Share this article on:
On Tuesday this week at the NICE conference and Expo in Kansas City, Missouri, the Department of Commerce’s National Institute of Standards and Technology (NIST) announced the release of a new draft version of its NICE Cybersecurity Workforce Framework (NCWF).
According to NIST, the new Framework “will allow our nation to more effectively identify, recruit, develop and maintain its cybersecurity talent,” and help U.S. organizations develop a well-trained cybersecurity workforce.
The Framework has been developed by the National Initiative for Cybersecurity Education (NICE) and is the product of extensive collaboration between academic institutions, private sector organizations, and government agencies including the U.S. Department of Defense and Department of Homeland Security.
The new framework provides common language to categorize different cybersecurity roles and describes job titles and responsibilities in detail. The Framework serves as a workforce dictionary that can be used by organizations to define and share information about the cybersecurity workforce in a detailed, consistent, and descriptive way.
The Framework defines more than 50 different work roles across 7 key categories and more than 30 specialty areas, detailing the skills, abilities, knowledge, and certifications that each position requires. The Framework will help employers, trainers and educators use consistent terms to describe cybersecurity work and roles. It is also hoped that the Framework will serve as a building block for the future development of cybersecurity training standards.
The terminology used in the NCWF has already been incorporated into two online resources: The CyberSeek jobs map and the Career Pathway. It is hoped the common framework will help students studying cybersecurity develop their career plans. As directed by the Federal Cybersecurity Workforce Assessment Act of 2015, the federal government will be using the Framework to identify its cybersecurity workforce.
The draft NICE Cybersecurity Workforce Framework can be viewed on the NIST website. NIST has requested comments on the new Framework to ensure that it meets all cybersecurity workforce needs.