ICTC Logo Colour new logo 2
2li FrEn Wordmark C

In trusted partnership with the KnowledgeFlow Cybersafety Foundation

Mission Gateway

Rappel : modifiez les paramètres linguistiques de votre page pour afficher ce contenu en français. Accédez au coin supérieur droit de la page pour modifier la langue (capture d’écran ci-dessous).

image 1

Welcome to Mission gateway: Unleashing Cyber Talent!

As a Cyber Recruitment Agent, your role is to introduce others to the fundamentals of cybersecurity and the opportunities within the field. In this mission, you will examine the CIA Triad of confidentiality, integrity, and availability, and how these principles guide businesses in protecting their systems and data. You will review the state of cybersecurity in schools, including the frequency of attacks, their impact, and a case study highlighting current gaps in protection and the recommended changes. You will also explore career pathways in cybersecurity, covering university and college programs as well as industry-recognized certifications. By completing this mission, you will be equipped to inform and guide students toward potential careers in cybersecurity, helping to build the next generation of skilled professionals.

Below is some key information about cybersecurity and careers in cyber that all teachers should know. Once you’ve built your own confidence and expertise, you’ll find resources further down to use directly with your students. These include age-appropriate activities, ready-to-go slides, and take-home materials you can share with families to help extend cybersecurity skills and careers beyond the classroom.

Return to CyberDay Main Page

mission support

Fundamentals of Cybersecurity

Cybersecurity In Schools

Career Pathways and Certifications

Mission support

Fundamentals of cybersecurity

cyber

What Is cybersecurity?

Cybersecurity is the field focused on protecting computer systems, networks, and data from cyber attacks, unauthorized access, and other digital threats. It involves professionals using tools, technologies, and strategies to defend organizations, such as businesses, schools, and governments, against threats like hacking, data breaches, and malware.
While cybersafety is about individuals protecting themselves online, such as browsing safely, using strong passwords, or avoiding scams, cybersecurity operates on a broader scale. Businesses that set up secure networks, monitor for suspicious activity, and respond quickly to threats are not only protecting their own systems. They are protecting the sensitive information that belongs to you. This includes your personal data, your financial details, your identity, and your trust.

The CIA Triad

The CIA Triad, comprising Confidentiality, Integrity, and Availability, is a foundational model that guides how businesses, governments, and organizations worldwide protect their digital assets. It shapes cybersecurity policies that ensure sensitive information remains secure, accurate, and accessible to those who need it. From protecting customer data to securing internal systems, the CIA Triad is central to managing organizational risk and strengthening cyber trust online. These same principles are just as relevant in education. For teachers, understanding the CIA Triad helps safeguard student data, ensure consistent access to learning tools, and foster a safe and trustworthy learning environment for students.

Confidentiality

Confidentiality involves keeping sensitive information private and ensuring that only authorized individuals have access to it. This protects sensitive data, including personal identities, financial records, and other sensitive information, from unauthorized viewing or theft.

  • Common methods include strong passwords to protect accounts from unauthorized access, user authentication (such as two-factor login) to add an extra layer of security, encryption to scramble data so it can’t be read without the correct key, and access control systems to ensure only authorized users can view or use sensitive information.
  • Used by: Individuals (protect personal information, such as banking details, using strong passwords and encryption) and Businesses (limit who can see sensitive data by using access controls, permissions, and encryption)

Integrity

Integrity ensures that data remains accurate, complete, and trustworthy over its entire life cycle. It prevents unauthorized or accidental changes that could compromise the reliability of information.

  • Common methods include digital fingerprints, which help detect if a file has been changed; digital signatures, which confirm that information comes from a trusted source; version control, which keeps track of changes to documents or files and allows you to revert to a previous version if something goes wrong; and audit logs, which record who accessed or modified data, making it easier to trace and correct any issues
  • Used by: Individuals (check that downloads are from trusted sources and watch out for fake or suspicious emails) and Businesses (use tools to detect tampering, track changes to files, and keep records of who accessed or edited data).

Availability

Availability ensures that authorized users can access data and systems when needed. This includes protecting against system failures, cyberattacks, or disasters that could interrupt access.

