Working Group D: Cyber Security Culture and Skills
About Working Group D
The theme Cyber Security Culture and Skills has been endorsed by the GFCE community in the Delhi Communiqué as one of the five prioritized themes for cyber capacity building to
- Promote comprehensive awareness across all stakeholders of cyber-related threats and vulnerabilities and empower them with the knowledge, skills, and sense of shared responsibility to practice safe and informed behaviors in the use of ICTs, and to
- Involve all stakeholders to create a workforce with a set of cyber security skills and knowledge employers require.
GFCE Working Group D focusses on the following topics:
- Cyber Security Awareness
- Education and Training, with a focus on Cyber Security Workforce Development
More information on the work done by Working Group D can be found in the GFCE Working Groups Annual Report 2021.
Table of Contents
News and Updates
Every year the Working Group is updating its focus based on opportunities for collaboration on new projects within the GFCE Community. In 2019, the Working Group made a written submission providing views and recommendations in relation to the request for comments by NIST for the update to the NICE Cybersecurity Workforce Framework, NIST Special Publication 800-181. In 2020, the Working Groups also focused its work on the development of a GFCE WG D Cyber Security Awareness Campaigns Toolkit. In 2021, the Working Group hosted several virtual meetings during which participants had the opportunity to discuss the Working Group’s activities included in the Work Plan 2021, promote knowledge-sharing, exchange best practices and share updates on cyber capacity building topics.
Reports and Deliverables
Initiative on Developing Cyber Security As a Profession
In 2021, a new initiative was proposed to the WG D by the United Kingdom for “Developing cyber security as a profession”. A Project Team was formed and developed a survey to raise awareness and gather international views on developing cyber security as a profession. The survey explored how we can cement professional standards and quality assurance in the profession without adding unnecessary barriers to entry and progression and how we can ensure we are attracting the next generation of cyber security professionals.
Following the survey, the Project Team analysed the data and developed a first Draft Report which includes key findings and recommendations generated from the survey. You can access the Report here.
Research Report on Pre-University Cyber Security Education: A report on developing cyber skills amongst children and young people
With regards to the Global CCB Research Agenda 2021, Working Group D submitted a research idea on “Developing cyber skills amongst the young” which received funding and was developed by a research team from the University of Kent. The aim of the project is to understand how cyber security skills development is currently covered in pre-university curricula in different countries and regions, technical and non-technical approaches used to develop cyber security skills for different age groups up to 18, and the role of different stakeholders in such skills development activities. The report was written by Shujun Li, Vince Miller, Virginia Franquiera and Krysia Emily Waldock from the Institute of Cyber Security for Society (iCSS) at the University of Kent, and was commissioned with support from Global Affairs Canada through the Global CCB Research Agenda 2021 process, as a knowledge gap identified by Working Group D. You can access the Research Report here.
In 2020, WG D formed a smaller Project Team on Cyber Awareness to work on the development of a Cyber Security Awareness Campaigns Toolkit. The Project Team is currently working on the research towards the implementation of the toolkit and aims to deliver a first plan by the GFCE Annual V-Meeting 2020.
Details of work done by Working Group D can be found in GFCE Annual Report 2020.
Ambitions for Working group D in 2021 can also be found in the Working groups Workplan.
In 2019, the WG identified potential deliverables on education, training, and workforce developments frameworks. Working Group members submitted views and recommendations in relation to the request for comments by NIST for the update to the NICE Cybersecurity Workforce Framework, NIST Special Publication 800-181. The document can be found here.
GFCE White Paper: Task Force on Cybersecurity Professional Training and Development and
GFCE White Paper: Task Force on Cyber Security Awareness
WG D participants identified the need for more information on existing programs for cybersecurity awareness and professional education and training. The Chair and Task Force Leaders of WG D, together with the GFCE Secretariat, devised a questionnaire to which the WG D membership provided input pertaining to current initiatives for promoting cybersecurity awareness, education, professional training, and development. This input was collected in the database of initiatives. In addition, this white paper is supplemented by the analysis of secondary sources.
Contributions to Cybil Knowledge Portal
Working Group D has identified 98 projects, 32 publications, and 17 tools relating to cyber security culture and skills. These can be accessed on the website of the Cybil Portal: https://cybilportal.org/themes/cyber-security-culture-skills/