research-article

PESTLE Analysis of Cybersecurity Education

Authors:

Vladimir Janout,

Argyro Chatzopoulou,

Remi BadonnelAuthors Info & Claims

ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security

Article No.: 142, Pages 1 - 8

https://doi.org/10.1145/3465481.3469184

Published: 17 August 2021 Publication History

Abstract

Cybersecurity is a vital part of digital economies and digital governing but the discipline is suffering from a pronounced skills shortage. Nevertheless, the reasons for the inability of academia to produce enough graduates with the skills that reflect the needs of the cybersecurity industry are not well understood.

In this article, we have analysed the skills shortages, gaps, and mismatches affecting cybersecurity education. We performed a Political, Economic, Social, Technological, Legal, and Environmental (PESTLE) analysis, that allowed us to have an overview of the cybersecurity education environment from multiple perspectives. The results of this analysis highlight 31 different factors affecting cybersecurity education on a European level. These factors were further analysed from the specific perspectives of 11 European countries. In this further analysis, particular attention was given to the linkages between the identified factors. This helped to reveal which factors are connected and to describe how they are mutually dependent. A statistical approach was used to depict the results in a more general and comprehensive way and facilitated the development of our conclusions. Our analysis identifies a lack of European coordination and cooperation towards a common cybersecurity framework as one of the main factors affecting cybersecurity education.

References

[1]

[n.d.]. Data Protection Officer (DPO). https://edps.europa.eu/data-protection/data-protection/reference-library/data-protection-officer-dpo_en

[2]

[n.d.]. QEMU. www.qemu.org

[3]

2018. ENISA programming document 2019-2021. In ENISA (01 ed.), Vol. 2018. ENISA, 1–95. https://doi.org/10.2824/97038

[4]

2018. Recitals 75-77 and Articles 24.1 and 32 of the GDPR. https://www.privacy-regulation.eu/en/article-24-responsibility-of-the-controller-GDPR.htm

[5]

2019. Cybersecurity Skills Development in the EU. https://www.enisa.europa.eu/publications/the-status-of-cyber-security-education-in-the-european-union

[6]

2019. CYBERSECURITY SKILLS DEVELOPMENT IN THE EU. In ENISA. EU. https://www.enisa.europa.eu/publications/the-status-of-cyber-security-education-in-the-european-union

[7]

2019. ISACA: State of Cybersecurity 2019 Part 1: Current Trends in Workforce Development.Isaca.org 2019(2019), 1–40. https://media.milanote.com/p/files/1Ilftg1qhN4615/Rzf/Week%201-state-of-cybersecurity-ISACA%202019.pdf

[8]

2020. Adversarial ML Threat Matrix. https://github.com/mitre/advmlthreatmatrix)

[9]

2020. Cybersecurity Education. https://www.enisa.europa.eu/topics/cybersecurity-education

[10]

2020. Cybersecurity Professionals Stand Up to a Pandemic. https://www.isc2.org/-/media/ISC2/Research/2020/Workforce-Study/ISC2ResearchDrivenWhitepaperFINAL.ashx?la=en&hash=2879EE167ACBA7100C330429C7EBC623BAF4E07B

[11]

2020. Digital Education Action Plan (2021-2027). https://ec.europa.eu/education/education-in-the-eu/digital-education-action-plan_en

[12]

2020. European Cybersecurity Skills Framework. https://www.enisa.europa.eu/topics/cybersecurity-education/european-cybersecurity-skills-framework

[13]

2020. Evropský rámec certifikacekybernetické bezpečnosti., 5 pages. https://www.nukib.cz/download/publikace/vyzkum/Evropsky_ramec_certifikace_kyberneticke_bezpecnosti.pdf

[14]

2020. Joint communication to the European Parliament and the Council The EU’s Cybersecurity Strategy for the Digital Decade. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52020JC0018&from=EN

[15]

2020. Migration Data Portal: The bigger picture. https://migrationdataportal.org/themes/environmental_migration

[16]

2020. REWIRE: Cybersecurity Skills Alliance - A new Vision for Europe. https://rewireproject.eu/

[17]

2020. Statistics - European Statistical System (ESS). https://ec.europa.eu/eurostat/web/ess

[18]

2021. Post-Quantum Cryptography PQC. https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/Call-for-Proposals

[19]

2021. Rootme. https://www.root-me.org/

[20]

2021. WP2 PESTLE analysis of Cybersecurity Education. https://rewireproject.eu/wp-content/uploads/2021/04/R2.1.1_PESTLE_analysis_results.pdf

