Participants Prefer Technical Hands-on Cyber Exercises Instead of Organisational and Societal Ones

Jani Päijänen, Jarno Salonen, Anni Karinsalo, Tuomo Sipola, Tero Kokkonen

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

Abstract

The current shortage of cybersecurity professionals is about 2 million people worldwide, and in Europe the industry is seeking for about 350 000 skilled professionals. There is also an enormous need for dedicated cybersecurity training courses for existing professionals who wish to acquire completely new skills or maintain their current ones. Due to the lack of new skilled workforce, the current cybersecurity personnel are overworked in their work. In order not to waste the valuable time of cybersecurity professionals with unnecessary training, cyber exercises should be well prepared. This article is based on research conducted in a European collaborative project and more specifically, a cyber exercise organised in early 2022. The purpose of our research was to conduct a preliminary assessment of the participants to learn about their skills and expectations before the cyber exercise. This assessment was used for fine-tuning the exercise. To achieve this, we identified common trends in the participants’ interests during the cyber exercise. The preliminary assessment was carried out as a web survey. The responses were cross tabulated to find meaningful indicators related to skills and interests of the participant group. We identified the most and least preferred knowledge areas for both the industry and public sector participants. Our findings show that the most interesting knowledge areas of all respondents were primarily technical in nature (Data Security, Connection Security, System Security), but Organisational Security was also reported. The least interesting knowledge areas were mostly non-technical in nature (Human Security, Organisational Security, Societal Security) but also Component Security was reported. We also enquired about the preferred team size. The majority of the respondents preferred a team size of three to four persons. The preferred single session duration was 46–60 minutes. The results help cybersecurity professionals to match their knowledge needs with the existing cybersecurity proposition and to determine the right and most beneficial training for them. The results also assist the providers of cyber training and other exercises to describe the targeted development of specific cybersecurity and other knowhow in a coherent, standard-like, way.
Original languageEnglish
Title of host publicationProceedings of the 22nd European Conference on Cyber Warfare and Security
EditorsAntonios Andreatos, Christos Douligeris
PublisherCurran Associates Inc.
Pages349-357
Number of pages9
Volume22
Edition1
ISBN (Electronic)978-1-914587-70-2
ISBN (Print)978-1-914587-69-6
DOIs
Publication statusPublished - 19 Jun 2023
MoE publication typeA4 Article in a conference publication
Event22nd European Conference on Cyber Warfare and Security, ECCWS 2023 - The Hellenic Air Force Academy (HAFA), Athens, Greece
Duration: 22 Jun 202323 Jun 2023

Publication series

SeriesEuropean Conference on Information Warfare and Security, ECCWS
Volume2023-June
ISSN2048-8602

Conference

Conference22nd European Conference on Cyber Warfare and Security, ECCWS 2023
Country/TerritoryGreece
CityAthens
Period22/06/2323/06/23

Keywords

  • cybersecurity
  • cyber range
  • cyber exercise
  • capture-the-flag
  • skills

Fingerprint

Dive into the research topics of 'Participants Prefer Technical Hands-on Cyber Exercises Instead of Organisational and Societal Ones'. Together they form a unique fingerprint.

Cite this