The Inner Circle

 View Only

Workforce Framework for Cybersecurity: NIST SP 800-181 Revision 1

  • 1.  Workforce Framework for Cybersecurity: NIST SP 800-181 Revision 1

    Posted Nov 16, 2020 11:46:00 AM
      |   view attached
    Hi All,

    The National Initiative for Cybersecurity Education (NICE) released the first revision to the Workforce Framework for Cybersecurity (NICE Framework) today at the annual NICE Conference and Expo. The NICE Framework improves communications about how to identify, recruit, develop, and retain cybersecurity talent – offering a common, consistent lexicon that categorizes and describes cybersecurity work.

    "The revised NICE Framework provides an improved and simplified conceptual design that helps to better coordinate an integrated ecosystem of cybersecurity education, training, and workforce development," said Rodney Petersen, Director of NICE, which is led by NIST and is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.
    The "cybersecurity workforce," Petersen noted, "includes those whose primary focus is on cybersecurity as well as those in the workforce who need specific cybersecurity-related knowledge and skills in order to perform their work in a way that enables organizations to properly manage the cybersecurity-related risks to the enterprise."
    Revisions to the NICE Framework (NIST Special Publication 800-181) provide:

    • A streamlined set of "building blocks" comprised of Task, Knowledge, and Skill Statements;
    • The introduction of Competencies as a mechanism for organizations to assess learners; and
    • A reference to artifacts, such as Work Roles and Knowledge Skills and Abilities statements, that will live outside of the publication to enable a more fluid update process.
    "The NICE Framework Building Blocks (Tasks, Knowledge, and Skill statements) will unleash a variety of ways in which organizations can use and apply the NICE Framework within their unique context and in a manner that is consistent with the attributes of agility, flexibility, interoperability, and modularity," said Karen Wetzel, Manager of the NICE Framework. "The introduction of competencies, a mechanism for organizations to assess learners, is designed to increase alignment among employers, learners, and education and training providers and close the cybersecurity skills gap."

    The NICE Framework already has a large following. It is used by organizations in both the private and public sectors to perform workforce audits, develop position descriptions, create learning outcomes for courses, and much more.


    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------