01756nas a2200181 4500000000100000000000100001008004100002653001700043653002500060653001100085653001400096653002100110100001900131245009600150300001200246490000700258520130900265 2022 d10acompetencies10acybersecurity skills10adesign10aframework10atraining program1 aPavel Varbanov00aPerspectives in the Design of a Modern Cybersecurity Training Programme: The ECHO Approach a177-1900 v533 a
The paper leverages the training and education-related research outputs developed under the ECHO project. They are compared to the progress of the workgroups in ENISA (European Union Agency for Cybersecurity) and ECSO (European Cybersecurity Organization) that classify, structure and define the competencies, skills, and knowledge and risk factors. The approach digested by the ECHO project explores the methods for achieving a more vital balance between the market demands and talent supply. The scope of the research activities covers four main and interconnected components – i) Contextualization; ii) Competences; iii) Generic Curriculum; iv) Assessment methodology. The proposed approach explores and gradually builds upon the generic definitions of the skills and knowledge toward specific requirements on what an ICT or cybersecurity professional must know and be able to do in order to implement initial and further cyber-incident response actions. The paper considers mainly the design methods for building cybersecurity training programs for professionals. Still, it could be applied in academic settings as well, enriching the academic programs with practical learning experiences. Several examples are provided to demonstrate the relevance and applicability of the proposed methods.