We believe using a consistent workforce framework for cyber security will have a tremendous impact on the workforce shortage in our sector. It will help create a common understanding of typical cyber security roles as well as the knowledge, skills and abilities that underpin them.

A common workforce framework will:

  • Help people to better understand the work opportunities in cyber security.
  • Allow educators and governments to design better programs and initiatives to attract, train and retain workers to the sector.
  • Support industry to identify future talent more easily.


NICE logo

Internationally, there are a number of workforce frameworks for cyber security. We believe the National Initiative for Cybersecurity Education (NICE) Workforce Framework is the best and most detailed breakdown of cyber security work roles.

The NICE Framework includes:

  • 7 categories of work – A high-level grouping of common cyber security functions.
  • 33 specialty areas – Distinct areas of cyber security work.
  • 52 work roles – The most detailed groupings of cyber security work comprised of specific knowledge, skills, and abilities required to perform tasks in a work role.
  • Tasks – Specific work activities that could be assigned to a professional working in one of the NCWF’s work roles.
  • Knowledge, skills and abilities (KSAs) – skills needed to perform tasks, usually demonstrated through relevant experience or performance-based education and training.

The NICE framework gives us a common way of thinking and talking about the cyber security workforce. It is a great resource for people looking to pursue a career in cyber security.

We have developed an interactive dashboard of the NICE framework to help people interested in exploring the various technical and non-technical work roles in the cyber security sector.