Security and Safety (Jan 2024)
On cultivation of cybersecurity and safety talents and responsible developers
Abstract
To address the serious imbalance between the supply and demand of the cybersecurity workforce, this paper proposes to embrace the latest trend of a fundamental shift in the “underlying dynamics of the digital ecosystem”, focusing on a shared liability for cybersecurity between the application side and the manufacturing side. Assuming that product providers shall take more responsibility by implementing secure defaults, this paper explores the establishment of an S&S talent cultivation system to strike the right balance of cybersecurity liabilities by nurturing more responsible developers. This paper proposes a Knowledge, Skill, and Awareness (KSA) model for Security and Safety (S&S) talent cultivation, proves the feasibility of this model by analyzing the theoretical, disciplinary, methodological, practical, and societal foundations of S&S talent cultivation. Additionally, this paper proposes principles and strategies for building a S&S talent cultivation system based on its unique characteristics and patterns. It gives a talent cultivation scheme, supported by an “Independent Knowledge System, Education and Cultivation System, Practice and Training system, Evaluation and Certification system, and Awareness Popularization System”. Finally, this paper puts forward a proposal for coordinating efforts and adopting multiple measures to accelerate the cultivation of S&S talents.
Keywords