The Youth IGF is a global movement of young activists, up to the age of 35, who operate as a multi-stakeholder network to lead projects aimed at tackling a wide range of Internet governance issues. In this article, Yuliya Morenets gives an overview of the Youth IGF's recent report on the human face of cybersecurity.
The cybersecurity skills gap in the private and public sectors across the EU is one the most important challenges we face in Internet governance. To help tackle the issue, my fellow Youth IGF members and I have been working on an assessment of the current situation and we've come up with a list of recommendations for an efficient EU cybersecurity skills agenda.
The Problem (in a nutshell)
Since the outbreak of COVID 19, as many of us find ourselves spending more of our personal and professional lives in cyberspace than ever before, the need for cybersecurity standards that ensure the protection of individuals and organisations on the Internet - a need that has long been recognised - has become more pressing than ever.
Making sure that the necessary standards get developed and implemented means having people with the right skills in place to carry out the work. Unfortunately, today, there is a shortage of cybersecurity professionals all across the EU who possess the relevant skills. The issue is exacerbated by the fact that the kinds of work being done in the field are actually pretty varied. Cybersecurity professionals working at different levels across different sectors can have quite different ideas about what skills are actually required and so what kind of training and education should be provided in order to close the skills gap.
The Human Face of Cybersecurity
Our report examines what steps need to be taken in order to equip individuals with the skills they need to help ensure a secure cyberspace. The main goal is to demonstrate the very real need for a consolidated EU response to the present lack of cybersecurity skills. To that end, we carried out the following:
- We provide readers with a detailed assessment of the relevant EU directives and strategies currently in place and give an overview of existing educational tracks on cybersecurity
- We explore possibilities for the better exchange of best practices; e.g. by looking at how private sector actors and corporations might aid the development of a coherent cybersecurity skills curricula
- We come up with a list of recommendations on how to move toward an effective EU cybersecurity skills agenda
The Youth IGF Recommendations
The recommendations set forward in the paper are divided into a set of policy actions and a set of development actions as follows:
- Promote and encourage media literacy on cybersecurity at the EU level
- Establish and promote a common EU cybersecurity skills curricular guidance or a recommendation for guidance on cybersecurity skills curricula for different formal education levels that can be recommended to the member states.
- Support existing volunteering actions for the young at the end of their studies and encourage the development of new ones within EU institutions working on cybersecurity, like Cybersecurity EU volunteers. This can also be done as an upskilling mechanism, to help the young gain their first experience in the field and to promote learning by doing.
- Call for a common EU certification for cybersecurity skills training modules (e.g. under one of the priorities of the digital skills agenda, in collaboration with ENISA).
- Improve the dialogue in between EU institutions and the young on cybersecurity by initiating an annual (physical/or virtual) meeting and through initiatives such as the Youth IGF.
- Promote upskilling initiatives recognised by the industry that will focus on cross-sectoral cyber skills.
- Facilitate the development of a set of guidelines for employers on on ensuring descriptions of cybersecurity job offers are up- to-date and written in language comprehensible for entry-level professionals, HR departments and cybersecurity departments.
- Facilitate and encourage the development of learning concepts for teaching cybersecurity skills to pupils (of different age groups).
- Facilitate the development of the recommendation for better internal communication (or intra-departments) on cybersecurity skills for industry.
- Better public-private-youth dialogues on cybersecurity topics in the EU context.
Read the Report
The full version of the report is now available. Please read and share!