Enhancement of professional training and occupational certification systems for information security and cyber defense is an ongoing task to strengthen Ukraine’s cyber resilience, said Oleksandr Potii, SSSCIP Deputy Chairman, in his speech at the Kyiv International Cybersecurity Forum.

He pointed out that russia’s full-scale invasion of Ukraine was preceded by a series of cyberattacks on public institutions, banks and other institutions, critical infrastructure, etc. Our country has actually become a testing ground for russian cyber operations, having gained considerable experience in addressing hostile attacks in cyberspace. However, considering the upward trend in those attacks, Ukraine is facing a shortage of qualified cybersecurity personnel. One of the basic ways to resolve this issue is creating a professional training and occupational certification system in line with the occupational standards in place.

“Only two cybersecurity-related occupations existed prior to 2021 and those were too few to respond to the contemporary reality of cyberspace-based information confrontation. This is why the SSCPIP is currently establishing the National Qualifications Framework for Cybersecurity of Ukraine, with 27 modern occupations added to the National Occupational Classifier in 2021–2023. Besides, the SSSCIP-led taskforces designed 21 occupational standards in the sector in 2023–2024. Those standards take into account the needs of IT and IT security labor market,” underlined Oleksandr Potii, the SSSCIP Deputy Chairman.

The creation of the National Qualifications Framework for Cybersecurity is a complex task for the government that requires immediate organizational and legal action by all the executive authorities as well as by the entire society.

The SSSCIP organized the design and implementation of the National Qualifications Framework for Cybersecurity in five steps as follows:

• the first step of its implementation was taken in 2022–2023, when 27 new cybersecurity-related occupations were added to the National Occupational Classifier under SC-003:2010;
• the second step is to draft relevant occupational standards, with 21 cybersecurity-related standards already in place as of January 2024;
• the third step is to establish appropriate qualification centers to certify professional skills in line with the professional qualifications;
• the fourth step is the integration of those occupational standards into the curricula of higher educational establishments;
• the fifth step is the creation of the National Qualifications Framework for Cybersecurity, i.e. the design and implementation of the qualifications framework itself, considering the established occupational categories (classified organizational structures with general basic occupational functions in cybersecurity), professional planes and corresponding qualifications, competencies, etc.

The Professional Standardization System and the National Qualifications Framework for Cybersecurity are being designed based on the implemented Cybersecurity Workforce Framework, USA (NICE NIST 800-801) and the European Cybersecurity Skills Framework/ECSF, ENISA. The National Qualifications Framework for Cybersecurity should account for actual labor market demands for competencies, while serving as a baseline for harmonizing the national legislation on higher education, social and labor relations to promote both national and international recognition of qualifications obtained in Ukraine and to build efficient coordination of all the areas of social development.

https://cip.gov.ua/en/news/stavka-na-osvitu-ukrayina-posilyuye-stiikist-u-kiberprostori-cherez-profesiinu-pidgotovku