What Vulnerability Assessment and Management Cybersecurity Professionals Think Their Future Colleagues Need to Know: (Abstract Only)

There is a growing need for cybersecurity professionals with the knowledge, skills, and abilities (KSAs) necessary for risk and vulnerability analysis. Cybersecurity curricula should emphasize KSAs most important in cyber work. To determine which KSAs should be prioritized in curricula, we interviewed 38 cyber professionals with a specialty in vulnerability assessment and management. Interviews took place at the premier hacking conferences Black Hat and DEF CON in 2016 and 2017. Participants rated the importance of 31 KSAs taken from the National Initiative for Cybersecurity Education's Cybersecurity Workforce Framework. Of the 31 KSAs, 12 were rated as being significantly important to vulnerability assessment and management work. Half of these KSAs dealt with system and application vulnerabilities (e.g., Skills in conducting vulnerability scans and recognizing vulnerabilities). The other 6 most important KSAs concerned attacks (e.g., Knowledge of different classes of attacks), penetration testing (e.g., Skill in the use of penetration testing tools and techniques), and network protocols (e.g., Knowledge of network protocols). Overall, results suggest that vulnerability assessment students should graduate with: 1) knowledge of and skills in identifying vulnerabilities and robustness of systems and applications; 2) conceptual familiarity with classes of attacks and attack stages; 3) knowledge of and skills in penetration testing principles and tools, and 4) knowledge of network traffic and network protocols. Handouts will be provided.