[21]

February 2020. Cidadão Ciberseguro (Cybersecure Citizen). https://www.nau.edu.pt/curso/cidadao-ciberseguro/

[22]

January 2013. Essential measures for a healthy network. https://www.ssi.gouv.fr/uploads/2013/01/guide_hygiene_v1-2-1_en.pdf

[23]

January 2021. The 15 biggest data breaches of the 21st century. https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html

[24]

Omar Abbosh and Kelly Bissell. 2019. Securing the Digital Economy. https://www.accenture.com/_acnmedia/Thought-Leadership-Assets/PDF/Accenture-Securing-the-Digital-Economy-Reinventing-the-Internet-for-Trust.pdf

[25]

Danita Baghdasarin. 2019. MRO Cybersecurity SWOT. International Journal of Aviation, Aeronautics, and Aerospace (2019). https://doi.org/10.15394/ijaaa.2019.1318

[26]

Dan Blum. 2020. Create Your Rational Cybersecurity Success Plan. In Rational Cybersecurity for Business. Springer, 297–313.

[27]

Steve Bullard. 20 November 2019. A Practical Approach To Using IoT Devices To Support Legacy SCADA Field Systems In The Transition To Internet-Based Industrial Automation Systems. https://www.wateronline.com/doc/a-practical-approach-to-using-iot-devices-to-support-legacy-scada-field-systems-0001

[28]

James Cadle, Debra Paul, and Paul Turner. 2010. Business analysis techniques: 72 essential tools for success. BCS, The Chartered Institute.

[29]

Kathleen M. Carley. 2020. Social cybersecurity. Computational and Mathematical Organization Theory 26, 4 (2020), 365–381. https://doi.org/10.1007/s10588-020-09322-9

Digital Library

[30]

European Commision. September 2017. The EU cybersecurity certification framework. https://ec.europa.eu/digital-single-market/en/eu-cybersecurity-certification-framework

[31]

Aitor Couce-Vieira and Siv Hilde Houmb. 2016. The role of the supply chain in cybersecurity incident handling for drilling rigs. In International Conference on Computer Safety, Reliability, and Security. Springer, 246–255.

[32]

Dipankar Dasgupta, Zahid Akhtar, and Sajib Sen. [n.d.]. Machine learning in cybersecurity. The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology([n. d.]). https://doi.org/10.1177/1548512920951275

[33]

Jon Davis and Shane Magrath. 2013. A survey of cyber ranges and testbeds. (2013).

[34]

Hans de Bruijn and Marijn Janssen. 2017. Building Cybersecurity Awareness. Government Information Quarterly 34, 1 (2017), 1–7. https://doi.org/10.1016/j.giq.2017.02.007

[35]

Katharine D’Hont. 2016. Women in Cybersecurity. (2016). https://wappp.hks.harvard.edu/files/wappp/files/dhondt_pae.pdf

[36]

David P. Fidler. 2013. Final Acts of the World Conference on International Telecommunications. International Legal Materials 52, 3 (2013), 843–860. https://doi.org/10.5305/intelegamate.52.3.0843

[37]

Peter James Fischer. 2019. A Cybersecurity Skills Framework. In Cybersecurity Education for Awareness and Compliance. IGI Global, 202–221. https://doi.org/10.4018/978-1-5225-7847-5.ch011

[38]

Abhishek Gupta. 2013. Environment & PEST analysis: an approach to the external business environment. International Journal of Modern Social Sciences 2, 1 (2013), 34–43.

[39]

Steve Hiscock. 2013. User Guardian. (2013). https://sites.google.com/site/userguardian1/investigation-and-market-research/2-6-pestle-analysis?authuser=0

[40]

ISACA. 2020. State of CYbersecurity 2020: Part 1: Global Update on Workforce Efforts and Resources. https://leadcomm.com.br/wp-content/uploads/2020/03/State-of-Cybersecurity-2020-Part-1.pdf

[41]

ISO 31000:2018 2018. Risk management — Guidelines. Standard. International Organization for Standardization, Geneva, CH. https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-2:v1:en

[42]

D. Katsianis, I. Neokosmidis, A. Pastor, L. Jacquin, and G. Gardikis. 2018. Factors Influencing Market Adoption and Evolution of NFV/SDN Cybersecurity Solutions. Evidence from SHIELD Project. 2018 European Conference on Networks and Communications (EuCNC) (2018), 1–5. https://doi.org/10.1109/EuCNC.2018.8442845

[43]

