About

The purpose of the National CAE (CAE) program is to promote higher education in Cyber Defense (CD), prepare a growing number of cybersecurity professionals, and to reduce vulnerabilities in the Nation’s networks.

Why CAE-CD?

Schools aspiring to gain the CAE-CD designation will strengthen their program while also strengthening their graduates. The CAE-CD designation also serves as a capacity-builder and powerful motivator for the growth of Information Security programs in higher education, while at the same time strengthening the Nation’s infrastructure.

The CAE-CD designation brings internal and external recognition along with opportunities for collaboration and funding. Internally, the designation captures the attention of the school’s senior administration, thus improving opportunities to increase the number of faculty positions, expand classroom/office space, and hire additional support staff. In addition, faculty across campus gain awareness of cybersecurity and its importance. Externally, the awareness of the importance of cybersecurity, and the excellence of the program recognized through the CAE-CD designation is increased significantly among local politicians, Chamber of Commerce, local employers, and the K-12 community. In addition, opportunities for collaboration and funding increase significantly.

Application

ONLINE RESOURCES

:: CAE Community Portal

:: A Guide for Mapping Courses to Knowledge Units (KU)s v2, provides information on mapping the CAE-CD required KUs to courses within an institution’s programs

:: Guide and Workbook for Completing CAE Criteria: Associate Level, provides suggestions and tools to assist in the preparation of the Criteria section of the CAE application

:: Email: askCAEIAE@nsa.gov

READINESS CHECKLIST

Applicants are encouraged to submit a CAE-CD Applicant Checklist. Based on the outcome of the review, applicants will be referred to one of two assistance paths:

  1. Institutions needing further development of programs and/or curriculum, or those with programs that have not reached maturity, will be referred to a CAE Regional Resource Center for assistance, or
  2. Institutions assessed to be within one year of meeting curriculum and programmatic criteria will be referred to the Application Assistance path for mentorship

APPLICATION PROCESS

Applications are submitted through the CAE application website:

  1. Open an Account: Request an account by completing the New Registration option on the Login/Join page
  2. Complete curriculum mapping to Knowledge Units (KUs) and provide information to meet criteria requirements

KNOWLEDGE UNIT (KU) MAPPING

KUs are targeted technology areas composed of Topics and expected Outcomes. There are 69 KUs, organized into three categories: Core, Mandatory and Optional. Institutions must map program paths as follows:

  • Two-year institutions: must map 11 Core KUs
  • Four-year institutions: must map 11 Core, 6 Mandatory, and 5 Optional KUs
  • Summary of minimums: Two-year = 11 KUs; Four-year = 22 KUs

CRITERIA

0. LETTER OF ENDORSEMENT AND INTENT

A Letter of Endorsement and Intent stating the institution’s intent to apply for the CAE-CD designation. The letter must be on institution letterhead, signed by a provost or higher, express commitment to excellence in the Cyber Defense field, identify institution’s CAE point of contact, state its support for an official Cyber “Center,” identify accreditation information, and list accomplishments in the Cyber Defense field. Once an account is setup on the NSA website, this letter gets uploaded as part of the institution’s application (do not mail).

1. CYBER DEFENSE CURRICULUM PATH

Requirements/examples include:

  • Mature CD program (at least 3 years old)
  • Program path meets mandatory Knowledge Units
  • Course syllabi – topics and objectives
  • Evidence of program graduates over past year

2. STUDENT SKILL DEVELOPMENT AND ASSESSMENT

Requirements/examples include:

  • Assessments identified in syllabi
  • Examples of student papers, tests, labs
  • Student participation in Cyber Defense competitions
  • Guest lecturers, internships

3. “CENTER” FOR CYBER EDUCATION (does not have to be a physical space)

Requirements/examples include:

  • Information on Cyber Defense program
  • Links for student activities
  • Institution resources and awareness
  • Links to other institutions, gov’t sites, conferences, workshops

4. CYBER FACULTY QUALIFICATIONS AND COURSES TAUGHT

Requirements/examples include:

  • Head of Cyber Defense program – CV
  • Faculty CVs and credentials
  • External activities at other institutions, conferences
  • Mentoring/Advising student-led activities

5. CYBER DEFENSE IS A MULTIDISCIPLINARY PRACTICE @ THE INSTITUTION

Requirements/examples include:

  • Cyber Defense concepts taught in other fields and departments
  • Non-Cyber Defense courses encourage papers/projects in Cyber Defense topics
  • Professional development courses include Cyber Defense topics

6. INSTITUTIONAL SECURITY PLAN

Requirements/examples include:

  • Implementation of security plan
  • Identification of security officer and duties
  • Awareness training, security practice guides

7. CYBER OUTREACH/COLLABORATION BEYOND THE INSTITUTION

Requirements/examples include:

  • Shared faculty – curricula with other institutions
  • Articulation and transfer agreements
  • Dual credit: high school – college
  • Community outreach – workshops, lectures, activities
  • Business/Industry collaboration – internships