How to align NICE Cybersecurity Workforce Framework KSAs with roles in your organization


Dealing with the many emerging cybersecurity challenges is a daunting task. With the ever-increasing number of attacks and cybercriminals that constantly update their techniques, it is easy to fall a step behind in an unfair competition.

Usually, when we talk about cybersecurity, the first thing that comes to mind is the cutting-edge technologies offered by the many manufacturers and suppliers, all with the promise of simplifying the noble act of protecting a business. 

While it is true that technology has always played a key role in reducing exposure to many cyberthreats, despite the evolution of concepts such as machine learning and artificial intelligence, even the most advanced security solutions are still dependent on cybersecurity experts to make sure they work with the necessary effectiveness.

In fact, relying exclusively on technology against cyberattacks is not only a poor strategy, but may also give you a false feeling of protection. This means the next attack will hit even harder than you ever imagined.

The solution to this puzzle appears quite simple: focus on your team and developing their cybersecurity skills. The problem is, this can be easier said than done. Cybersecurity is a multidisciplinary field: in order to ensure the effectiveness of your security team, it is extremely important to have a clear view of what skills need to be developed for each role. This is exactly where the NICE Cybersecurity Workforce Framework can provide great value for managers and organizations committed to effective cybersecurity enforcement.

What is the NICE Cybersecurity Workforce Framework?

The NICE Cybersecurity Workforce Framework is a NIST Special Publication that categorizes and describes cybersecurity work. The NICE Framework establishes a taxonomy and common lexicon describing cybersecurity work and workers regardless of where or for whom the work is performed, so it can be easily applied in (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Claudio Dodt. Read the original post at: