Summary of the panel discussions

Day 1

Synergies among European Initiatives

Panelists: Katarzyna PRUSAK-GORNIAK, ECCC, Davide MARTINI,EASA, Panagiotis MARZELAS, ESDC, Jutta BREYER, CEN TC428. Moderator:  Dimitra LIVERI, ENISA

The panelists discussed and showcased the value and use of the European Cybersecurity Skills Framework and how it can support understanding the needs the organisations have with regards to skilled professionals. The European Security Defense College presented the roll out of their training program for servants in the defense community based on the profiles of ECSF. At the same time, Aviation sector and more specifically EASA, mapped the needs of the sector and shared feedback on the skills and competences linked to the Aviation operators and related organisations. The important role of the National Coordination Centers through the European Cybersecurity Competency Center has been highlighted to approach the challenge of lack of skilled professionals in the EU to monitor the market and measure the needs across the EU. In the standardization world, the concept of skills and competences has been perceived as one to be further clarified and crystallized from the very early stages of cybersecurity as a stand-alone profession. The ECSF is a great effort and starting point which can be used as a map to further understand the needs of the ecosystem and predict regulatory compliance needs.

From strategy to actions: National policy initiatives endorsing ECSF

Panelists : Xana MARTINEZ, Spain; Paolo ATZENI, Italy; Miroslav HAVELKA, Slovakia; Christiana PIPERIDOU, Cyprus Moderator: Javier GOMEZ, ENISA

This panel featured representatives from various public bodies who shared insights into their efforts to incorporate the European Cyber Security Framework (ECSF). Representatives from Spain, Italy, Slovakia, and Cyprus discussed how ECSF integration is unfolding in their respective countries.

Italy is progressing in establishing strategic alliances with key actor such as Universities. Spain is collaborating closely with the Ministry of Education and other public entities to strategically integrate cybersecurity curricula into the overall education landscape, and also leveraging these curricula for internal recruitment. Cyprus has pinpointed crucial partners with whom they've initiated policy dialogues to determine cybersecurity training priorities and for recruitment within the Digital Security Agency. Slovakia has adopted the ECSF with a decree of the National Security Authority, which established knowledge standards in the field of cybersecurity aligned to the ECSF.

However, the panelists acknowledged some challenges. They recognize the need for increased collaboration with private sector stakeholders, especially those responsible for certification. Furthermore, they admit that there is a need to share more lessons and best practices with other EU Member States to identify common elements in the integration of ECSF.

Closing the professional skills gap: the role of private entities

Panelists: Alberto LONGHI, Leonardo; Jetzabel SERNA,  SAPAR GmbH; Andy WOOLHEAD, CRES. Moderator: Miguel Ángel CAÑADA NAVARRO, INCIBE

There is no digitalization without cybersecurity, and public-private partnership is a key factor in reducing the risk and raising awareness and trust for digital transformation. The lack of talent in cybersecurity is a common concern for governments, large companies, and SMEs not only in the EU but globally.

The ECSF is helping address this problem. For example, it supports companies in organizing and communicating their training offerings and ensuring that the results align with the needs, especially for professionals in the sector. However, the discussion also highlighted some challenges we have to face, such as how to link the benefits of implementing the Framework with the engagement of young professionals or students. This will be critical for the success of the ECSF and its added value for the cybersecurity sector.

Day 2

Driving Impact: Empowering Certifications through ECSF

Panelists: Sanjana MEHTA,ISC2; Vladlena BENSON, ISACA, Brian CORREIA, SANS; James STANGER,CompTIA. Moderator: Anne-Sophie DIEHL, DG CNECT, EC.

The panelist presented their respective commitments to narrow the cybersecurity skills gap in the European Union as part of the pledge of the Cybersecurity Skills Academy.

Panelists identified the benefits of ECSF for certification, namely how a common language can support portability, identification of gaps, coherence, standardisation of cybersecurity roles and skills. Alignment or mapping of their respective organisations’ certifications with the ECSF as well as use cases were precious tools to support career paths. Panelists also touched upon key features of the ECSF (accessibility, simplicity), including in comparison with the NICE framework. They shared information on the uptake of the framework, concurring notably on a high uptake of the framework one year only after its publication, its relevance for end users, a use of the framework mainly for conducting trainings, It was identified that the framework could also be leveraged by human resources as well as to support the design of career pathways, in a similar fashion as the US tool Cyberseek.

Promoting Excellence: capacity building activities embracing the ECSF

Panelists: Argyro CHATZOPOULOU, REWIRE funded project, Enrico CALANDRO, Cyber Resilience for Development (Cyber4Dev) , Eliana STAVROU,  Open University of Cyprus, Manel MEDINA,UPC-School  Moderator: Héctor LAIZ IBAÑEZ, INCIBE

During the panel discussion, a multifaceted understanding of the ECSF's applications and benefits emerged. Enrico eloquently emphasized the framework's value not just within the European continent but also as a catalyst for cyber capacity-building in regions beyond the EU, illuminating its global relevance. Argyro, elucidating on the REWIRE project, showcased how tangible project deliverables tied to the ECSF could not only deepen our understanding of the framework but also facilitate its practical adoption across sectors. On the academic front, Eliana's insights painted a vivid picture of curricular alignment at the Open University of Cyprus with the ECSF, highlighting the transformative changes and value it has brought to their MSc program. Manel, with a keen analytical eye, navigated the audience through the nuanced terrains of the current cyber job market. Leveraging data and filtering through the ECSF's 12 profiles, he pinpointed potential market gaps, an insight for both academia and industry alike.

 As the discussion transitioned from presentations to a more interactive format, it was palpable that the challenges faced by organizations in aligning with the ECSF were varied yet solvable. Recommendations flowed about how newcomers could navigate this space, with a clear consensus on the framework's role as a guiding light. A recurring theme was the evolving nature of cybersecurity and the paramount importance of keeping initiatives updated. Amidst the exchange of ideas, there was a collective acknowledgment of the ECSF's instrumental role in creating a standardized, accessible, and clear pathway for both individuals seeking a footing in cybersecurity and organizations aiming to refine their training paradigms

Inspiring testimonials from the Cybersecurity Frontlines

Panelists: Sarka PEKAROVA, Penetration Tester, Thermo FisherScientific;Carlos POLOP, Penetration Tester & 2021's captain of Spanish challenge and player in Team Europe; Edel O’ BRIEN, Cybersecurity Educator, Central Bank of Ireland;  Vanessa VENTRESCA, CEO & Co-founder, CyberTalentSpain. Moderator: Sara GARCIA BECARES, INCIBE

The Cybersecurity profession is very heterogeneous and diverse. It has room for people with different backgrounds, experience, training and profiles. This means that this sector has a wide access entry for a multitude of profiles. 

In this broad spectrum, the ECSF, allows us to establish the routes to the most demanded profiles, helping both people who want to access the sector to find their place, and organizations and entities, to define training programs and profiles in a homogeneous way throughout Europe