Categorizing and Describing Cybersecurity Work for the Nation

Last Published Date: 
September 1, 2017

As of Friday, September 1, 2017, NICCS has integrated the latest National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework into our NICCS Cybersecurity Workforce Framework and Education and Training Catalog.

The NICE Cybersecurity Workforce Framework provides a national, standardized approach for categorizing and describing cybersecurity work. After years of refining, on Monday, August 7th, NICE announced the latest release of the NICE Cybersecurity Workforce Framework, known as Special Publication 800-181.  The goal of the new release is to continue to help organizations build their cybersecurity workforce.

While the original Framework was made up of the following structure;

the newest Framework now has the following structure:

Special Publication 800-181 further defines the Framework’s Specialty Areas by introducing Work Roles, which are detailed groupings of cybersecurity and related work.  Each of the 52 Work Roles includes all Tasks that are performed by individuals within these roles, as well as, knowledge, skills, and abilities that are required to succeed in that Work Role.

The new NICE Framework is comprised of the following components:

  • Categories (7):  A high-level grouping of common cybersecurity functions;
  • Specialty Areas: Increases by +2 from 31 to 33 – Distinct areas of cybersecurity work;
  • Work Roles (52): NEW and the most detailed groupings cybersecurity work comprised of specific knowledge, skills, and abilities required to perform tasks in a work role;
    • KSAs:  Knowledge, Skills, and Abilities are attributes required to perform Tasks, generally demonstrated through relevant experience or performance-based education and training.
    • Tasks:  Specific defined pieces of work that, combined with other identified Tasks, composes the work in a specific specialty area or work role. 

For more information, please visit: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

NIST Special Publication 800-181 can be referenced at: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf