Bit by bit - Information Security broken down into Learning Units
What is required by information security professionals in SMEs? Which competences are absolutely necessary, which are are more important in large corporations? Throughout a series of expert interviews, the project group identfied 13 fields which encapsule different competence domains of an information security officer. Based on these fields, learning units can be generated which allow learners to acquire all relevant competences to implement foundational security measures in SMEs.
Building upon the competences mentioned by the experts, it becomes quit clear that social competences represent a very central aspects of successfull information security professionals. Meanwhile a wide range of technical competences is necessary to master, both in the field of legal aspects and in the domain of ICT, social and selfcompetences are seen as a prerequisuit for employers. Meanwhile the former can be tought, specific attitudes and motivational aspects which come along the work in a firm with other employees are valuable assets which prove to be mandatory in case of critical situations.
Built upon this finding, following a procedural approach, tasks could be clustered into learning units, covering the whole range of information security responsbilities and underlying them with core specific competences. These units can be used for educational purposes, be it existing employees in the firm which are seeking to assume new responsibilities, students in university who seek to improve their employability or other groups of learners looking for requalification. Further, professionals without formal qualification, e. g. from vocational or higher education providers, can use these units as benchmarks for their own profficiency.
