Top 10
Abilities
Top 10 Abilities (Top10A) is an initiative designed to expedite the development of cybersecurity talent and capabilities with the focus of establishing an international standard for the assessment of those observable abilities that underpin key job roles in the cybersecurity domain.
About
Top10A
TOP10A aims to provide a quick win and immediate answers to employers who try to understand if a specific person is able to carry out a specific job.
Rather than focusing on any required academic qualifications and industry certifications, Top10A places great emphasis on “Observable, Measurable Abilities” which can be assessed hands on through realistic simulation scenarios covering typical job-specific tasks.
Why
Top10A
Conceptualized and developed to provide a more manageable subset of core abilities for each key profession in the cybersecurity domain, Top10A aims to define a list of top 10 abilities for job roles without replacing or undermining traditional competency frameworks.
In fact, abilities as rising from practice and situational experiences, are themselves a key component of Competence, defined as Knowledge, Skills, Abilities (KSA).
Top10A
Pilot Programme
The Top10A Pilot Programme is a non-commercial initiative that aims to assess the feasibility and effectiveness of the selection and recruitment process of cybersecurity professionals based on the focus of selected job-specific abilities.
The Programme is addressed to employers (managers, team leaders, CISOs, HR specialists) and Search & Selection companies that work in the cybersecurity field, and is open to individual cybersecurity professionals.
Contributing
to Top10A
Top10A is open to all organizations, both public and private sector, that are interested in identifying and developing employable cybersecurity competence, i.e. talent that is effective in the workplace from day one.
Top10A activities are pre-commercial and non-competitive, and research activities are self-governed and self-sustained by the participating organizations. Interested in contributing?
About Top10A
In 2020, CYBER RANGES, together with the European Cybersecurity Organisation (ECSO), Cyber Security Malaysia, and private organizations, supported the launch of ‘Top 10 Abilities’ (Top10A), an international initiative aimed at assessing observable, measurable abilities essential to key job roles in the cybersecurity industry.
Top10A focuses on a more manageable subset of core abilities for each job role, emphasizing the top 10 observable, measurable abilities that will give employers reasonable assurance on a candidate’s role suitability and employability. This approach does not, nor aims to, replace existing competency frameworks but complements them by assessing observable abilities through realistic scenarios that simulate typical job-specific tasks.
The mission of the Top10A Initiative is to provide an international standard for the assessment of observable abilities that underpin key job roles in the cybersecurity industry.
Why Top10A?
Cyber resilience programs increasingly depend on the adaptability, responsiveness and recovery capabilities of an organization’s workforce.
Reliance on industry certifications, traditional classroom training, and reactive learning pathways offer little success in tackling the speed and sophistication of emerging cyber threats. As shown by industry analysts (e.g. Osterman), organizations are losing confidence in certifications alone. Also, such analysts point to the lack of cohesive, effective assessment frameworks.
Today, many companies remain unaware of their teams’ true preparedness against cyber attacks. GARTNER predicts that by 2025 lack of talent or human failure will be responsible for over half of significant cyber incidents. And increasingly threat actors see humans as the Weakest Link, the most vulnerable point of exploitation.
In response to this, the Top10A Initiative aims to:
- Define a list of Top 10 abilities for different security job roles. CISOs can benefit from understanding how others are structuring their teams and at what capacity
- Define a list of recommended experiential scenarios which can be used to assess those job-specific abilities.
Top10A focuses on the top 10 observable, measurable abilities that will give employers and recruiters reasonable assurance on the suitability and fit of a person for a specific job role. Hence his/her employability.
Top10A consists of a portfolio of self-sustainable, crowd-sourced, self-governed activities that unite cybersecurity practitioners all over the world, inviting anyone interested to contribute to the development of this global cybersecurity workforce initiative.
The Top10A Pilot Programme is a non-commercial initiative that aims to assess the feasibility and effectiveness of the selection and recruitment process of cybersecurity professionals based on the focus of selected job-specific abilities.
Target
Audience
The Programme is addressed to Employers (managers, team leaders, CISOs, HR specialists) and Recruiters / Search and Selection companies in the cybersecurity field. Both organizations and individuals are invited to join the initiative.
Participating organizations agree to register as Top10A initiative supporters, with a point of contact for media communications and another as a subject matter expert. Individual cybersecurity professionals interested in participating will be recognized with CPE credits and a dedicated Accredible-based Top10A digital badge.
Evaluation
Methods
The Top10A Pilot Programme will employ a combination of quantitative and qualitative evaluation methods including participant feedback surveys, stakeholder interviews, and impact assessments.
Data collected will be analyzed to assess the programme’s effectiveness and to inform future
iterations and potential scaling.
Pilot
Activities
The Programme includes on and offline events, with access to the next-gen CYBER RANGES simulation-based service for cybersecurity workforce development and capability validation. Activities entail: research, short surveys, exercises and tests, after-action analytics review, webinars to discuss trial results, ways forward.
Trials last 1 month and can be public or private. If private, participants agree that some degree of disclosure is granted against result anonymization. Each organization participating in a trial will take care of its own costs. All pilots will abide by GDPR.
Collaboration &
Partnerships
The success of the Top10A Pilot Programme will depend on strong collaborations and partnerships, engaging public-sector organizations and corporate entities.
The Programme is valuable for organizations looking to try a next-gen cyber range-approach to quickly identify and qualify suitable candidates to add to their workforce or to design career progression pathways for better cyber resilience
development.
Interested in participating? Fill out the form and we’ll be in touch.
Join the Top10A initiative by registering interest in the Pilot Programme. For more information, please email us at:
top10abilities@cyberranges.com
Contributing to Top10A?
Top10A is open to all organizations, both public and private sector, that are interested in identifying and developing employable cybersecurity competence, i.e. talent that is effective in the workplace from day one.
Top10A supporting organizations will be able to join forces with like-minded industry experts. Top10A activities are carried out through outreach communications, workshops, questionnaires and interviews, case studies, pilot tests, and beyond. Results will be regularly presented to the Top10A stakeholders’ community.
Research activities are self-governed and self-sustained by the participating organizations.
Organizations willing to participate in Top10A activities are only requested to accept listing on the Top10A website and appoint a Sponsor Point of Contact with some experience of industry committee life and work.
Top10A activities are pre-commercial, non-competitive: all participants are kindly
requested to abide by professional ethics and conduct. Any conflict of interest should be declared when joining the Top10A Initiative or on participating in the intended pilots and
surveys.
Join the Top10A initiative by registering interest in the Pilot Programme. For more information, please email us at:
top10abilities@cyberranges.com
Contributing to Top10A?
Top10A is open to all organizations, both public and private sector, that are interested in identifying and developing employable cybersecurity competence, i.e. talent that is effective in the workplace from day one.
Top10A supporting organizations will be able to join forces with like-minded industry experts. Top10A activities are carried out through outreach communications, workshops, questionnaires and interviews, case studies, pilot tests, and beyond. Results will be regularly presented to the Top10A stakeholders’ community.
Research activities are self-governed and self-sustained by the participating organizations.
Organizations willing to participate in Top10A activities are only requested to accept listing on the Top10A website and appoint a Sponsor Point of Contact with some experience of industry committee life and work.
Top10A activities are pre-commercial, non-competitive: all participants are kindly requested to abide by professional ethics and conduct. Any conflict of interest should be declared when joining the Top10A Initiative or on participating in the intended pilots and surveys