On 18th January, ECSO’s Head of Sector for Applications & Human Factors, Nina Olesen, participated in a live panel discussion where she discussed ECSO’s cybersecurity capability and capacity-building efforts for a cyber resilient next generation (Next Gen) digital Europe. The panel was organised in the scope of a launch event for a new Digital Europe Programme project known as “CyberSecPro: Collaborative, Multi-modal and Agile Professional Cybersecurity Training Program for A Skilled Workforce In the European Digital Single Market and Industries”.

To launch the EU Digital Europe Innovation Project CyberSecPro, the Representation of the State of Hessen to the EU hosted a live panel discussion on “Overcoming Cyberignorance: Capabilities, Skills, and Education in Cybersecurity”.

ECSO argues that rather than a shortage of skills, we are facing a shortage of the workforce in that the demand for experts in Europe is growing faster than what can be supplied. Because of the variety of skills needed, in addition to filling technical roles, more people are needed for hybrid roles and non-technical roles, such as sales, education and cyber awareness. Consequently, the field of cybersecurity must be looked upon as not only technical, and individuals coming from non-STEM backgrounds should be encouraged to consider cybersecurity as career. More emphasis needs to be placed on the value of soft and transferable skills in the domain in order to achieve the needed uptake of talent across the domain.

The European Union Agency for Cybersecurity’s (ENISA) Cybersecurity Skills Framework (ECSF) will also help address the gap of experts. The framework offers a great basis upon which to categorise, navigate and attract the needed skills. It also allows policy makers, industry, academia and practitioners to speak the same language when it comes to cybersecurity skills and the workforce which will pave the way for more coherent approaches to addressing the gap of experts.

Lastly, ECSO stresses that in the long-term, the language used within the field of cybersecurity needs to change in order to open up the domain to more people of different backgrounds and skills. Today, the domain cybersecurity contains difficult and technical concepts that may put some people off. Instead, softer terms should be used and focus should lie on our shared responsibility to protect society against cyber threats and how we can nurture talent (women in particular) within the field. Through using language and words that resonate with feelings of responsibility and making a real difference in the lives of citizens, a more complete workforce capable of building a cyber resilient Europe will be achieved.