Canadian Cybersecurity Workforce
Development Initiative

The Talent Gap and Opportunity

An additional 1.8 million cybersecurity professionals will be needed to accommodate the predicted global shortfall by 2022 (Source: 2017 Global Information Security Workforce Study). In Canada the growth in digital jobs has outpaced the overall economy in the last two years by over four to one, leading to a strong demand for 182,000 skilled IT workers by 2019. CyberSmart is focused on creating a multi-disciplinary talent pipeline founded on a workforce development model that embraces the private sector, public and private education systems (Elementary through to Post Secondary), as well as recruitment and immigration.

Canadian Cybersecurity Workforce Development Initiative

Cybersecurity education and training standards are required to guide workforce development efforts. These include digital literacy standards and graduation requirements for students in the elementary system as well as industry occupation standards to guide training and recruitment efforts. Additional capacity to train and conduct applied research is also required to ensure the Canadian and New Brunswick cybersecurity sector is highly skilled, innovative and globally competitive.

CyberNB has partnered with the University of New Brunswick’s Faculty of Education and the New Brunswick Department of Education and Early Childhood Development to identify and develop the digital literacy standards for both learners and teachers that will ensure New Brunswick produces the most digitally literate graduates in Canada. The digital literacy standards created by the International Society of Technology in Education (ISTE) as well as other such standards from around the world are being used to guide this work.

CyberNB also recognizes the value of a comprehensive industry workforce development framework to guide industry training as well as recruitment efforts. In the United States, the National Initiative on Cybersecurity Education (NICE) has created cybersecurity education standards and recently updated its Cyber Security Workforce Development Framework to guide that nation’s cybersecurity talent development efforts. The NICE framework is an excellent model for Canada and New Brunswick to emulate. New Brunswick is seeking a formal partnership with NICE with a view to porting that organizational framework to New Brunswick and adapting it for application in New Brunswick and across Canada.

In the near future the CyberNB website will be amended to reflect the Canadian version of the NICE framework. In the interim, following is an overview of what the NICE framework contains and why it is a world class cybersecurity workforce development model. The NICE framework describes the cybersecurity workforce regardless of whether it is public, private or academic organizations. It defines the cybersecurity workforce using common, standardized labels and definitions that supports consistent organizational and sector communication for cybersecurity education, training and workforce development.

It provides organizations with a common, consistent lexicon that categorizes and describes cybersecurity work by:

  • Category – A high-level grouping of common cybersecurity functions
  • Specialty Area – Represent an area of concentrated work, or function, within cybersecurity and related work , and
  • Work Role – Detailed groupings of cybersecurity and related work, which include a list of attributes required to perform that role in the form of a list of knowledge, skills, and abilities (KSAs) and a list of tasks performed in that role

Organizations can reference the Framework for different aspects of workforce development, education and/or training purposes and customize to meet their own organizational needs. It is a resource that will strengthen an organization’s ability to communicate consistently and clearly about cybersecurity work and its cybersecurity workforce. Organizations can develop additional publications or tools that meet their needs to define or provide guidance on different aspects of workforce development, planning, training, and education.

The framework is beneficial to:

  • Employers – assists and helps define their cybersecurity workforce requirements, identifies critical gaps in cybersecurity staffing, and assists with the creation of position descriptions using consistent language;
  • Current and Future Cybersecurity workers – to understand the work roles and the tasks and associated knowledge, skills and abilities (KSAs) that are valued by employers for in-demand jobs and positions.   The framework is a useful tool for staffing specialists and guidance
  • Training and  certification providers – assisting current and future members of the cybersecurity workforce obtain the necessary KSAs
  • Education Providers – as a tool to assist with developing curriculum, certificate or degree programs, and research that cover the KSAs and Tasks
  • Technology Providers –  to identify cybersecurity Work Roles and specific Tasks and KSAs associated with services and hardware or software products they supply.

National Initiative for Cybersecurity Education (NICE) Workforce Development Framework

Securely Provision

Conceptualizes, designs, and builds secure information technology (IT) systems, with responsibility for aspects of systems and/or networks development.

Risk Management
Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization’s cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.

Software Development
Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assurance best practices.

Systems Architecture
Develops system concepts and works on the capabilities phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.

Technology R&D
Conducts technology assessment and integration processes; provides and supports a prototype capability and/or evaluates its utility.

Systems Requirements Planning
Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs.

Test and Evaluation
Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT.

Systems Development
Works on the development phases of the systems development life cycle.

Operate & Maintain

Provides the support, administration, and maintenance necessary to ensure effective and efficient information technology (IT) system performance and security

Data Administration
Develops and administers databases and/or data management systems that allow for the storage, query, and utilization of data.

Knowledge Management
Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content.

Customer Service and Technical Support
Addresses problems; installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support). Typically provides initial incident information to the Incident Response (IR) Specialty.


Network Services
Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor systems) and software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems.

Systems Administration
Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Also, manages accounts, firewalls, and patches. Responsible for access control, passwords, and account creation and administration.

Systems Analysis
Studies an organization’s current computer systems and procedures, and designs information systems solutions to help the organization operate more securely, efficiently, and effectively. Brings business and information technology (IT) together by understanding the needs and limitations of both.

Oversee & Govern

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

Legal Advice and Advocacy
Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain. Advocates legal and policy changes, and makes a case on behalf of client via a wide range of written and oral work products, including legal briefs and proceedings.

Training, Education, and Awareness
Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.

Cybersecurity Management
Oversees the cybersecurity program of an information system or network; including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.

Strategic Planning and Policy
Develops policies and plans and/or advocates for changes in policy that supports organizational cyberspace initiatives or required changes/enhancements.

Executive CyberLeadership
Supervises, manages, and/or leads work and workers performing cyber and cyber-related and/or cyber operations work.

Program/Project Management (PMA) and Acquisition
Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life-cycle.

Protect & Defend

Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks.

Cyber Defense Analysis
Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

Cyber Defense Infrastructure Support
Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities.

Incident Response
Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities.

Vulnerability Assessment and Management
Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations.


Performs highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

Threat Analysis
Identifies and assesses the capabilities and activities of cybersecurity criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.

Exploitation Analysis
Analyzes collected information to identify vulnerabilities and potential for exploitation.

All-Source Analysis
Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.

Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.

Language Analysis
Applies language, cultural, and technical expertise to support information collection, analysis, and other cybersecurity activities.

Collect & Operate

Provides specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.

Collection Operations
Executes collection using appropriate strategies and within the priorities established through the collection management process.

Cyber Operational Planning
Performs in-depth joint targeting and cybersecurity planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.

Cyber Operations                                                                                                                                                                                                                  

Performs activities to gather evidence on criminal or foreign intelligence entities to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support other intelligence activities.



Investigates cybersecurity events or crimes related to information technology (IT) systems, networks, and digital evidence.

Cyber Investigation
Applies tactics, techniques, and procedures for a full range of investigative tools and processes to include, but not limited to, interview and interrogation techniques, surveillance, counter surveillance, and surveillance detection, and appropriately balances the benefits of prosecution versus intelligence gathering.

Digital Forensics
Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation, and/or criminal, fraud, counterintelligence or law enforcement investigations.

Looking for more information on Certification and Cybersecurity Updates?