Participants Prefer Technical Hands-on Cyber Exercises Instead of Organisational and Societal Ones




cybersecurity, cyber range, cyber exercise, capture-the-flag, skills


The current shortage of cybersecurity professionals is about 2 million people worldwide, and in Europe the industry is seeking for about 350 000 skilled professionals. There is also an enormous need for dedicated cybersecurity training courses for existing professionals who wish to acquire completely new skills or maintain their current ones. Due to the lack of new skilled workforce, the current cybersecurity personnel are overworked in their work. In order not to waste the valuable time of cybersecurity professionals with unnecessary training, cyber exercises should be well prepared. This article is based on research conducted in a European collaborative project and more specifically, a cyber exercise organised in early 2022. The purpose of our research was to conduct a preliminary assessment of the participants to learn about their skills and expectations before the cyber exercise. This assessment was used for fine-tuning the exercise. To achieve this, we identified common trends in the participants’ interests during the cyber exercise. The preliminary assessment was carried out as a web survey. The responses were cross tabulated to find meaningful indicators related to skills and interests of the participant group. We identified the most and least preferred knowledge areas for both the industry and public sector participants. Our findings show that the most interesting knowledge areas of all respondents were primarily technical in nature (Data Security, Connection Security, System Security), but Organisational Security was also reported.  The least interesting knowledge areas were mostly non-technical in nature (Human Security, Organisational Security, Societal Security) but also Component Security was reported. We also enquired about the preferred team size. The majority of the respondents preferred a team size of three to four persons. The preferred single session duration was 4660 minutes. The results help cybersecurity professionals to match their knowledge needs with the existing cybersecurity proposition and to determine the right and most beneficial training for them. The results also assist the providers of cyber training and other exercises to describe the targeted development of specific cybersecurity and other knowhow in a coherent, standard-like, way.

Author Biographies

Jani Päijänen, JAMK University of Applied Sciences

Jani Päijänen works as a Senior Advisor at the Institute of Information Technology of JAMK University of Applied Sciences. His has industry background in delivering consultancy for clients in Project Management, Information Technology, and Software Development.

Jarno Salonen, VTT Technical Research Centre of Finland

Jarno Salonen is a Senior Scientist in the Industrial cybersecurity team at VTT Technical Research Centre of Finland. He has a professional background of over 20 years in making the digital world a better place for ordinary users especially in the areas of resilience, cybersecurity, privacy and development of user-friendly and secure electronic services.

Anni Karinsalo, VTT Technical Research Centre of Finland

Ms. Anni Karinsalo is working as a Senior Scientist in the Applied Cryptography team at VTT Technical Research Centre of Finland. She has experience in various fields of cybersecurity, such as distributed ledgers, privacy and post-quantum cryptography.

Tuomo Sipola, JAMK University of Applied Sciences

Tuomo Sipola works as a senior researcher at the Institute of Information Technology at JAMK University of Applied Sciences, Jyväskylä, Finland. He completed his PhD in mathematical information technology (University of Jyväskylä) in 2013. He has worked as a researcher and has held CEO duties. His interests include machine learning and data analytics in cybersecurity.

Tero Kokkonen, JAMK University of Applied Sciences

Dr. Tero Kokkonen works as the director of the Institute of Information Technology of JAMK University of Applied Sciences. He has significantly conducted research and development activities in the domain of cyber security and artificial intelligence including several international scientific publications. Tero is the Adjunct Professor in the Faculty of Information Technology at the University of Jyväskylä.