TY - JOUR
T1 - CSEC+ framework assessment dataset
T2 - Expert evaluations of cybersecurity skills for job profiles in Europe
AU - Budde, Carlos E.
AU - Karinsalo, Anni
AU - Vidor, Silvia
AU - Salonen, Jarno
AU - Massacci, Fabio
N1 - Funding Information:
This work was funded by the European Union under GA n.101067199-ProSVED (https://cordis.europa.eu/project/id/101067199), and the H2020 Programme GA n.830929 CyberSec4Europe (https://cordis.europa.eu/project/id/830929). Views and opinions expressed are those of the author(s) only and do not necessarily reflect those of the European Union or The European Research Executive Agency. Neither the European Union nor the granting authority can be held responsible for them.
Funding Information:
This work was funded by the European Union under GA n. 101067199-ProSVED ( https://cordis.europa.eu/project/id/101067199 ), and the H2020 Programme GA n. 830929 CyberSec4Europe ( https://cordis.europa.eu/project/id/830929 ). Views and opinions expressed are those of the author(s) only and do not necessarily reflect those of the European Union or The European Research Executive Agency. Neither the European Union nor the granting authority can be held responsible for them.
Funding Information:
The dataset was collected in the Cyber Security for Europe project (funded by the European Union under the H2020 Programme GA#830929) study focusing on the skills required in distinct cybersecurity job profiles [2] . The context benefits all organisations and institutions having the objective of designing and implementing cybersecurity curricula for professionals or need such skills (e.g. new workforce or training of existing professionals).
Publisher Copyright:
© 2023 The Author(s)
PY - 2023/6
Y1 - 2023/6
N2 - This dataset contains expert assessments of the cybersecurity skills required for six job profiles in Europe, as determined via surveys responded by cybersecurity experts from academia and industry. The data can be used to identify educational needs in the cybersecurity sector and compare against other frameworks. The six cybersecurity-oriented job profiles used in the surveys are: General cybersec auditor; Technical cybersec auditor; Threat modelling engineer; Security engineer; Enterprise cybersecurity practitioner; Cybersecurity analyst. Data—i.e. expert assessments—was collected via surveys, targeted at European experts in cybersecurity from academia and industry. Respondents characterised the skills needed to perform in six job profiles using the CSEC+ framework: a cybersecurity skills framework prepared as a spreadsheet where cybersecurity skills must be ranked in a Likert scale from 0 (irrelevant) to 4 (advance knowledge needed). Metadata requested included the type of organisation of the respondent (Large company, SME, Academic/Research, Public administration, Other) and the country of origin. There were three data-collection phases: (1) an initial phase, used also to refine later larger-scale processes, carried out in Oct 2021–Jan 2022 and resulting in 13 expert assessments from four EU countries; (2) a second phase implemented as an online service broadcast to a larger audience, carried out in Mar–Apr 2022 and resulting in 15 assessments from eight European countries; (3) and a third phase, allowing direct online input and distributed in PC and mobile form, carried out in Sep–Oct 2022 and resulting in 32 assessments from ten European countries. The raw data gathered was stored and processed via spreadsheets, computing statistical information (mean, stdev) on how much each cybersecurity skill and area was deemed necessary to perform in each job profile. This is visualised as a heatmap where colour intensity symbolises value, and circle diffusion symbolises spread. Processed data further includes visualisations on how the area of origin of the respondent (academia, as in “producer of education”, vs. industry, as in “consumer of education”) influences the responses. This is shown as bar plots, where whiskers represent confidence intervals used for statistical-significance tests. This data can serve as basis to understand the educational needs for the cybersecurity sector in Europe. It can be reused for comparison against frameworks, other than CSEC+, to assess the need of education in specific cybersecurity sectors such as human security. Furthermore, the Qualtrics survey template (included) is a ready-made solution for replication studies.
AB - This dataset contains expert assessments of the cybersecurity skills required for six job profiles in Europe, as determined via surveys responded by cybersecurity experts from academia and industry. The data can be used to identify educational needs in the cybersecurity sector and compare against other frameworks. The six cybersecurity-oriented job profiles used in the surveys are: General cybersec auditor; Technical cybersec auditor; Threat modelling engineer; Security engineer; Enterprise cybersecurity practitioner; Cybersecurity analyst. Data—i.e. expert assessments—was collected via surveys, targeted at European experts in cybersecurity from academia and industry. Respondents characterised the skills needed to perform in six job profiles using the CSEC+ framework: a cybersecurity skills framework prepared as a spreadsheet where cybersecurity skills must be ranked in a Likert scale from 0 (irrelevant) to 4 (advance knowledge needed). Metadata requested included the type of organisation of the respondent (Large company, SME, Academic/Research, Public administration, Other) and the country of origin. There were three data-collection phases: (1) an initial phase, used also to refine later larger-scale processes, carried out in Oct 2021–Jan 2022 and resulting in 13 expert assessments from four EU countries; (2) a second phase implemented as an online service broadcast to a larger audience, carried out in Mar–Apr 2022 and resulting in 15 assessments from eight European countries; (3) and a third phase, allowing direct online input and distributed in PC and mobile form, carried out in Sep–Oct 2022 and resulting in 32 assessments from ten European countries. The raw data gathered was stored and processed via spreadsheets, computing statistical information (mean, stdev) on how much each cybersecurity skill and area was deemed necessary to perform in each job profile. This is visualised as a heatmap where colour intensity symbolises value, and circle diffusion symbolises spread. Processed data further includes visualisations on how the area of origin of the respondent (academia, as in “producer of education”, vs. industry, as in “consumer of education”) influences the responses. This is shown as bar plots, where whiskers represent confidence intervals used for statistical-significance tests. This data can serve as basis to understand the educational needs for the cybersecurity sector in Europe. It can be reused for comparison against frameworks, other than CSEC+, to assess the need of education in specific cybersecurity sectors such as human security. Furthermore, the Qualtrics survey template (included) is a ready-made solution for replication studies.
KW - Assessment framework
KW - Cybersecurity
KW - Education
KW - Human security
KW - Professional skills
UR - http://www.scopus.com/inward/record.url?scp=85161543903&partnerID=8YFLogxK
U2 - 10.1016/j.dib.2023.109285
DO - 10.1016/j.dib.2023.109285
M3 - Article
C2 - 37383788
AN - SCOPUS:85161543903
SN - 2352-3409
VL - 48
SP - 109285
JO - Data in Brief
JF - Data in Brief
M1 - 109285
ER -