NIST releases draft version of the NICE Framework

NIST's National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework aims to provide organizations with a common vocabulary when describing the role, area of specialty, category of work, and the knowledge, skills, and abilities (KSA) of cybersecurity professionals.

According to the NIST report, "The NICE Cybersecurity Workforce Framework improves communication, about how to identify, recruit, develop, and retain cyber security talent". Employers, recruiters, and guidance counselors, for example, may use the framework as a resource when writing cybersecurity job descriptions, or use it to define with greater clarity the types of IT security professionals in the workforce.

The NICE Framework is comprised of the following components:

  • Categories (7) – A high-level grouping of common cybersecurity functions;
  • Specialty Areas (33) – Distinct areas of cybersecurity work;
  • Work Roles (52) – The most detailed groupings cybersecurity work comprised of specific knowledge, skills, and abilities required to perform tasks in a work role;
    • Knowledge, Skills, and Abilities (KSAs) – Attributes required to perform Tasks, generally demonstrated through relevant experience or performance-based education and training.
    • Tasks – Specific work activities that could be assigned to a professional working in one of the NICE Framework’s Work Roles.

The next draft of NIST Special Publication 800-16, a Role-Based Model for Federal Information Technology/Cybersecurity Training (Fall 2017), will include cybersecurity competencies that will be linked with components of the NICE Framework.

Download the NICE Cybersecurity Workforce Framework (aka the NICE Framework)

Source: www.nist.gov, www.darkreading.com

News

SMESEC project Open Call for SMEs and SME associations
SMESEC has released an open call for SMEs and SME associations in order to validate SMESEC framework and at the same time improve their systems’ security.
 
SMESEC is inviting SMEs to participate in the validation of the SMESEC framework. By participating you not only have influence on the evaluation of the SMESEC framework, but also improve your own company security and get up to €20.000 of funds!

Future Events

CYBERUK 2019
24/04/2019 to 25/04/2019
Image:

CYBERUK is the UK government’s flagship cyber security event. Hosted by the National Cyber Security Centre (NCSC), it features world-class speakers, solutions and opportunities for interaction between the public and private sectors. You will be briefed on the evolving cyber threat and how we must respond as individuals and as a community to keep Britain safe in cyberspace.

CYBERUK 2019
24/04/2019 to 25/04/2019
Image:

Where: Scottish Event Campus (SEC), Glasgow
When: 24-25 April 2019
 
CYBERUK is the UK government’s flagship cyber security event. Hosted by the National Cyber Security Centre (NCSC), it features world-class speakers, solutions and opportunities for interaction between the public and private sectors. You will be briefed on the evolving cyber threat and how we must respond as individuals and as a community to keep Britain safe in cyberspace.