  • Common methods include creating backups to prevent data loss and keeping extra systems on standby in case the main ones fail; cloud storage, which ensures access from anywhere, even if a device is lost or damaged; protection services that blocks attacks that attempt to shut down systems; and disaster recovery plans, which help restore access quickly after major disruptions
  • Used by: Individuals (backing up data to an external drive or cloud storage to prevent data loss in case of a device failure or a ransomware attack) and Businesses (use backup systems, plan for emergencies, build strong tech setups, and block attacks that could shut down services)

Why the CIA triad matters for teachers

Understanding the CIA Triad and applying it in your daily online activities not only makes you more secure online but also helps protect your students’ information when you handle it carefully. Developing these cybersecurity habits is crucial. Here is why it matters to teachers.

  • Protecting student identity: Teachers handle sensitive data like grades and personal information. Using strong passwords and avoiding public displays of student data helps protect against privacy breaches.
  • Maintaining data accuracy: Accurate records are essential for fair grading and assessments. Keeping devices secure and preventing unauthorized changes ensures data remains trustworthy and consistent.
  • Ensuring availability of resources: Teachers rely on consistent access to teaching materials and technology. Choosing accessible tools and formats helps ensure all students can engage, regardless of their device.
  • Fostering trust and safety: By applying the Triad’s principles, teachers help create a secure learning environment—building trust with students, families, and the school community.
  • Meeting professional expectations: Teachers across Canada are expected to follow confidentiality and data protection standards. Practicing good cybersecurity habits supports professional integrity and legal compliance.
Mission Gateway CIA triad information 1
Mission support

Canadian Education Cybersecurity Landscape

Mission Gateway School Cyberattack

The Urgent Need for Cybersecurity Awareness in School Boards

Schools often lack the budget, staff training, and infrastructure necessary for robust cybersecurity defences, despite holding valuable data such as personal, health, financial, and academic information of students and staff. The cybersecurity landscape in Canadian education, particularly in K–12 school boards, is a growing concern; for example, during a three-week testing period, an average of over 50 malware attempts were blocked per school board, according to data reviewed by the Canadian Internet Registry Association (CIRA). This vulnerability is exacerbated by the openness of educational environments and the challenges of managing security among users, such as students and teachers, who may not fully comprehend the consequences of security breaches. This highlights the critical role of teachers in understanding cybersecurity, being aware of common threats such as phishing, protecting student information, and adhering to good cybersecurity practices. Your role in promoting a culture of cyber awareness and safety within schools is essential.

A quick internet search will highlight how frequent these incidents are. Several recent cyber incidents and privacy breaches which have impacted Canadian schools and school boards include:

  • PowerSchool Breach, Canada (2024): A major data breach involving PowerSchool affected at least 80 school boards across Canada, compromising student information systems. Over 2.77 million students and nearly 36,000 staff were impacted, including teachers and thousands of parents. The Toronto and Peel District School Boards alone accounted for more than 2.4 million of the affected individuals. The exposed information was significant, including, but not limited to, names, addresses, medical information, school start and end dates, health card numbers, and more.
  • Huron-Superior Catholic District School Board, Ontario: This school board experienced a cyber attack announced on December 15, 2022. The breach compromised personal information of students and former students, affecting the board’s website, telephones, public address systems, and email for all board sites.
  • York Region District School Board, Ontario: In November 2023, the board experienced a cyber incident that took its network offline, which was later confirmed in a public statement. In 2024, families began receiving notifications if their data may have been compromised, along with information about what types of data were potentially affected. While the full extent of the breach remains unclear, the board assured families that financial data was not part of the exposure.
  • Huron-Superior Catholic District School Board Employee Data Compromise: In a separate incident from the one mentioned above, the personal information of employees from 2019 to 2022, including social insurance numbers, birthdates, compensation, and banking details, was likely compromised in a cyberattack. This attack also disrupted communication systems and caused class cancellation.

Real life Case Study: Understanding the issue

This case study highlights the importance of proactive cybersecurity measures in educational environments and identifies potential vulnerabilities in everyday practices. By engaging with this example, you gain a clearer understanding of the seriousness of the issue, the possible pitfalls within current systems, and the crucial role teachers and administrators play in protecting personal information through informed action and robust security protocols.

Case Study: Ontario School Boards – IT Systems and Technology in the Classroom.
Overview: A detailed audit conducted across various Ontario school boards revealed significant cybersecurity vulnerabilities, emphasizing the critical need to protect the personal information of students and staff.
Key Findings

  1. Cybersecurity Risks: School boards, schools, and the Ministry host substantial amounts of personal information on their information systems, making them attractive targets for data breaches. This information includes sensitive data about students, teachers, and staff, necessitating stringent protection measures under privacy laws. Cyberattacks can have severe consequences, including the disruption of operations and the compromise of sensitive data​.
  2. Protection of Personal Information: The audit found risks associated with the management of user accounts within the Ministry’s IT system. A significant number of accounts, including those belonging to former staff, remained active and unused, posing a risk of exposure of confidential student information. Additionally, there was a lack of formal training for teachers and staff in protecting students’ personal information, which increases the risk of privacy breaches​.

