Cyber workforce gap is increasing and requires upskilling current workforce
Cybersecurity is one of the fastest-growing cross-sectoral fields. Cybersecurity workforce demand is very high and difficult to fulfill with competent professionals. The agile and changing cyber environment sets high requirements to continually raise workforce awareness, competence, and skillsets. Despite all education efforts, the cyber workforce gap is growing.
Educating students is not sufficient, we need to re-train and upskill current workforce and their management with professional training. Given the multidisciplinary nature of the challenge, no single actor alone can provide the solutions. It requires collaboration across the public and private sectors, and cover areas from technical to legal.
The Advanced Program Cyber Security and Governance covers the wide range of cybersecurity knowledge areas needed for organizations to orchestrate their cyber risk management and conduct their day-to-day risk mitigation and resilience activities and tasks.
The uniqueness of the program is that it combines the best practices of academia, public sector, and industry to meet the organization’s needs through a holistic and strategic approach, while offering a truly practitioner's foundation.
We organize this Advanced Program together with TILT. With contributions from: NCSC, RDI, DNB, TU Delft, Fox-IT, Microsoft, and the CISOs of ASML, Philips and Signify.
‘People think that cybersecurity is something that’s highly technical. Yes, some roles require deep technical expertise, but cybersecurity is a vast domain and making an organization cyber-resilient also requires generalist roles that need a broader skillset.’ ~ Bobby Ford, Chief Security Officer, Hewlett Packard Enterprises.
Industry background information
According to the WEF Future of Jobs 2023 report, cybersecurity is among the top strategic skills for the workforce. Yet, there is a shortage of 3.4 million cybersecurity experts to support today’s global economy. This number is only expected to grow as the impact of emerging technologies is felt across organizations. Despite efforts to close the workforce gap, the (ISC)² Cybersecurity workforce study 2022 shows that though the number of cybersecurity professionals in EMEA grew with almost 12%, the cybersecurity workforce gap has grown more than twice as much as the workforce itself.
What makes this course unique?
- The Advanced Program Cyber Security and Governance is a multi-disciplinary course, covering the full spectrum of cyber security principles, cyber risk management and oversight, cyber law and governance, and cyber incident preparedness and response.
- This program is aimed at managers and future leaders so they can set guidelines and standards within their organizations, organize processes and coordinate resources and convey their knowledge into the rest of the organization. It allows an organization to boost its cyber maturity by offering actionable insights in all relevant areas.
- The program is co-hosted by corporate CISOs with experience at companies like ASML, Philips, and Signify, ensuring its grounding in practical insights.
- Each course day is divided into four teaching sessions including practical exercises or case studies.
- An important benefit of the course is the exchange of experiences and networking with the participants/lecturers.
People working in public and private organizations, big and small, responsible for decisions regarding cyber security, cyber risk management, cyber governance, legal coordination or cyber incident preparedness and response, regardless of their discipline (cyber security, IT incident management, legal, crisis management).
The course does not require a specific technical background, but is aimed at participants with managerial responsibilities or ambitions (so above operations level).
The program consists of 5 days, with one module covered each day. These modules have the following main themes. To enhance your comprehension of these themes, we've included a selection of topics that are part of the theme. For a comprehensive overview of all the topics covered within a theme, please download the brochure.
- 29th of May - Module 1: Cybersecurity as a strategic enterprise-wide risk
- Cyber as business opportunity and business risk
- Asset management and risk appetite
- Threats, CTI, threat informed defense
- AI as cyber threat and defense
- 30th of May - Module 2: How can we mitigate the risk?
- Security frameworks, baselines, auditing and reporting
- Multi-vendor strategy
- Zero trust + cloud security
- Insights from research
- 31st of May - Module 3: What is our legal responsibility to manage and oversee cyber risk?
- Legal landscape, corporate responsibility
- Deep dive EU legal framework (NIS2, DORA, CRA)
- Reporting to Board, CISO role and responsibilities , attracting and retaining talent
- Supply chain risk
- 13th of June - Module 4: What can we expect from the institutions?
- Fireside chat with the regulators
- Deep dive incident reporting coordination
- How to cooperate with the NCSC, police, ENISA, what to expect
- How to cooperate with a CERT, ISAC, what to expect
- 14th of June - Module 5: Cyber incident preparedness & response
- Core elements of an Incident Response Plan
- Legal aspects of incident response, notification, reporting (GDPR, NIS2, DORA, SEC)
- Global incident response - deep dive in a real case
- Table-top exercise
Practical aspects: hotel stay recommended
The program is delivered at the TIAS campus in Tilburg. It is highly recommended for participants to stay on site for the duration of the course (three days and two days respectively). An important benefit of the course is the exchange of experiences and networking with the participants/lecturers. Social activities will be organized in the evenings to maximize this interaction. TIAS has access to favorable arrangements with the hotels in the area.