U.S. National Cyber Workforce and Education Strategy Published — July 31, 2023

Executive briefing: On 31 July 2023 the Biden-Harris Administration released the National Cyber Workforce and Education Strategy, detailing initiatives to close talent gaps and align federal, state, industry, and academic partners on cybersecurity education. The strategy calls for modernising training, expanding registered apprenticeships, and incentivising employers to invest in upskilling programmes that support critical infrastructure and national security missions.

Key pillars

Equip every American. Integrate foundational cyber literacy into K–12 curricula and adult education to build a more security-aware society.
Transform cyber education. Promote experiential learning, competency-based assessments, and alignment with the NICE Workforce Framework to prepare job-ready graduates.
Expand the national workforce. Grow apprenticeships, scholarships-for-service, and pathways for transitioning service members, while diversifying recruitment beyond traditional degree requirements.

Control alignment guidance

NICE Workforce Framework. Map organisational roles to NICE work roles and identify priority skill gaps that threaten resilience objectives.
NIST CSF GV.OC. Update workforce governance metrics to track training completion, certification coverage, and retention outcomes aligned with strategy commitments.
ISO/IEC 27002 7.2. Expand awareness and training plans to cover secure-by-design practices, supply-chain vigilance, and operational technology scenarios.

Operational recommendations

Partner with community colleges, HBCUs, and minority-serving institutions participating in the strategy to source apprentices and early-career analysts.
Establish learning pathways tied to critical infrastructure priorities, such as industrial control systems, incident response, and cloud security engineering.
Incorporate workforce metrics into board-level cyber reporting to demonstrate progress on recruiting, retention, and training investments.