Recommendations for School Boards

Regular User Access Reviews: Conduct periodic reviews of user access to ensure only authorized, active users have access to sensitive information.
Enhanced Cybersecurity Training: Providing staff with robust training on data protection and threat awareness is crucial for maintaining data security.
Strategic IT Planning: Allocate resources strategically towards cybersecurity measures, with a priority on data privacy.
System Security: Implement robust access controls and regular system audits.
Process Security: Establish precise policies for data handling and destruction.
Physical Security: Secure IT hardware and ensure proper disposal of devices.

Mission support

Cybersecurity Career pathways and education

Mission Gateway Careers in cyber

Introducing Cyber careers

Cybersecurity is a vital and rapidly growing field that plays a crucial role in safeguarding personal information, businesses, and national security from online threats. In today’s technology-driven world, nearly every industry depends on digital systems and cybersecurity teams, making cybersecurity skills increasingly valuable and in demand. Yet, many students have little awareness of what the field involves or the diverse career paths it offers. By introducing cybersecurity in the classroom, you can help students understand its importance, see its real-world impact, and recognize it as a potential career that combines problem-solving, critical thinking, and technology to keep our digital world safe.

The Canadian Cybersecurity Skills Framework

mission gateway Canadian cybersecurity skills framework

The Canadian Cyber Security Skills Framework, released in April 2023 by the Canadian Centre for Cyber Security under the Communications Security Establishment (CSE), addresses a key gap in the cybersecurity industry: the lack of standardized definitions for roles and job titles. This absence has made it difficult for businesses, educators, and aspiring professionals to navigate the field. The CSE, a federal agency responsible for safeguarding Canada’s information technology and national security, developed the framework to bring clarity and consistency to the sector. As an educator, you can use this framework to gain a better understanding of how cybersecurity is organized into defined categories and roles, along with the skills and knowledge required for each. With this insight, you can help students make informed career choices in this vital and growing field, showing them how their learning can connect to real-world opportunities.

Learn More About Each Section

In this area of cybersecurity, the work revolves around establishing the rules, policies, and strategies that guide an organization’s protection of its digital information and systems. It’s less about hands-on technical fixes and more about understanding the big-picture view, how to create a secure environment through leadership, planning, and decision-making. As a teacher, understanding this category can help you demonstrate to students that cybersecurity isn’t just about coding or hacking; it’s also about management, ethics, law, and policy. You can highlight how this pathway suits those who enjoy leading, thinking strategically, and influencing how an entire organization operates securely.

Entry Level Jobs:

  • IT Security Specialist: Depending on the specific role, they may oversee and govern aspects of IT security within an organization. 
  • Security Tester: Involvement in governing the security testing processes and procedures to ensure compliance and effectiveness. 

Here, the focus is on the day-to-day operation of cybersecurity systems, keeping everything functioning smoothly, monitoring for issues, and resolving problems before they escalate. For students who like working with technology hands-on, enjoy problem-solving, and take pride in maintaining systems, this area offers a clear career path. By understanding this role, you can help students see that keeping systems secure isn’t just about significant innovations, it’s also about the steady, behind-the-scenes work that keeps everything running safely every day.

Entry Level Jobs

  • Network Support Specialist: Primarily involved in the maintenance and operation of network systems, ensuring they are secure and functioning efficiently. 
  • System Administrator: Responsible for the day-to-day maintenance and operation of systems, including their security aspects. 
  • Security Administrator: Manages and maintains security solutions like firewalls, antivirus programs, and intrusion detection systems. 

This category is about building secure digital systems from the ground up. It’s where creativity meets technology, designing software, applications, and systems with security built in from the start. As an educator, understanding this field enables you to connect cybersecurity with innovation and problem-solving in the classroom. Students who love to code, experiment with technology, or solve complex puzzles may be drawn to this work. By introducing this category, you can inspire them to see how security can be an integral part of the design process rather than an afterthought.

Entry Level Jobs:

  • IT Support Specialist: While primarily focused on supporting IT systems, they may also be involved in developing and implementing security measures within those systems.
  • Computer Network Support Specialist: Often involved in the design and development of network systems, including aspects of security.
  • System Administrator: Plays a role in developing and maintaining secure systems, especially in smaller organizations where their role might encompass a wider range of responsibilities.

