This white paper sponsored by the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security, and authored by the Software Engineering Institute at Carnegie Mellon, is the summary results from exploration into the state of cybersecurity job roles essential to protect and defend in cyberspace. The desired outcome is to identify the skills and abilities needed for future cyber workforce, determine which are critical, and leverage the findings to better scope training and outreach initiatives.
Numerous reports highlight the growing need for cybersecurity talent. Some estimates even forecast a shortage of nearly three million qualified professionals over the next two years.
To prepare for this challenge it is necessary to train future talent in this field. However, the breadth of cybersecurity is so wide that it is difficult to know exactly what to include within a curriculum. It is necessary to take a holistic review of a diverse set of cybersecurity reports, studies, and resources to better pinpoint these needs.
Analyzing workforce surveys, threat reports, service offerings, open job postings, applicable regulations, and emerging technologies will help identify the needed Knowledge, Skills, and Abilities (KSAs). Using the NICE Cybersecurity Workforce Framework (NICE Framework), we can then determine Work Roles and generate a list of cybersecurity jobs needed to close the workforce gap.