Skip to main content
European Cybersecurity Skills Framework (ECSF)

29.09.2024

The ECSF provides an open tool to build a common understanding of the cybersecurity professional role profiles in Europe and common mappings with the appropriate skills and competences required.

 

European Cybersecurity Skills Framework (ECSF)

The European Cybersecurity Skills Framework (ECSF) is a practical tool to support the identification and articulation of tasks, competences, skills and knowledge associated with the roles of European cybersecurity professionals. It is the EU reference point for defining and assessing relevant skills, as defined in the Cybersecurity Skills Academy, which was recently announced by the European Commission.

The ECSF summarises the cybersecurity-related roles into 12 profiles, which are individually analysed into the details of their corresponding responsibilities, skills, synergies and interdependencies.  It provides a common understanding of the relevant roles, competencies, skills and knowledge mostly required in cybersecurity, facilitates recognition of cybersecurity skills, and supports the design of cybersecurity-related training programmes.

The framework and the corresponding user manual were presented during the 1st ENISA cybersecurity skills conference, in September 2022.

Within this context, in April 2023, the Commission adopted the Communication on a Cybersecurity Skills Academy, a policy initiative which aims to bring together existing initiatives on cyber skills and improve their coordination, with a view to bridging the cybersecurity talent gap and boosting competitiveness, growth and resilience in the EU. The ECSF constitutes the basis on which the Academy will define and assess relevant skills, monitor the evolution of the skill gaps and provide indications on the new needs. The impact and the future of the ECSF, as well as its role in the Academy, were elaborated in the 2nd edition of the ENISA Cybersecurity Skills Conference, which took place in September 2023, in Segovia, Spain.

ECSF Goals in Brief
  1. Use of the ECSF ensures a common terminology and shared understanding between the demand (workplace, recruitment) and supply (qualification, training) of cybersecurity professionals across the EU.
  2. The ECSF supports the identification of the critical skill sets required from a workforce perspective. It enables providers of learning programmes to support the development of this critical set of skills and helps policy-makers support targeted initiatives to mitigate the gaps identified in skills.
  3. The framework facilitates an understanding of leading cybersecurity professional roles and the essential skills they require, including soft skills, along with the legislative aspects (if any). In particular, it enables non-experts and HR departments to understand the requirements for resource planning, recruitment and career planning in supporting cybersecurity.
  4. The framework promotes harmonisation in cybersecurity education, training, and workforce development. At the same time, this common European language in the context of cybersecurity skills and roles connects well with the entire ICT professional domain.
  5. The ECSF contributes to achieving enhanced shielding against cyberattacks and to ensuring secure IT systems in society. It provides a standard structure and advice on how to implement capacity building within the European cybersecurity workforce.

 

READ ECSF HERE

READ CYBERSECURITY EDUCATION MATURITY ASSESSMENT HERE

Details

Target audience

Digital skills for the workforce

Digital skills for ICT professionals

Digital skills for public administration

Digital technology

Cybersecurity

Digital skills

Level

Basic

Middle

Advanced

Expert

Type of the educational resource

Methodology

Other educational materials

Language of the educational resource

Bulgarian

English

Country providing the educational resource

Other

Organisation providing the educational resource

The European Union Agency for Cybersecurity (ENISA)

Leave a Reply