Volkmar Lotz. 2020. Cybersecurity Certification for Agile and Dynamic Software Systems – a Process-Based Approach. IEEE, 85–88. https://doi.org/10.1109/EuroSPW51379.2020.00021

[44]

Xenia Mountrouidou, David Vosen, Chadi Kari, Mohammad Q. Azhar, Sajal Bhatia, Greg Gagne, Joseph Maguire, Liviana Tudor, and Timothy T. Yuen. 2019-12-18. Securing the Human. Proceedings of the Working Group Reports on Innovation and Technology in Computer Science Education(2019-12-18), 157–176. https://doi.org/10.1145/3344429.3372507

Digital Library

[45]

European Cyber Security Organisation. 2018. Gaps in European Cyber Education and Professional Training.

[46]

Alexandros Papanikolaou, Vasileios Vlachos, Anastasios Papathanasiou, Konstantinos Chaikalis, Maria Dimou, and Magdalini Karadimou. 2014. A survey of cyber crime in Greece. Telfor Journal 6, 2 (2014), 86–91. https://doi.org/10.5937/telfor1402086P

[47]

Anastasios Papathanasiou, Alexandros Papanikolaou, Vasileios Vlachos, Konstantinos Chaikalis, Maria Dimou, Magdalini Karadimou, and Vaia Katsoula. 2014. Legal and Social Aspects of Cyber Crime in Greece. E-Democracy, Security, Privacy and Trust in a Digital World (2014), 153–164. https://doi.org/10.1007/978-3-319-11710-2_14

[48]

Jason Reed and Jonathan Acosta-Rubio. 2018. Innovation Through Inclusion: The Multicultural Cybersecurity Workforce. (2018). https://www.isc2.org/-/media/Files/Research/Innovation-Through-Inclusion-Report.ashx

[49]

Sara RICCI, Jan HAJNY, Edmundas PIESARSKAS, Simon PARKER, and Vladimir JANOUT. [n.d.]. Challenges in Cyber Security Education. ([n. d.]).

[50]

B Senaratne. 2017. Dynamics in Cybersecurity: Challenges to Sri Lankas National Security. (2017).

[51]

Edward Simpson, John Hart, Andrew Phillips, and David Angus. 2015. Higher Education: Environmental Analysis & Industry Scenarios: Scottish Universities. (08 2015). https://doi.org/10.13140/RG.2.1.2814.1281

[52]

William M. Stahl. [n.d.]. The Uncharted Waters of Cyberspace: Applying the Principles of International Maritime Law to the Problem of Cybersecurity. Int’l & Comp. 40Ga([n. d.]), L.247. https://digitalcommons.law.uga.edu/gjicl/vol40/iss1/9

[53]

Open Group Standart. 2013. Risk analysis (O-RA). (2013). https://publications.opengroup.org/c13g

[54]

Jeff Styles. 2020. The unseen COVID-19 ripple effect: Security misconfiguration risk. hhttps://www.securityinfowatch.com/covid-19/article/21137323/the-unseen-covid19-ripple-effect-security-misconfiguration-risk

[55]

Elochukwu Ukwandu, Mohamed Amine Ben Farah, Hanan Hindy, David Brosset, Dimitris Kavallieros, Robert Atkinson, Christos Tachtatzis, Miroslav Bures, Ivan Andonovic, and Xavier Bellekens. 2020. A Review of Cyber-Ranges and Test-Beds. Sensors 20, 24 (2020). https://doi.org/10.3390/s20247148

[56]

Vincent E Urias, William MS Stout, Brian Van Leeuwen, and Han Lin. 2018. Cyber range infrastructure limitations and needs of tomorrow: A position paper. In 2018 International Carnahan Conference on Security Technology (ICCST). IEEE, 1–5.

[57]

Kieran Walsh, Lalitha Bhagavatheeswaran, and Elisa Roma. 2019. E-learning in healthcare professional education: an analysis of political, economic, social, technological, legal and environmental (PESTLE) factors. MedEdPublish 8(2019).

