What is the NICE Cybersecurity Workforce Framework?

Introduction: All about the NCWF

The National Initiative for Cybersecurity Education (NICE), led by the National Institute of Standards and Technology (NIST), is a partnership between government, academia and the private sector which works to promote cybersecurity education, training and workforce development. 

NICE published Special Publication 800-181 with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, which serves as a reference structure that describes the interdisciplinary nature of the cybersecurity work — regardless of where, or for whom, the job is performed. The NICE Cybersecurity Workforce Framework (NCWF) describes cybersecurity work and provides a standard way of defining roles in the field by knowledge, skills and abilities, as well as categories and specialties.

The document provides a great way for employers, human resources personnel and employees to define jobs in the field, speak a common language and identify training needs, career paths and position requirements, as well as agree on proper ways for measuring and assessing abilities.

Why does the NCWF matter?

With a need for standardization, in terms of how cybersecurity work is defined, described and how the workforce is trained, the NICE Framework serves as the foundation for all cyber workforce development activities, says the National Initiative for Cybersecurity Careers & Studies (NICCS). The Workforce Framework provides a common language to talk about cyber roles and jobs and can be referenced by those who wish to define professional requirements in cybersecurity.

The NICE Framework matters because it allows the identification of all roles needed within a company cybersecurity structure as well as the proper certifications, knowledge and skills each role should develop and demonstrate, so as to have a team as complete and efficient as possible. The framework provides guidance on which roles to implement in the organization in order to accomplish (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/fIGcGzpbDaU/