FAQs - CyBOK

Frequently asked questions

What is CyBOK?

The Cyber Security Body of Knowledge (CyBOK) is a comprehensive, expert-led resource designed to support education and professional training in cyber security. By drawing on knowledge from internationally recognised experts, it aims to capture the core aspects of cyber security and offer a clear foundation to support this emerging discipline. It is designed to be used by educators, practitioners, employers, policymakers, and students.

What are Knowledge Areas (KAs)?

KAs are peer-reviewed documents that summarise established knowledge in a core cyber security topic. CyBOK currently has 21 KAs, organised into five broader themes:

Human, Organisational & Regulatory Aspects
Attacks & Defences
Systems Security
Software & Platform Security
Infrastructure Security

What is a Knowledge Guide (KG)?

Knowledge Guides (KGs) represent a review of relevant literature on a topic (typically on an emerging topic) that captures the current state of the field, key issues that learners should know about, emerging techniques to address those issues, and open research problems.

What is a Topic Guide (TG)?

Topic Guides (TGs) draw together topics from across a number of KAs, to give a unified treatment to a collection of topics distributed across CyBOK. In general, these will be crosscutting themes where practitioner knowledge is more prominent than academic thinking.

How can I contribute to CyBOK?

CyBOK is shaped by input from the global cyber security community. Each Knowledge Area (KA) is written and peer-reviewed by experts from academia and industry, and we welcome feedback on gaps in the body of knowledge or updates you think are needed. If you have any feedback, please contact us.

You can also get involved through our funded projects, which support the creation of new teaching materials and tools. Browse previous project outputs on our Resources page, and keep an eye out for new calls for proposals on social media and on our News page.

How is CyBOK used for degree certification?

CyBOK underpins the academic standards used in the NCSC’s degree certification scheme. You can find guidance and resources for UK Higher Education programme directors on our Resources page.

How is CyBOK used to engage young learners?

CyBOK supports early engagement through school-friendly materials such as cyber security comics, games, podcasts and short introductory webinars. Explore these on our Resources page.

How is CyBOK used for training programmes?

Training providers can use CyBOK to map and structure their programmes using our knowledge trees and alignment guidance. These materials are available on our How to use CyBOK page.

How does CyBOK help employers?

Employers use CyBOK to understand the focus of university programmes and professional certifications, helping them identify relevant skills. Related tools and information can be found on our How to use CyBOK page.

Why doesn’t CyBOK include soft skills?

We focus on capturing the technical knowledge that underpins the field of cyber security. While soft skills are crucial in cyber security practice, they fall outside the scope of CyBOK.