National Occupational Standard for the Cybersecurity Workforce

Cybersecurity is defined as the protection of digital information, as well as the integrity of the infrastructure housing and transmitting digital information. More specifically, cybersecurity includes the body of technologies, processes, practices and response and mitigation measures designed to protect networks, computers, programs and data from attack, damage or unauthorized access so as to ensure confidentiality, integrity and availability. However, despite the internet and connected computing being around for over two decades, cybersecurity remains an emerging and evolving field of work. As such, the work has not been well defined in occupational terms and cybersecurity work is often conflated with other organizational roles. Accordingly, the NOS defines primary cybersecurity work as distinct from other occupations in information technology, security, business management, or public administration. Cybersecurity is not, however, just about technical systems, it’s also about people, their behaviour and how they connect and engage with those systems. 

The value of effective cybersecurity and the services and products supported by the cybersecurity professional cannot be overstated. Cybersecurity work is achieving visibility across the globe as a critical and enduring career within the digital economy. In Canada, for instance:

• Our reliance on information and data systems has increased exponentially over the past decade as organizations digitize their operations and move to an online presence. This requires professionals who can design, build, implement and maintain safe, secure and reliable information systems that can support a variety of business, operational and personal needs, and which facilitates compliance with cybersecurity and privacy laws.
• Canadian citizens have become more aware of their Privacy rights and are increasingly concerned about how their personal data is protected by organizations. This requires experts in both online security and privacy who can advise on the various national and international standards, develop policies, identify requirements and support monitoring to better protect the privacy of Canadians.
• Cybercrime is an ever-increasing threat. With technology either as a target that can be exploited or a tool that can be used to commit other criminal acts such as theft, fraud, sexual harassment and child exploitation, cybersecurity and protective services are critical to protecting Canadians. This requires expertise to support detection and response to cyber threats as well as those who will investigate and collect digital evidence that can be used in improving protections and, when required, prosecuting offenders.