Pedagogical and self-reflecting approach to improving the learning within a cyber exercise

Karinsalo, Anni; Saharinen, Karo; Päijänen, Jani; Salonen, Jarno

doi:10.34190/eccws.21.1.221

Cited by 1 publication

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to define the cybersecurity skill levels of the participants prior to the exercise, as well as determine their expectations for it, we conducted a survey with six background questions and six research questions. We have described the survey and process thoroughly in Karinsalo et al (2022), but the following paragraphs will summarise the survey content and process briefly.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Participants Prefer Technical Hands-on Cyber Exercises Instead of Organisational and Societal Ones

Päijänen

Salonen

Karinsalo

et al. 2023

eccws

View full text Add to dashboard Cite

The current shortage of cybersecurity professionals is about 2 million people worldwide, and in Europe the industry is seeking for about 350 000 skilled professionals. There is also an enormous need for dedicated cybersecurity training courses for existing professionals who wish to acquire completely new skills or maintain their current ones. Due to the lack of new skilled workforce, the current cybersecurity personnel are overworked in their work. In order not to waste the valuable time of cybersecurity professionals with unnecessary training, cyber exercises should be well prepared. This article is based on research conducted in a European collaborative project and more specifically, a cyber exercise organised in early 2022. The purpose of our research was to conduct a preliminary assessment of the participants to learn about their skills and expectations before the cyber exercise. This assessment was used for fine-tuning the exercise. To achieve this, we identified common trends in the participants’ interests during the cyber exercise. The preliminary assessment was carried out as a web survey. The responses were cross tabulated to find meaningful indicators related to skills and interests of the participant group. We identified the most and least preferred knowledge areas for both the industry and public sector participants. Our findings show that the most interesting knowledge areas of all respondents were primarily technical in nature (Data Security, Connection Security, System Security), but Organisational Security was also reported. The least interesting knowledge areas were mostly non-technical in nature (Human Security, Organisational Security, Societal Security) but also Component Security was reported. We also enquired about the preferred team size. The majority of the respondents preferred a team size of three to four persons. The preferred single session duration was 46–60 minutes. The results help cybersecurity professionals to match their knowledge needs with the existing cybersecurity proposition and to determine the right and most beneficial training for them. The results also assist the providers of cyber training and other exercises to describe the targeted development of specific cybersecurity and other knowhow in a coherent, standard-like, way.

show abstract

Section: Methodsmentioning

confidence: 99%

“…In this article, we describe and analyse the results of the implemented Flagship 2 cyber exercise preliminary survey, which was designed by Karinsalo et al (2022). The objective was to collect information from the registered participants prior to the exercise.…”

Section: Introductionmentioning

confidence: 99%