Building Information Security Capacities among SMEs

Firms across the EU are facing increasing risks regarding their Information Security. Outflow and loss of information or breaches in the security of the firm’s ICT architecture pose vital threats to businesses which take advantage of new digital technologies. However, complex technical and legal environments pose high demands onto Information Security experts, resulting in persistent scarcity of qualified personnel and mark-up salaries which SME’s are unable to provide.

The TeBeISi-project (“Partial Certification in the professional field of Information Security”) aims at increasing the availability of qualified personnel by making use of a partial certification approach. Partial certification allows both lateral entrants and new employees to self-assess their competences regarding an occupational profile, which is developed to specifically fulfill the needs of SMEs. With the help of an occupational profile and a corresponding curriculum, it can be determined which competences a firm is looking for and which capabilities a learner can already provide. The missing competences can then be trained, providing the firm with a resource-efficient and cost-effective possibility of building up own technical capacities.

The curriculum will be made available to social partners, VET-providers and educational institutions, allowing for the developments of courses which are based on local demand, meanwhile providing transparency by following standardised content, making learning-outcomes transparent and mobile across European sectors and borders.

Visualization of the TeBeISi-Approach. Grey: Current Market situation, Blue: Contribu-tion of the TeBeISi-Project, Green: Application of the project’s outcome in the context of Lifelong-Learning.