Skip to main content
Search by keyword

The European Cybersecurity Skills Framework (ECSF) is a new tool developed by ENISA and an Ad-hoc working group in order to enhance and promote harmonisation in the ecosystem of cybersecurity education, training, and workforce development, and to build a single European vocabulary for cybersecurity skills and roles.

The ECSF intends to build a consistent understanding of the roles, abilities, skills, and knowledge utilised by and for individuals, businesses, and training providers throughout EU Member States, in order to solve the cybersecurity skills shortage in Europe, as highlighted by the recent ENISA publication "Addressing Skills Shortage and Gap Through Higher Education".

The ECSF Role Profiles

The ECSF role profiles handbook outlines 12 standard role profiles for cybersecurity professionals, complete with designated designations, objectives, responsibilities, aptitudes, expertise, and proficiencies. As well as a a link to the e-CF Explorer Self assessment tool.

This framework primarily aims to establish a shared comprehension among individuals, employers, and educational program providers throughout EU Member States. It stands as a valuable instrument for bridging the divide between the cybersecurity professional realm and educational settings.

Moreover, the framework facilitates the development of training programs related to cybersecurity. Backed by a user-friendly manual that serves as a practical companion with illustrative examples and real-world cases, the framework offers insight into its versatile applications.

Digital skills resource details

Target audience
Digital skills for ICT professionals and other digital experts.
Digital technology / specialisation
Geographic scope - Country
Industry - field of education and training
Information and Communication Technologies (ICTs) not further defined
Software and applications development and analysis
Security services not further defined
Target language
Geographical sphere
EU institutional initiative

Skills framework as guidelines for professions in cybersecurity

Skills resource type
Training curricula