National Occupational Standard for Cybersecurity

Occupational standards describe what an individual in a particular occupation must know and be able to do to be considered ‘capable’ in the occupation. These requirements are defined in terms of competencies, including knowledge, skills and abilities (KSAs), required to the related work effectively, safely and properly. Occupational standards provide the benchmark for competent performance in the workplace as agreed to by a representative sample of workers, employers and other stakeholders. Occupational standards may also include or be driven by other external requirements such as legal or policy compliance. In the case of cybersecurity, it serves another purpose. Cybersecurity is a relatively new and emerging field of work where various work roles have been conflated within the domain. Accordingly, there is a need to define primary cybersecurity work as distinct from other occupations in information technology, security, business management, or public administration. To address this, in 2020, TECHNATION published the Cybersecurity National Occupational Standard (NOS). The development of the NOS leveraged the research related to the Canadian Cybersecurity Skills Framework. It also included relevant NOC review, labour market analyses, job analyses, and subject matter expert interviews. A draft NOS was then submitted to Employment and Social Development Canada (ESCD) for initial review, which then the ESCD supported via funding the project. It was then sent to the Cybersecurity Talent Alliance (CTA) for review and approval prior to sending it for social collaborative review within the cybersecurity workforce development community and the LinkedIn Canadian Cybersecurity Network. A key goal for this project was to move the NOS to a sustainable review model, which led to TECHNATION submitting the NOS to transition to a National Standard of Canada.