This is the front line of cybersecurity, where professionals actively guard systems against cyber threats and attacks. It’s fast-paced, challenging, and requires quick thinking. As an educator, being familiar with this category enables you to introduce students to the idea of being a “digital defender,” someone who detects threats, responds to incidents, and works to stay ahead of cybercriminals. For students who thrive under pressure, enjoy a challenge, and want to protect others, this path can be both exciting and rewarding.

Entry Level Jobs

  • Junior Cybersecurity Analyst: Involved in protecting and defending systems against cyber threats. 
  • Network Security Operator: Plays a role in defending the network against security threats.
  • Security Tester: Focuses on testing systems for vulnerabilities, a key aspect of defense. 
  • Incident Responder: Directly involved in responding to and defending against cybersecurity incidents. 
  • Cybersecurity Operations Analyst: Again, focused on protecting and defending against cyber threats
Canadian Cyber Security Skills Framework Job Role Web

By understanding the categories within the Canadian Cybersecurity Skills Framework, students gain valuable exposure to a field that is in high demand and constantly evolving. The Government of Canada developed this framework to address the growing need for skilled professionals and to raise awareness about the wide range of roles available in cybersecurity. This diagram was created to highlight the diverse job opportunities that fit within the framework and to showcase how expansive the field is. It is not a comprehensive list, but a snapshot of the many career paths students might pursue and a way to show how their skills and interests can contribute to protecting Canada’s online infrastructure.

Pathways to cybersecurity

The Canadian Cyber Security Skills Framework is more than just a list of roles; it’s a roadmap to help identify and understand the many career possibilities in Canada’s cybersecurity sector. As you explore it, you’ll see that there’s no single way to enter this field. Careers in cybersecurity can be pursued through various educational and certification routes, making them accessible to students with diverse interests, strengths, and resources. Whether the path is a university degree in cybersecurity, computer science, or a related field, or industry-recognized certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or Certified Information Systems Security Professional (CISSP), the framework can help students align their learning with the domain that excites them most.

University Degrees

Traditional university degrees in cybersecurity, computer science, or related fields are common starting points for a career in cybersecurity. These programs typically span three to four years and provide a comprehensive education, covering theoretical aspects, fundamental principles, and a broad spectrum of cybersecurity topics. The primary advantage of a university degree is its widespread recognition in the industry, providing credibility and a solid foundation of knowledge. However, university programs can be expensive and may not always offer the specialized, hands-on training required for certain cybersecurity roles. 

Resource: The Canadian Centre for Cyber Security has created a national guide to post-secondary cybersecurity programs offered across Canada. While it doesn’t endorse specific schools, it gives a clear overview of available options—helping students see what’s out there and how different programs can prepare them for both industry certifications and real-world skills. It’s a useful resource you can share to help students explore pathways into this fast-growing field.

Program Guide

College Diplomas and Certificates

On the other hand, college diplomas and certificates present more focused and often shorter educational routes. These programs, ranging from one to two years, are generally more practical and career-oriented. They are designed to equip students with the specific skills needed in the industry, such as network security, ethical hacking, or digital forensics. While they may lack the depth of a university degree, they are more accessible in terms of cost and time commitment. However, one potential downside is that they might not be as widely recognized or valued as a university degree in some segments of the industry. 

Resource: Mapping major cybersecurity certifications to the NICE Framework provides a clear overview of how industry-recognized credentials align with specific roles and skills. Since Canada’s Cyber Security Skills Framework is based on NICE, this resource helps students understand how certifications fit into Canadian career paths and prepare them for both local and global opportunities. It’s a useful tool to share with students exploring practical ways to build their cybersecurity careers.

Certification Guide Popular Certifications Handout

Important Note for Students

Basic education alone is rarely enough to launch a cybersecurity career. To build strong skills and stand out to employers, students should actively seek out opportunities to gain real-world experience. This can include volunteer work with organizations tackling cybersecurity challenges, participating in competitions or hackathons to apply skills in a hands-on, competitive setting, joining mentorship programs to learn directly from experienced professionals, and pursuing internships that offer practical field experience. Combining learning with hands-on experience will give students a significantly stronger foundation for their cybersecurity careers. Earning multiple certifications in addition to a degree or diploma is highly recommended, as this combination helps students build a strong foundation and increases their chances of success in the cybersecurity industry.

mission gateway future cyber leaders
Classroom Implementation

Teaching Materials (Slide Decks)

Here are three slide shows, filtered by grade range (Grades 9–12, 5–8, and 1–4), that you can add straight into Google Classroom. These slideshows make it easy for you to turn the information into teachable lessons with ready-to-go slides so that students can become the experts themselves. You can present them in class or share them with students and parents to explore on their own.

