Home > Research > Publications & Outputs > All that glitters is not gold

Electronic data

  • CO_COM-2016-08-0184.R1_Such

    Rights statement: ©2017 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

    Accepted author manuscript, 532 KB, PDF document

    Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License

Links

Text available via DOI:

View graph of relations

All that glitters is not gold: on the effectiveness of cyber security qualifications

Research output: Contribution to journalJournal article

Published

Standard

All that glitters is not gold : on the effectiveness of cyber security qualifications. / Knowles, William; Such, Jose M.; Gouglidis, Antonios; Misra, Gaurav; Rashid, Awais.

In: IEEE Computer, Vol. 50, No. 12, 12.2017, p. 60-71.

Research output: Contribution to journalJournal article

Harvard

APA

Vancouver

Author

Bibtex

@article{254f8de8352846cab9a5f33767f8dc89,
title = "All that glitters is not gold: on the effectiveness of cyber security qualifications",
abstract = "There has been a proliferation of industry-focused cyber security qualifications, which use different techniques to assess the competencies of cyber security professionals and certify them to employers. There is, however, a lingering question about these qualifications: do they effectively assess the competencies of cyber security professionals? 74 cyber security qualifications were analysed to determine how competency assessment is performed in practice, and five distinct techniques were identified together with the frequency of their use within qualifications. These techniques formed the basis of a large-scale survey of the perceptions of 153 industry stakeholders on the effectiveness of individual techniques and their cost-effectiveness as combinations. Despite a perceived low effectiveness of Multiple Choice Examinations, industry qualifications were found to rely on it heavily, often as a sole technique, and few qualifications utilised the cost-effective combinations identified by stakeholders.",
author = "William Knowles and Such, {Jose M.} and Antonios Gouglidis and Gaurav Misra and Awais Rashid",
note = "{\circledC}2017 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.",
year = "2017",
month = "12",
doi = "10.1109/MC.2017.4451226",
language = "English",
volume = "50",
pages = "60--71",
journal = "Computer",
issn = "0018-9162",
publisher = "IEEE COMPUTER SOC",
number = "12",

}

RIS

TY - JOUR

T1 - All that glitters is not gold

T2 - on the effectiveness of cyber security qualifications

AU - Knowles, William

AU - Such, Jose M.

AU - Gouglidis, Antonios

AU - Misra, Gaurav

AU - Rashid, Awais

N1 - ©2017 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

PY - 2017/12

Y1 - 2017/12

N2 - There has been a proliferation of industry-focused cyber security qualifications, which use different techniques to assess the competencies of cyber security professionals and certify them to employers. There is, however, a lingering question about these qualifications: do they effectively assess the competencies of cyber security professionals? 74 cyber security qualifications were analysed to determine how competency assessment is performed in practice, and five distinct techniques were identified together with the frequency of their use within qualifications. These techniques formed the basis of a large-scale survey of the perceptions of 153 industry stakeholders on the effectiveness of individual techniques and their cost-effectiveness as combinations. Despite a perceived low effectiveness of Multiple Choice Examinations, industry qualifications were found to rely on it heavily, often as a sole technique, and few qualifications utilised the cost-effective combinations identified by stakeholders.

AB - There has been a proliferation of industry-focused cyber security qualifications, which use different techniques to assess the competencies of cyber security professionals and certify them to employers. There is, however, a lingering question about these qualifications: do they effectively assess the competencies of cyber security professionals? 74 cyber security qualifications were analysed to determine how competency assessment is performed in practice, and five distinct techniques were identified together with the frequency of their use within qualifications. These techniques formed the basis of a large-scale survey of the perceptions of 153 industry stakeholders on the effectiveness of individual techniques and their cost-effectiveness as combinations. Despite a perceived low effectiveness of Multiple Choice Examinations, industry qualifications were found to rely on it heavily, often as a sole technique, and few qualifications utilised the cost-effective combinations identified by stakeholders.

U2 - 10.1109/MC.2017.4451226

DO - 10.1109/MC.2017.4451226

M3 - Journal article

VL - 50

SP - 60

EP - 71

JO - Computer

JF - Computer

SN - 0018-9162

IS - 12

ER -