The cybersecurity labour shortage and skills gap is a major concern for both economic development and national security, especially in the rapidly digitalising global economy. The analysis of cybersecurity profile taxonomies, carried out as part of the analysis and diagnosis of cybersecurity talent in Spain, has highlighted the factors affecting this industry, including among them, precisely, the lack of standardisation in the definition of roles and associated skills.
With this scenario in mind, the European Union Agency for Cibersecurity (ENISA), responsible for ensuring a common level of cybersecurity across Europe and tasked with cooperating with Member states and their agencies to prepare Europe for the challenges of tomorrow, has developed a European cybersecurity skills framework (the European Cybersecurity Skills Framework (ECSF)), which is the result of joint work between ENISA and an Ad Hoc Working Group), creating a common framework of understanding in this area, which is an essential step towards Europe's digital future.
The key objectives of the ECSF are:
- Establishing a common understanding of the roles, competences, skills and knowledge used by and for individuals, companies and training providers in all EU Member States, in order to address the cybersecurity skills shortage.
- Contributing to further facilitate the recognition of cybersecurity-related competences and support the design of cybersecurity-related training programmes for competence and career development.
Ultimately, the ECSF seeks to boost employment and employability in cybersecurity-related positions.