The National Initiative for Cybersecurity Education (NICE) Framework

In business, you are frequently given difficult problems to address. Human-centered situations are frequently the most difficult to do correctly. Frequently, you are provided with a plethora of recommendations and frameworks to facilitate the smooth operation of your firm. One such framework is the NIST Special Publication 800-181 Revision 1 "Workforce Framework for Cybersecurity (NICE Framework)".

The most recent edition of the NICE Framework, issued in 2020, encourages the creation of a workforce capable of managing the cybersecurity risk of a business. This redesign is motivated by "agility, adaptability, interoperability, and modularity". These foundations of workforce development serve as the basis upon which the NICE Framework constructs pillars based on roles and abilities, with the aim of creating effective interdisciplinary teams.

The NICE Cybersecurity Workforce Framework (NICE Framework) was made by industry, academic, and government stakeholders working together. It sets up a taxonomy and a common vocabulary for cybersecurity work. Both the public and private sectors use it. NIST does not approve or validate any one organization's use of the NICE Framework or how it uses it. Cyberseek.org says that there are 67,195 unfilled cybersecurity jobs in California as of August 2020.

We will describe the NICE framework in this article and go over each of its seven categories before discussing who can use it and how. Last but not least, we'll briefly discuss the NICE Framework's history.

What is the NICE Framework?

The National Initiative for Cybersecurity Education (NICE) is a cybersecurity workforce framework that classifies and describes the cybersecurity workforce. The National Institute of Standards and Technology (NIST) leads the National Initiative for Cybersecurity Education (NICE), a cooperation between the government, academia, and the commercial sector that promotes cybersecurity education, training, and workforce development.

The NICE program has three primary objectives:

• Inspire urgency throughout the public and private sectors to expedite learning and skill development.

• Strengthen education and training by prioritizing learning, assessing results, and diversifying the cybersecurity profession to foster a varied learning community.

• Guide career development and workforce planning by assisting companies in meeting market expectations in order to improve recruiting, hiring, talent development, and retention.

Its building block approach enables personalized implementation within distinct operational settings while offering a common language that reduces the barrier to entry for a greater number of various enterprises and agencies seeking to collaborate and operate/interoperate with one another.

Why is the NICE Framework Important?

Using the NICE Framework as a basic guide improves the communication needed to find, recruit, and train cybersecurity talent. The NICE Framework will let employers use clear, consistent language in their professional development programs, when they use industry certifications and academic credentials, and when they choose relevant training opportunities for their employees.

The NICE Framework makes it easier to choose and describe cybersecurity roles for positions in organizations in a way that is more consistent, comparable, and repeatable. It gives a common vocabulary that schools use to make cybersecurity courses that better prepare students for the needs of the cybersecurity workforce now and in the future.

By using the NICE Framework, you can describe all the work that goes into cybersecurity. One of the goals of the NICE Framework is that it can be used to describe any cybersecurity job or position by finding the relevant information in one or more of its parts. Which parts of the NICE Framework are used for each job or position depends on the mission, business processes, and priorities of that job or position.

The NICE Framework is used by organizations or sectors to make more publications or tools that define or give advice on different parts of workforce development, planning, training, and education.

What are the Seven Categories of the NICE Framework?

The seven categories were established by the NIST (National Institute of Standards and Technology). The organization identified this several personnel to emphasize the "interdisciplinary aspect" of the cybersecurity profession. It aims to standardize the technical and non-technical responsibilities necessary in the cybersecurity workforce.

There are specialty sections inside each category, each reflecting a component of a certain job or function that pertains to the main category. Specializations are further subdivided into work roles. Knowledge, skills, abilities, and duties are defined for each job function.

7 categories of the NICE Framework are outlined below:

1. Securely Provision (SP)
2. Operate and Maintain (OM)
3. Oversee & Govern (OV)
4. Protect & Defend (PR)
5. Analyze (AN)
6. Collect & Operate (OP)
7. Investigate (IN)

1. Securely Provision (SP)

The SP category denotes employees who "conceptualize, develop, acquire, and construct secure information technology systems". System and network development is the responsibility of this post. Some of the related specialty areas and work roles of the Securely Provision (SP) category are as follows:

• Risk Management: Maintains compliance both internally and externally and is in charge of all cybersecurity risk requirements.

  • Work roles: Senior Official and Security Control Assessor

• Software Development: Programming and creating software.

  • Work roles: Software Developer and Secure Software Assessor

• Systems Architecture: Works on system concepts and capabilities, translating technology and other circumstances to conform with security design and process specifications.

  • Work roles: Enterprise Architect and Security Architect

• Technology R&D: Evaluates integration procedures and facilitates prototype capabilities.

  • Work role: Research and Development Specialist

• Systems Requirements Planning: The customer-facing position that identifies requirements and transforms them into technological solutions.

  • Work role: Systems Requirements Planner

• Test and Evaluation: Compliance testing of systems for standards and requirements.

  • Work role: System Testing and Evaluation Specialist

• Systems Development: Managing the development lifecycle.

