The Curation Mechanism for the Czech National Qualifications Framework in Cybersecurity

Abstract

The cybersecurity field is a fast-paced, ever-changing, and complex environment. Society’s growing dependency on ICT combined with the rising number and seriousness of cyber threats emphasizes the need for a sufficient number of cybersecurity experts, who are, at the moment, still pretty scarce. Furthermore, the lack of common methodology, understanding of individual cybersecurity work roles, and the disparate perspectives of cybersecurity stakeholders from diverse backgrounds (academia, public entities, private sector) further hinder any long-term solutions. In our previous contributions, we presented the National Qualifications Framework in Cybersecurity, which could provide a solution for a sufficiently up-to-date, broad, and granular taxonomy of skills requirements for existing and future cybersecurity work roles that could mitigate this problem. The Platform, including the curation mechanism, was created for this Framework to be easy to navigate, administer, update and flexible. This enabled further utilization (and possibly even development) of the available inputs and synergies from existing qualification frameworks, such as the NICE Framework and the European Cybersecurity Skills Framework. In this article, we introduce and analyze the curation mechanism and the challenges of navigating cybersecurity qualification frameworks and producing a sufficient UI. Primarily we focus on the specific functions of the curation mechanism, e.g., the feedback collection and Framework updates, which could be adapted even for other framework content or languages and thereby implemented in parallel solutions. Therefore, we present the Platform, including the curation mechanism, as a dynamic common reference tool for cybersecurity workforce requirements.