By Alina Clasen | Euractiv.com Est. 5min 19-04-2023 Content-Type: News News Based on facts, either observed and verified directly by the reporter, or reported and verified from knowledgeable sources. “500 million cybersecurity experts are missing in the coming years. We need the people to make it happen. The academy aims to accelerate our efforts. It is a single point of entry for cybersecurity training and funding opportunities,” announced VP-Commissioner Margaritis Schinas. [European Parliament Multimedia Centre / Frédéric MARVAUX] Euractiv is part of the Trust Project >>> Print Email Facebook X LinkedIn WhatsApp Telegram This article is part of our special report Skills shortage puts Europe’s cyber resilience to the test.The European Commission launched Cybersecurity Skills Academy on Tuesday (18 April) to close the cybersecurity sector’s ongoing skills shortage and develop the EU’s cyber resilience. The Cybersecurity Skills Academy is part of the 2023 European Year of Skills, an initiative to promote the upskilling and reskilling of the workforce with the view of helping workers and companies keep up with the green and digital transitions. “500 million cybersecurity experts are missing in the coming years. We need the people to make it happen,” Commission Vice-President Margaritis Schinas told the hemicycle of the European Parliament gathered in Strasbourg on Tuesday (18 April). “The academy aims to accelerate our efforts. It is a single point of entry for cybersecurity training and funding opportunities,” he added. The academy is intended to fill in the cyber talent gap, as Europe is in dire need of IT experts to increase its resilience, as ENISA, the EU cybersecurity agency, told EURACTIV that in 2022 the shortage of cybersecurity professionals in the European Union ranged between 260,000 and 500,000. The platform recognises several certification schemes like (ISC)² and NVIDIA. “Cybersecurity is a growing concern for everyone. Yet, there is still limited understanding on how to protect ourselves in practice – limited experts pool, no long experience managing cybersecurity risks, and ever-evolving technology and threat landscape have created a gap,” Iva Tasheva, cybersecurity lead at the consultancy CYEN, told EURACTIV. Europe lagging behind on digital skills development, says EU official Barriers to lifelong learning and limited investment in training are slowing down the European Union’s efforts to fill the digital skills gap by 2030, according to EU representatives and experts, who pointed to the need for increased upskilling and reskilling support. Cybersecurity Skills Gap The 2022 Digital Economy and Society Index (DESI), which tracks year-on-year progress towards the goals across EU countries, found that the current geopolitical context with Russia’s invasion of Ukraine “renders the implementation of innovative digital solutions, technologies, and infrastructures based on EU’s values and principles, as well as strengthening cybersecurity, even more relevant.” Policymakers and industry practitioners are also concerned with the issue of ‘cyber poverty’. In a situation where a qualified cyber workforce is scarce, only large corporations can afford cyber teams, whilst smaller companies face the challenge of lacking cybersecurity training resources. “We get to the point where being privacy and security conscious as individuals is really the domain of the wealthy and technical elite,” Patrick Wheeler, director of the workforce development program CyberWayFinder, told EURACTIV. “Throwing bodies at this problem without improved societal aspects is a recipe for failure,” he added. New initiative With the new initiative, the Commission intends to contribute to narrowing the gap between needed and available skilled workers by providing means for specific training and further education programmes. “Initiatives such as the EU Cybersecurity Skills Academy are steps in the right direction from policymakers to reduce the digital skills gap through education and training at all ages. This is a huge multi-faceted challenge that requires bringing all stakeholders at the table together,” Chris Gow, head of EU public policy at Cisco, told EURACTIV. The Cyber Skills Academy is built on four pillars. The first pillar addresses education and training to foster EU cybersecurity knowledge. As part of the second pillar, it will also provide information on certification capacity and visibility on funding opportunities. The third pillar includes stakeholder involvement, and the fourth will monitor the evolution of market developments and the cybersecurity skill gap by introducing a methodology on quality and intensity. “A multi-stakeholder approach to funding opportunities is indispensable. The approach seems transparent and interactive.” Julia Schuetze, project director for cybersecurity policy at the think tank Stiftung Neue Verantwortung (SNV), told EURACTIV. “Now, the new task lies in community management and coordination with third parties from academia, NGOs, and the Tech-community,” she added. While the initiative might contribute to solving the problem, the Academy will not be a universal remedy, warns Philipp Eckhardt, a Centre for European Policy research officer. “The establishment of a cybersecurity skills academy is ultimately a drop in the ocean,” he said. Industry calls for scaling up investment in digital skills amid shortage Investing in digital skills will be crucial if Europe wants to reshape its economic position and secure its place in the future global value chain, industry and innovation figures have said, amid an ongoing skills shortage in the sector. Goals for 2030 The European Commission set the goal of reaching 80% of adult EU citizens with basic digital skills and 20 million employed Information and communications technology (ICT) specialists by 2030. To attain the goals, efforts must be made regarding targeting current initiatives at educational institutions that focus on the working class under 30. Wheeler of Cyberwayfinder noted how most mid-career switches that allow people to get IT training is internal programmes of ‘wealthy’ corporations, whilst new university graduates face steep challenges in landing their first cybersecurity job. The challenge the new Initiative aims to address is to raise the level of cybersecurity knowledge of the existing workforce and citizens, regardless of their current professional activities. “Even the retired or aged people need cybersecurity knowledge and awareness if they use digital services through a connected device,” ENISA told EURACTIV. As education remains a national competence, member states bear the main responsibility to achieve the set 2030 goals. “The EU can only play a supporting role here,” concludes Eckhardt. [Edited by Luca Bertuzzi/Alice Taylor] Read more with Euractiv EU launches Cyber Solidarity Act to respond to large-scale attacksThe Commission has published its controversial draft Cyber Solidarity Act, putting forward a proposal for boosting EU-wide cooperation in preparation for and response to major cyber attacks.