  • Work roles: Information Systems Security Developer and Systems Developer

Manages tools for the organization to classify, document, and access intellectual capital

2. Operate and Maintain (OM)

The OM sector is accountable for supporting, maintaining, and administering IT systems to ensure their effective and efficient usage. Some of the related specialty areas and work roles Operate and Maintain (OM) category are as follows:

• Data Administration: Maintains databases and data management systems that provide the storage, security, and utilization of data.

  • Work roles: Database Administrator

• Knowledge Management: Manages organizational tools for classifying, documenting, and gaining access to intellectual capital.

  • Work roles: Knowledge Manager

• Customer Service and Technical Support: Addresses all client concerns and offers first event details.

  • Work roles: Technical Support Specialist

• Network Services: Configures and maintains networks, firewalls, hardware, and software to facilitate the exchange of data that meets security objectives.

  • Work roles: Networks Operations Specialist

• Systems Administration: Configures and maintains networks, firewalls, hardware, and software to facilitate the exchange of data that meets security objectives.

  • Work roles: System Administrator

• Systems Analysis: Creates IT solutions for more secure operations and acts as a bridge between business and IT.

  • Work roles: Systems Security Analyst

3. Oversee & Govern (OV)

Manages information security implications within the organization, specialized program, or other areas of responsibility, including strategy, people, infrastructure, needs, policy enforcement, emergency preparedness, and security awareness resources. Some of the related specialty areas and work roles of Oversee & Govern (OV) category are given below:

• Legal Advice and Advocacy: Serves as the legal voice for cybersecurity initiatives and may push for alterations based on legal issues. This part addresses privacy regulations. Privacy is quickly becoming a fundamental aspect of professions in cybersecurity.

  • Work roles: Cyber Legal Advisor and Privacy Officer

• Training, Education, and Awareness: Staff is trained, and courses and techniques to assist education are evaluated. Those in this category frequently establish a curriculum for enterprise-wide skill development.

  • Work roles: Cyber Instructional Curriculum Developer and Cyber Instructor

• Cybersecurity Management: Directs the cybersecurity program and oversees enterprise-wide security consequences.

  • Work roles: Information Systems Security Manager

• Strategic Planning and Policy: Develops policies and strategies for tackling cybersecurity projects.

  • Work roles: Cyber Workforce Developer and Cyber Policy and Strategy Planner

• Executive Cyber Leadership: Directs employees who do cyber-related tasks.

  • Work roles: Executive Cyber Leader

• Program/Project Management and Acquisition: Utilizes understanding of cybersecurity framework to manage all hardware, software, and information system purchases. The jobs include project management, investment alignment, and auditing duties.

  • Work roles: Program Manager, IT Project Manager, IT Investment Manager, and IT Program Auditor

4. Protect & Defend (PR)

This group directs the mitigation of threats via meticulous study. Some of the related specialty areas and work roles of Protect and Defend (DR) category are listed below:

• Cyber Defense Analysis: Utilizes preventative measures and intelligence to identify real or possible incidents and report them.

  • Work roles: Cyber Defense Analyst

• Cyber Defense Infrastructure Support: To administer computer network protection services, infrastructure hardware and software are evaluated, implemented, and maintained.

  • Work roles: Cyber Defense Infrastructure Support Specialist

• Incident Response: Responds to crises and urgent situations in order to eliminate immediate and potential hazards while evaluating and assessing all pertinent reaction activities.

  • Work roles: Cyber Defense Incident Responder

• Vulnerability Assessment and Management: Assesses risks and vulnerabilities and proposes mitigation strategies.

  • Work roles: Vulnerability Assessment Analyst

5. Analyze (AN)

The AN category assesses and determines the intelligence value of cybersecurity information. Some of the related specialty areas and work roles of Analyze (AN) category are as follows:

• Threat Analysis: Tracks the actions of cybercriminals to create facts that can be used to initiate investigations with law enforcement.

  • Work roles: Threat/Warning Analyst

• Exploitation Analysis: Examines data on the possible exploitation of vulnerabilities.

  • Work roles: Exploitation Analyst

• All-Source Analysis: Evaluates threat information from many sources and contextualizes the results for actionable insights.

  • *Work roles:*All-Source Analyst and Mission Assessment Specialist

• Targets: Utilizes knowledge about locations, entities, and technology to strengthen cyber defenses.

  • Work roles: Target Developer and Target Network Analyst

• Language Analysis: Utilizes language, cultural components, and technological skills to enable the gathering and analysis of cybersecurity actions.

  • Work roles: Multi-Disciplined Language Analyst

6. Collect & Operate (OP)

In addition to specializing in denial and deception operations, this sector collects data to assist intelligence findings. Some of the related specialty areas and work roles of Collect & Operate (OP) category are given below:

• Collection Operations: Manages the collecting process in accordance with established plans and objectives.

  • Work roles: All Source-Collection Manager and All Source-Collection Requirements Manager

• Cyber Operational Planning: Targeting and cybersecurity planning are carried out, and operational plans and directives for cybersecurity actions are documented.

