If you missed the earlier blogs and don’t know what CyBOK is – Chris Ensor laid out how the Cyber Security Body of Knowledge project (CyBOK) would codify the knowledge which underpins the cyber security profession, and Michael K spoke about how the cyber security community could contribute to the development of the scope document.
For this blog, I thought it worth taking a few minutes to explain what the outcomes from the first consultation phase were, what is happening next and, really, really importantly, to encourage you to keep your eyes peeled because there are plenty of opportunities for you to continue to contribute to the project.
First of all thank you to everyone who to the time (at short notice!) and contributed to make Phase 1 of the initiative such a success. This phase is now closed, and the latest version of the scoping document is live on the CyBOK website.
Consultation feedback summary
Happily, there was broad consensus that the initial scope document gave comprehensive coverage of the core topics, as well as a good summary of cyber security. So, while none of the 19 Knowledge Areas (KAs) were removed or added to, the input received allowed each of the topics under the KAs to be refined. As a bonus, KA descriptions and associated terminology were amended.
The diagram below summarises the CyBOK scope – 19 Knowledge Areas, categorised into five broad groupings*
What’s happening next?
The consortium leading the project will be appointing leading international experts to begin writing the content of the KAs with a supporting review panel. We expect draft Knowledge Areas to be available for review and consultation online as early as February 2018. As before there will be the opportunity for people to be involved and provide input to this work, through follow-up consultations.
The first three KAs anticipated are; Cryptography, Human Factors and Software Security.
If the academic consortium is drafting the KAs, what will the NCSC be doing?
The NCSC’s role is to start promoting the uptake and use of the CyBOK. Primarily, we are planning to use our schemes and services such as the certified degrees, CyberFirst and apprenticeships. We will be supporting this with wider consultation amongst academia, government and industry. As Chris indicated in Building the Cyber Security Body of Knowledge, we’re expecting the CyBOK to enable the UK to focus learning pathways, professional development and careers information for cyber security. Once we’ve done some work, and learnt some lessons, we will be reaching out to relevant sections of academia, government and industry, inviting them to consider how they too could promote the uptake and use of the CyBOK.
How can I get involved?
Please keep an eye on the CyBOK website for further updates and opportunities to get involved. We’ll flag engagement opportunities through our website and Twitter. If there is anything else you’d like to know about the project, we’d encourage you to get in touch with us or contact the consortium team directly via contact@cybok.org.
Mel F
NCSC Project Manager
*The consortium notes that other possible categorisations of these KAs may be equally valid. Nor are the categories necessarily orthogonal.
Source: National Cyber Security Centre