American Flag  Official website of the Department of Homeland Security


What is Professionalization?

“Professionalization” is a term used to set some occupations apart from others. “Professions” have a certain character or status that set them apart from mere “jobs,” and typically require that individuals within the profession have met established educational, legal, or other recognized standards for the field (e.g., licensure). For example, medicine is a highly professionalized field, with recognized educational, experience, and licensing requirements placed on individuals before they can legally practice as a doctor, nurse, physician’s assistant, and similar highly skilled positions within the field. Law, education, and accounting also have recognized professional standards which define each profession.                                                           

To professionalize an industry, licensing and certification bodies, or professional associations often set training, education, and ethical guidelines. 

What is the impact of Professionalization?

Professionalization has an impact on organizations, employees and academic intuitions. Professionalization guides formal education and curriculum requirements that academic institutions develop to best prepare their students. Upon completion, these students then possess the requisite skills and abilities to successfully perform specialized roles within private or public organizations. This framework establishes uniformity within a specific profession. A recent paper offers insight into how occupations become professions: A Historical Overview of How Occupations Become Professions.

Is cybersecurity ready for Professionalization?

Cybersecurity is a term that encompasses a broad field of work—a field that is in the midst of rapid growth and development.  What began as an offshoot of IT and security functions is currently evolving into a robust and diverse group of jobs. The individuals in the cybersecurity field have reached the point of asking,

  • Is cybersecurity ready to be professionalized across the nation? 
  • Which jobs within the cybersecurity field should be professionalized and to what degree?
  • Should the federal government lead this effort single handedly?

To learn more, read a recent white paper developed by the National Initiative for Cybersecurity Education (NICE) that outlines A Path Towards Cybersecurity Professionalization.

What is the role of NICE in cybersecurity professionalization?

As the nature of cybersecurity work is further defined, NICE is exploring the merits of professionalizing some cybersecurity roles. Through the Department of Homeland Security (DHS), NICE co-sponsored a study conducted by the National Academy of Science(NAS) titled, Professionalizing the Nation’s Cybersecurity Workforce: Criteria for Future Decision-Making The NAS committee members consisted of distinguished members of academia and the private sector.

In the report, the NAS committee had several conclusions.   One conclusion in particular found that occupations comprising the field of cybersecurity may not have yet sufficiently crystallized into specific professions.

In other words, the field as a whole must continue to define the parameters of the work and requirements of the worker. This will provide a solid foundation of understanding before embarking upon professionalization.

What does this mean for you?

While the NAS conclusions indicate professionalization is premature, there are clear ways we can continue to structure and define this evolving field:

  • Human Capital Professionals – learn about and use of the NICE Framework and related tools to help define the occupations within your own cybersecurity workforces.
  • Academic Institutions – help link the knowledge and skill frameworks with curricula that prepare cybersecurity learners to join the workforce.
  • Current Cybersecurity Professionals – contribute your expertise to help establish a common lexicon for cybersecurity and help Human Capital professionals and educators understand exactly what is required to perform the range of cybersecurity jobs—both now and into the future.

Want to learn more about the NAS study conclusions?  Visit the NAS site to download the full report.