RESUMO
The impact of cybersecurity (CS) on public well-being is increasing due to the continued digitisation process of all industry sectors. The protection of information systems rests upon a sufficient number of CS specialists and their competences. A cyber-competence map describing the capacity and trends of the CS workforce is an essential element of the workforce development strategy. Large enterprises tend to have narrowly specialised employees with clearly identifiable roles. Still, most enterprises in small countries are SMEs. Therefore, the tasks and responsibilities of many CS-related specialists overlap the functions of several roles. This paper aims to develop a small-state cybersecurity competence map consistent with the standards of professional organisations. The work applies a combined qualitative and quantitative methodological approach to collect data using questionnaires and expert interviews in the CS field organisations. The study includes a representative public survey, a large-scale survey of company executives, an exploratory CS expert survey, and a comprehensive job posting analysis. Finally, a national CS competence map is presented and verified using two qualitative semi-structured interviews with field professionals. Even though the map reflects a status of a small nation state, it is activity-based and might be applicable in any country. As a future research direction, we will investigate the impact of early and late exposure to cybersecurity competences in education and framework applicability.
RESUMO
Cybersecurity (CS) is a contemporary field for research and applied study of a range of aspects from across multiple disciplines. A cybersecurity expert has an in-depth knowledge of technology but is often also recognized for the ability to view technology in a non-standard way. This paper explores how CS specialists are both a combination of professional computing-based skills and genetically encoded traits. Almost every human behavioral trait is a result of many genome variants in action altogether with environmental factors. The review focuses on contextualizing the behavior genetics aspects in the application of cybersecurity. It reconsiders methods that help to identify aspects of human behavior from the genetic information. And stress is an illustrative factor to start the discussion within the community on what methodology should be used in an ethical way to approach those questions. CS positions are considered stressful due to the complexity of the domain and the social impact it can have in cases of failure. An individual risk profile could be created combining known genome variants linked to a trait of particular behavior using a special biostatistical approach such as a polygenic score. These revised advancements bring challenging possibilities in the applications of human behavior genetics and CS.
