to unity EU competences for cybersecurity skills concerning the SMEs meeting the labour market needs of skills shortages and gaps.