European Cybersecurity Skills Framework

ECSF Profile Icons Banner.png

The cybersecurity workforce shortage and skills gap is a major concern for both economic development and national security, especially in the rapid digitization of the global economy.

The development of a European Cybersecurity Skills Framework is an essential step towards Europe’s digital future.

Europe lags behind in the development of a comprehensive approach to define a set of roles and skills relevant to the cybersecurity field, as described in the ENISA Report “Cybersecurity Skills Development in the EU”. Though cybersecurity is a worldwide challenge affecting all countries, there are many differences in the ways it is approached by each state. For this reason, existing national cybersecurity frameworks may be incompatible or in general not targeted to the European needs, laws and regulations.

The development of a European Cybersecurity Skills Framework that would take into account the needs of the EU and each one of its Member States is considered an essential step towards Europe’s digital future.

The European Cybersecurity Skills Framework aims to create a common understanding of the roles, competencies, skills and knowledge used by and for individuals, employers and training providers across the EU Member States, in order to address the cybersecurity skills shortage. Additionally, it will help to further facilitate cybersecurity-related skills recognition and support the design of cybersecurity-related training programmes for skills and career development. Consequently, the European Cybersecurity Skills Framework will boost employment and employability in cybersecurity- related positions.

The ECSF resulted from the joint work of ENISA and a relevant Ad Hoc Working Group on the European Cybersecurity Skills Framework. The Group was formed in July 2020, following an ENISA public call for the creation of a multi-disciplinary group of experts that would promote harmonization in the ecosystem of cybersecurity education, training, and workforce development and develop a common European dialect for cybersecurity skills. The Ad Hoc Working Group on the European Cybersecurity Skills Framework began working in December 2020, analysed - in a methodological manner - other frameworks available at national, European and international level, and conducted a market analysis.

On April 5, 2022, a consolidated draft version of the European Cybersecurity Skills Framework was presented to the public through a webinar, during which the framework structure and benefits were presented, along with various use cases.

Following its presentation, ENISA is now releasing the draft version of the European Cybersecurity Skills Framework, along with the explanatory material presented during the webinar:

The final version of the European Cybersecurity Skills Framework will be presented during a cybersecurity conference that ENISA is hosting in Athens, Greece, in the 2nd half of September 2022 (more information to be uploaded soon). The goal of the conference titled “Cybersecurity Skills- Build a sustain a cybersecurity workforce”, will be to bring together national, European and international stakeholders who will share best practices in building a cybersecurity workforce.

ECSF Next Steps.png

For any questions or further enquiries please contact us at euskills@enisa.europa.eu.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information