  • Work roles: Cyber Intel Planner, Cyber Ops Planner, and Partner Integration Planner

• Cyber Operations: Performs information collection on criminals or entities in order to mitigate potential real-time risks and prevent espionage and sabotage.

  • Work roles: Cyber Operator

7. Investigate (IN)

Investigate (IN) subgroup examines incidents or crimes involving cybersecurity. Some of the related specialty areas and work roles of Investigate (IN) are listed below:

• Cyber Investigation: Applies different tactics and procedures to ensure processes surrounding investigations, including interviews, questioning, and surveillance.

  • Work roles: Cyber Crime Investigator

• Digital Forensics: Collects and evaluates computer-related evidence to assist vulnerability efforts, criminal activity prosecution, and other investigations.

  • Work roles: Law Enforcement/Counterintelligence Forensics Analyst and Cyber Defense Forensics Analyst

Who Can Use the NICE Framework and How?

The NICE Framework is used by the following professionals:

• Employers: To assist in the definition of their cybersecurity workforces, the identification of important cybersecurity staffing shortfalls, and the creation of cybersecurity employment descriptions compatible with the language of the United States.

• Current and Prospective Cybersecurity Professionals: To assist in the exploration of tasks and job positions, as well as the comprehension of the cybersecurity knowledge, skills, and talents that employers appreciate.

• Staffing Specialists: As a resource for staffing specialists and guidance counselors to help existing and prospective cybersecurity personnel.

• Training and Certification Providers: To assist present and prospective cybersecurity professionals in acquiring and demonstrating the required knowledge, skills, and abilities.

• Education Providers: To assist in the development of curricula, certificate or degree programs, and research that address the knowledge, skills, and abilities required for the tasks.

• Human Resources: To identify the cybersecurity work responsibilities, duties, and related knowledge, skills, and abilities that are associated with their services, hardware, or software.

Employers utilize the NICE Framework for the following purposes:

• Inventory and monitor their cybersecurity workforces to better comprehend their knowledge, skills, and talents, as well as the activities they execute.

• Identify the training and credentials required for personnel to acquire the appropriate knowledge, skills, and abilities to execute cybersecurity duties.

• As soon as the work duties and responsibilities are determined, enhance the position descriptions and job opening announcements by choosing the pertinent knowledge, skills, and talents, as well as tasks.

• Identify the most pertinent job responsibilities and build career pathways to assist individuals in acquiring the required skills for these tasks.

• Develop a common language that enables hiring managers and human resources personnel to attract, retain, and train a highly specialized workforce.

What is NICE Framework Mapping Tool?

The NICE Cybersecurity Workforce Framework Mapping Tool enables managers and human resource professionals to submit cyber descriptions in order to gain a better understanding of how effectively their teams match with the NICE Cybersecurity Workforce Framework.

The Mapping Tool enables users to enter information about a cyber role and produce reports to better understand the alignment of their teams with the NICE Cybersecurity Workforce Framework. This tool assists enterprises in enhancing their cyber defenses. It removes uncertainty from utilizing the NICE Cybersecurity Workforce Framework.

The NICE Cybersecurity Workforce Framework Mapping tool helps you to perform the following tasks:

• Assist in identifying your cyber workforce and initiating workforce planning.

• Permit the printing of a report for workforce development.

• Prepare to report OPM cyber position coding (requirements for OPM Data Element).

• Determine the required skills and training for your team.

• Determine where your employees may be underused.

History of the NICE Framework

The NICE Framework was conceived prior to the foundation of NICE in 2010 in response to the realization that the cybersecurity workforce had not been defined or evaluated. 2007 saw the formation of the IT Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development by the Department of Homeland Security. The objective of the EBK was to establish a national baseline for the knowledge and skills that IT security professionals should possess. In 2008, the Federal Chief Information Officers (CIO) Council was tasked with providing a common framework for understanding the federal government's cybersecurity obligations. The initial release was made in September 2012.

A later evaluation of the whole U.S. government identified particular areas for additional examination and improvement. The Department of Homeland Security (DHS) gathered feedback and validated final recommendations via focus groups with subject matter experts from across the country and from industry, academia, and government in 2014, resulting in the release of version 2.0 of the NICE Framework.

Version 2.0 was expanded by the Office of the Secretary of Defense (OSD) through internal interactions with military components and external engagements with the business sector. The DHS and NIST co-authors collaborated with the OSD to improve their extension into the third edition of the NICE Framework, which was released in August 2017 as NIST Special Publication 800-181. This initial edition of NIST Special Publication 800-181 was intended to stress private sector applicability and underline the notion that the NICE Framework is a resource for both the public and private sectors.

In November 2019, NICE assembled a Core Authoring Team comprised of members from various federal ministries and organizations to initiate modifications to the NICE Framework. This group reviewed replies to a Request for Comments and revised the NICE Framework to enhance its adaptability, modularity, interoperability, and flexibility. The updated draft was made available for public feedback and modified accordingly. November 2020 saw the publication of the fourth and current version of the NICE Framework as NIST Special Publication 800-181 revision 1, the Workforce Framework for Cybersecurity.