| Abstract [eng] |
The growing number of security threats requires more sophisticated ways to protect IT infrastructure and systems. However, technical meas-ures do not provide adequate protection and must be combined with sociological solutions and skills. Knowledge and competence in the field of cybersecurity are one of key factors that allow increasing cybersecu-rity assurance in an organization, therefore, education of regular users as well as security professionals must be of high priority. The education process has its lifecycle and includes knowledge and competence as-sessment. When the cybersecurity competence assessment is finished, then the selection of corresponding learning material content can be made. Such a way of education increases its quality and reduces the time used for learning. On the other hand, the knowledge and competence demonstrated during the assessment depends on the type of assess-ment method as well as social-psychological aspects such as emotional environment, stress, motivation, etc. Gathered data about the dominant characteristics and risks of cybersecurity specialists or regular users makes it easier to select the corresponding competence assessment method. The goal of this research was to make the analysis of cyber-security competence assessment methods based on data collected us-ing questionaries, interviews, and observations. Educational and social-psychological aspects are included in the datasets. Also, the adaptive mapping of cybersecurity competence assessment methods was pro-posed based on the following data: user profile, experience, technical background, stress, emotional robustness, and motivation. Moreover, Bloom’s taxonomy was used for mapping cybersecurity competence assessment methods. It helps to understand the relation between the competence model and assessment methods as well as complements cybersecurity training programs. |
