NICE Seeks Feedback on Cybersecurity Workforce Framework

Monday, December 05, 2011



The National Initiative For Cybersecurity Education (NICE) is seeking feedback on the proposed Cybersecurity Workforce Framework through December 16th.

NICE was born out of the Comprehensive National Cybersecurity Initiative and is being spearheaded by the National Institute of Standards and Technology (NIST).

"The goal of NICE is to establish an operational, sustainable and continually improving cybersecurity education program for the nation to use sound cyber practices that will enhance the nation’s security," according to the NICE website, and is "comprised of over 20 federal departments and agencies, to ensure coordination, cooperation, focus, public engagement, technology transfer and sustainability."

The goal of the Cybersecurity Workforce Framework is to provide a baseline for discerning a common vocabulary and the skill set prerequisites for various cybersecurity professions that have emerged over recent years, and provide the government and the private sector a reference tool for standardization.

"The framework organizes cybersecurity work into high-level categories ranging from the design, operation and maintenance of cybersecurity systems to incident response, information gathering and analysis. The structure is based on job analyses and groups together work and workers that share common major functions, regardless of job title," the NIST states.

From NICE:

Today, there is little consistency in how cybersecurity work is defined and described throughout the nation. The lack of a common language to discuss and understand the work requirements of cybersecurity professionals hinders our nation's ability to:

  • Baseline capabilities,
  • Identify skill gaps,
  • Develop cybersecurity talent in the workforce, and
  • Prepare the pipeline of future talent.

Establishing and using a unified framework for cybersecurity work and workers is not merely practical but vital to the nation's cybersecurity. Much as other professions have defined their specialties (e.g., law, medicine), it is now time to forge a common set of definitions for the cybersecurity workforce.

The NICE Cybersecurity Workforce Framework offers a working taxonomy and common lexicon that can be overlaid onto any organization's existing occupational structure. Although much work has gone into this framework, we need to ensure that it can be adopted and used across the nation. We are actively seeking to refine this framework with input from every sector of our nation's cybersecurity stakeholders.

You are an integral part of this process. NICE requests that you please contribute your expertise in the field of cybersecurity by reviewing the NICE
Cybersecurity Workforce Framework document and providing your public comments using the comments template.

Your comments will help us refine the framework for national release. Please act now as we are accepting public comments through December 16, 2011.

“One thing NICE has found is that there has not been a consistent way to define or describe cybersecurity work across the federal workforce. Other professions have organized their specialties, and now it is time for a common set of definitions for the cybersecurity workforce,” said NICE Lead Ernest McDuffie.

To provide feedback, refer to the Cybersecurity Framework Comments Template provided by NICE.


Possibly Related Articles:
Security Training
NIST Employment Government Training Cyber Security Standards Education Skill Set NICE Cybersecurity Workforce Framework Ernest McDuffie
Post Rating I Like this!
mk MK
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.