[58]

ECSO WG5. [n.d.]. Understanding Cyber Ranges: From Hype to Reality. 1–31. https://ecs-org.eu/documents/publications/5fdb291cdf5e7.pdf

Cited By

Barbosa J(2024)Education in Cybersecurity – A Case StudyWSEAS TRANSACTIONS ON ADVANCES in ENGINEERING EDUCATION10.37394/232010.2024.21.1221(92-109)Online publication date: 2-Oct-2024
https://doi.org/10.37394/232010.2024.21.12
Ricci SParker SJerabek JDanidou YChatzopoulou ABadonnel RLendak IJanout V(2024)Understanding Cybersecurity Education Gaps in EuropeIEEE Transactions on Education10.1109/TE.2023.334086867:2(190-201)Online publication date: 4-Jan-2024
https://dl.acm.org/doi/10.1109/TE.2023.3340868
Sommer PLakner SNordt ATanneberger FWegmann J(2024)Deriving a justified budget for peatland rewetting – Applying the German coal phase-out as a blueprintLand Use Policy10.1016/j.landusepol.2024.107363147(107363)Online publication date: Dec-2024
https://doi.org/10.1016/j.landusepol.2024.107363
Show More Cited By

Index Terms

PESTLE Analysis of Cybersecurity Education
1. Social and professional topics
  1. Professional topics
    1. Computing education

Index terms have been assigned to the content through auto-classification.

Recommendations

Enhancing Cybersecurity Education Using POGIL (Abstract Only)
SIGCSE '17: Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education

This poster presents our NSF collaborative project "Enhancing Cybersecurity Education Using POGIL". Although the POGIL (Process Oriented Guided Inquiry Learning) instructional approach has been used and evaluated in science and engineering disciplines, ...
The role of national cybersecurity strategies on the improvement of cybersecurity education
Abstract
Digital information and telecommunication technologies have not only become essential to individuals’ daily lives but also to a nation’s sustained economic growth, societal well-being, critical infrastructure resilience, and national ...
Game based Cybersecurity Training for High School Students
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science Education

Cybersecurity is critical to the national infrastructure, federal and local government, military, industry, and personal privacy. To defend the U.S. against the cyber threats, a significant demand for skilled cybersecurity workforce is predicted in ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security

August 2021

1447 pages

ISBN:9781450390514

DOI:10.1145/3465481

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Conference

ARES 2021

ARES 2021: The 16th International Conference on Availability, Reliability and Security

August 17 - 20, 2021

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
1,126
Total Downloads

Downloads (Last 12 months)362
Downloads (Last 6 weeks)43

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Barbosa J(2024)Education in Cybersecurity – A Case StudyWSEAS TRANSACTIONS ON ADVANCES in ENGINEERING EDUCATION10.37394/232010.2024.21.1221(92-109)Online publication date: 2-Oct-2024
https://doi.org/10.37394/232010.2024.21.12
Ricci SParker SJerabek JDanidou YChatzopoulou ABadonnel RLendak IJanout V(2024)Understanding Cybersecurity Education Gaps in EuropeIEEE Transactions on Education10.1109/TE.2023.334086867:2(190-201)Online publication date: 4-Jan-2024
https://dl.acm.org/doi/10.1109/TE.2023.3340868
Sommer PLakner SNordt ATanneberger FWegmann J(2024)Deriving a justified budget for peatland rewetting – Applying the German coal phase-out as a blueprintLand Use Policy10.1016/j.landusepol.2024.107363147(107363)Online publication date: Dec-2024
https://doi.org/10.1016/j.landusepol.2024.107363
Barbosa J(2024)Cybersecurity and Cyber Defense in the ClassroomInternational Joint Conferences10.1007/978-3-031-75016-8_27(288-297)Online publication date: 16-Nov-2024
https://doi.org/10.1007/978-3-031-75016-8_27
Briones Delgado ARicci SChatzopoulou ACegan JDzurenda PKoutoudis I(2023)Enhancing Cybersecurity Education in Europe: The REWIRE’s Course Selection MethodologyProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605091(1-7)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3605091
Stepney OAllison JDoyle MStephenson BDorn BSoh LBattestilli L(2023)Cyber Security in English Secondary Education CurriculaProceedings of the 54th ACM Technical Symposium on Computer Science Education V. 110.1145/3545945.3569758(193-199)Online publication date: 2-Mar-2023
https://dl.acm.org/doi/10.1145/3545945.3569758
Allison J(2023)Devising a cyber security management module through integrated course designJournal of Further and Higher Education10.1080/0309877X.2023.225072947:10(1389-1403)Online publication date: 8-Sep-2023
https://doi.org/10.1080/0309877X.2023.2250729
Paynter MSharpe WHalabi AReimers VMa HJohnstone C(2023)Chinese students’ decisions to study in Australia after the COVID pandemic-based on the PESTLE factor analysisInternational Journal of Intercultural Relations10.1016/j.ijintrel.2023.10186796(101867)Online publication date: Sep-2023
https://doi.org/10.1016/j.ijintrel.2023.101867

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents