Project partners ramp up for pilot trainings

Evaluation of research

The first phase of the CYRUS project was dedicated to research and analysis of cybersecurity. In September 2023 this phase ended. In October, the project partners met to take stock: How did the project evolve? And what are the next steps?

To deliver a personalised, customised, work-based training framework for enhanced cybersecurity skills, the project partners first conducted a study to understand the cybersecurity skills, competencies, training needs and skill gaps of the workforce in the transport and manufacturing sector. For this, they interviewed 79 organisations from those sectors.

Insights from the survey

“The most important insight from the survey: There is a need to improve the skills of employees so that they develop a resilient mindset throughout the manufacturing and transport sector,” says Andrea Guerini from Cefriel.

Compared with the minimum levels of knowledge that the best practices from the regulatory bodies ENISA and NIST recommend, the survey showed lower results.

Overall, the study results highlighted the importance of raising awareness through training programmes, particularly among non-technical positions, also including management roles, e.g., responsible for finance or human resources.

Most important cyber threats

Small and mid-sized enterprises (SMEs) often lack awareness when it comes to cybersecurity, so that their workforce needs to be trained to recognise cyber threats in general.

The CYRUS team also analysed the most important cyber threat scenarios and identified who in terms of job roles needs to be trained in cybersecurity to mitigate risks.

The project partners gathered threat scenarios from existing literature and their own experience and mapped them to the most relevant affected job descriptions. This helped to describe the training needs, skills and level of competencies required to develop personalised and effective training.

Common cyber threats are for example:

  • Data leakage attack: data is leaked, e.g., by sending an email to the wrong recipient or through storage devices being lost or stolen. A company’s data and intellectual property is what differentiates it from its competitors and its theft is one of the costliest cyber threats.
  • Ransomware attack: the attack occurs when malware is used to encrypt a company file, a device or an entire computer system, making them inaccessible. Hackers can then demand a ransom in exchange for the decryption key, which is needed to make the files usable again.
  • Insider threat: current or former employees, suppliers or business partners who have access to the company’s systems intentionally or unintentionally share information or access to a system.

The gathered results were addressed in discussion rounds with external cybersecurity experts and potential participants. This helps to tailor the cybersecurity trainings to the needs of the organisations whose staff will be trained.

The cybersecurity competence framework

Based on the information collected in the research phase, the project partners developed the Cybersecurity Competence Framework. This framework facilitates transitions from education to work, matches people’s skills with the labour market trends and demands, informs people about available jobs and career pathways and identifies current and future employability skills.

It includes:

  • a mapping of the changes in key skills, knowledge and competencies needed in current and future scenarios,
  • a description of future workforce profiles based on the trends analysis and future scenarios,
  • different career/study pathways that will show the possible options for advancement and growth.

Next stop: pilot trainings

The pilot trainings will be developed based on the information which has been gathered and evaluated in the research phase, e.g.

  • cybersecurity technical skills, including cybersecurity requirements, practical exercises and on-the-job simulations in a cyber-range environment for the different industrial sectors
  • cybersecurity methodological and organisational aspects, including human and organisational vulnerability assessment, integrated cybersecurity risk assessment and participatory approaches to build a cybersecurity culture

Since active learning methods like teaching others, learning by doing and group discussions show particularly good knowledge retention, they will be a large part of the training assessment methodology.

Subscribe to our newsletter to stay up to date on the project’s progress!

After the first phase of the CYRUS project ended, the project partners came together in Lisbon, Portugal, on 17 and 18 October 2023 to evaluate and discuss the research results.

European Federation for Welding, Joining and Cutting (EWF) hosted the second CYRUS plenary meeting. 17 participants from the eleven partner organisations took part in the project meeting to discuss the research, latest developments and the next steps.