Mission Gateway Slides (1-4)Download
Mission Gateway Slides (5-8)Download
Mission Gateway Slides (9-12+parents)Download
French – Mission Gateway Slides (1-4)Download
French- Mission Gateway Slides (5-8)Download
French- Mission Gateway Slides (9-12+parents)Download
Classroom Implementation

Classroom Activities

Here are lesson activities you can use directly in the classroom or upload to Google Classroom. There is a teacher version and a student version that can be directly handed out. The activities are curriculum-aligned and designed to deepen students’ understanding of cybersafety concepts. They are organized by grade range (Grades 7–12 and Grades 1–6) and conveniently included in a single document for easy access.

Mission Gateway ActivityDownload
French – Mission Gateway Activity (1)Download

continuing the cybersafety mission

mission gateway JDC image
Information and COmmunications technology Councel (ICTC)

Jump-Starting Digital Careers (JDC) and CyberTitan

ICTC is committed to equipping students and educators with the skills, knowledge, and inspiration to succeed in technology and cybersecurity, fostering creativity, curiosity, and early career exploration. Through Jump-Starting Digital Careers (JDC), students and teachers can gain hands-on experience, curriculum-based learning, and exposure to ICT and cybersecurity careers via programs like CyberBytes (for teachers), FIT, MyFIT, and Cybrary (for students). CyberTitan complements this by engaging middle and secondary students in practical cybersecurity challenges, developing critical skills and preparing them for STEM pathways and technology-focused careers.

charting your course moodle course image 3
Knowledgeflow cybersafety foundation

Charting Your Course: A Map from Cybersafety to Cybersecurity (CYC)

Charting Your Course to Cybersecurity (CYC) is a transformative course for high school students that teaches personal cybersafety, introduces foundational cybersecurity concepts, and connects learners to real-world careers. Each of the eight interactive modules links to the Canadian Cybersecurity Skills Framework, helping students explore the skills, certifications, and pathways associated with different roles in cybersecurity. Covering topics such as device and connection security, privacy protection, social engineering, and online risk management, the course includes quizzes, group activities, and teen-focused case studies to reinforce learning. Students can self-enroll, teachers can register anonymized classes, and community groups can run sessions, all without collecting personal information. CYC empowers teens to develop practical skills, understand professional pathways, and become confident, mindful digital citizens ready to explore the cybersecurity field.

Learn more about CYC
Access the JDC Learn about CyberTitan
ChatterHigh Featured Quiz
CSE, Cyber Centre, Chatterhigh

Gameified Careers in Cybersecurity course

Discover the world of cybersecurity and explore related careers with this free, gamified course from the Communications Security Establishment (CSE) and the Canadian Centre for Cyber Security (Cyber Centre) on the ChatterHigh platform. Students engage with real-world resources to answer interactive questions, building knowledge of cybersecurity concepts while connecting learning to careers that protect Canadians from evolving cyber threats. Activities can be completed in class or at home, and self-marking features make it easy for teachers to monitor progress.

Learn more

Additional Video for Students

Information and Communications Technology Council (ICTC)

Unlocking New Digital Economy Career Pathways with Industry Experts – Recorded Live Session with Timothy King

In this recorded live session, Timothy King shares his journey from teaching K-12 students in Ontario to becoming a recognized expert in Artificial Intelligence, Big Data, Cybersecurity, and Quantum technologies. He reflects on his experiences leading students to national awards, developing VR-based learning, pioneering AI and cyber initiatives, and earning advanced certifications. Along the way, Tim offers practical tips and inspiration, showing how anyone, regardless of their background, can enter the tech field, grow their skills, and make a meaningful impact, paving the way for a rewarding career in emerging technologies.

logo

The Information and Communications Technology Council (ICTC) is a neutral, not-for-profit national centre of expertise with the mission of strengthening Canada’s digital advantage in the global economy. For over 30 years, and with a team over 100 experts, they have delivered forward-looking research, practical policy advice, and capacity-building solutions for individuals and businesses. ICTC’s goal is to ensure that technology is utilized to drive economic growth and innovation and that Canada’s workforce remains competitive on a global scale.


ICTC’s National CyberDay is funded by the Government of Canada’s CanCode Initiative.