Monday, February 20, 2017

Getting to know CISOs: Challenging assumptions about closing the cybersecurity skills gap

The cybersecurity skills gap is a serious problem for many countries, and it is a problem that I have been studying for some time. As different public and private entities involved in workforce development wrestle with this problem they may find my research to be of some assistance.

One survey suggests that these are the attributes most
needed to be a successful security professional
The largest opus I have completed is: Getting to know CISOs: Challenging assumptions about closing the cybersecurity skills gap (68-page PDF). This is the dissertation for my master's in security and risk management (kindly described by the university examiners as "a meaningful and accessible, critically analysed report" and "a very pleasing piece of work").

I decided to make this available to the public via the Internet so that any value it may provide – to the efforts to close the cybersecurity skills gap and advance the security profession – can be realized sooner, rather than later.

Although the examiners said "elements of this dissertation are potentially publishable as journal articles and/or white papers" I wanted to get the document out there in its entirety, and quickly. Of course, I may pull from, or build on, this work in peer-reviewed articles and white papers down the road, and it has informed several conference presentations that I have already delivered.

Note that the document is quite long, almost 25,000 words, although that includes the 171 references. It runs to 68 pages including screenshots of the survey instrument that I used. Here is the Abstract to help you decide if you want to download the whole thing.