Helping Educational Institutions Align to NCAE-C

Offensive Security Helps Educational Institutions Align to the National Center of Academic Excellence (NCAE-C) Requirements

Author: Heather Monthie, PhD

The National Centers of Academic Excellence in Cybersecurity (NCAE-C) program is an initiative that recognizes US-based academic programs within colleges and universities that offer degrees and research in cybersecurity.

A joint initiative with the National Security Agency (NSA) and the Department of Homeland Security (DHS), the NCAE-C program awards the CAE designation to academic programs that have met rigorous cybersecurity education or research requirements. These programs are designed to prepare students to enter the workforce with the necessary skills to protect US essential critical infrastructures.

There are three different CAE-C types for cybersecurity academic programs:

Cyber Defense (CAE-CD)

Academic programs recognized as CAE-CD programs promote education and research in cyber defense and students who completed these programs are qualified to enter the cybersecurity workforce. Regionally accredited 2-year, 4-year, and graduate-level institutions in the United States are eligible to apply once rigorous requirements are met for their academic program.


Cyber Operations (CAE-CO)

Academic programs recognized as CAE-CO programs are technical, interdisciplinary, and focus on the technologies required in cyber operations. These academic programs also must meet a set of detailed requirements to earn this designation.


Cyber Research (CAE-R)

The CAE-R designation is awarded to institutions that are regionally-accredited Ph.D. granting colleges or universities, DoD schools, or military academies with a Ph.D. program. Through research, these institutions advance collective cybersecurity knowledge in technology, policy, and cybersecurity practices.


What are the goals of the CAE program?

According to the NSA’s website, the NCAE-C program partners with the Cybersecurity & Infrastructure Agency (CISA), the Federal Bureau of Investigation (FBI), the National Institute of Standards and Technology (NIST), the National Initiative for Cybersecurity Education (NICE), the National Science Foundation (NSF), the Department of Defense Office of the CIO and US Cyber Command (USCYBERCOM). The goals of the NCAE-C program are aligned with the cybersecurity workforce needs of these federal agencies.

“NCAE-C program aims to create and manage a collaborative cybersecurity educational program with community colleges, colleges, and universities that:

  • Establishes standards for cybersecurity curriculums and academic excellence,
  • Includes competency development among students and faculty,
  • Values community outreach and leadership in professional development,
  • Integrates cybersecurity practice within the institution across academic disciplines,
  • Actively engages in solutions to challenges facing cybersecurity education.” Source

How can my educational institution become a CAE?

An institution that would like to apply for a CAE-C designation for an academic program must meet several rigorous requirements, including regional accreditation, having students who have graduated from the program, and having a virtual or physical center for cybersecurity. The academic program curriculum aligned to the CAE knowledge units (KU) is among some of the requirements for this prestigious designation. College and university leaders can find the criteria for each of the three CAE-C types here.


How Offensive Security Can Help Your Cybersecurity Academic Program

Offensive Security has several team members on staff who have worked in US-based educational institutions with one or more academic programs that are awarded the prestigious CAE designation. Many have taught in these programs at the certificate, undergraduate, and graduate levels. Some have led their institutions through the entire CAE application and approval process.

These experienced team members have partnered up to develop a mapping of Offensive Security’s cybersecurity curriculum to the CAE knowledge units for both CAE-CD and CAE-CO. The goal is to help institutions that wish to apply for one of the CAE-C designations or update their curriculum to ensure they have the right mix of knowledge and skills in their programs.

If you are an institution looking to achieve or maintain your CAE-C designation, please reach out to We’re looking forward to discussing how our hands-on cybersecurity curriculum maps to the CAE-CD and CAE-CO knowledge units and can help you achieve the designation.

About the Author
Dr. Heather Monthie is a leader in Cybersecurity and IT education dedicated to developing workforce-ready professionals for the future. With a diverse background in education, leadership, and technology, she has worked with various businesses and educational institutions to develop successful cybersecurity education programs. She has served in various leadership roles within organizations that are committed to cybersecurity and STEM workforce development. She currently serves as the Head of Cybersecurity Training, Education, and Innovation at Offensive Security.