Question: What is the NICE Cybersecurity Workforce Framework?
Updated: January 25, 2022
Answer: The NICE Cybersecurity Workforce Framework is a document published by the National Initiative for Cybersecurity Education (NICE), a partnership between the public and private sectors led by the National Institute of Standards and Technology (NIST) under the auspices of the United States Department of Commerce. The Framework provides a de facto definition of cybersecurity by establishing a classification system for the cybersecurity workforce, breaking the field down into seven major functions, 33 specialized areas of cybersecurity work, and 52 workforce roles associated with specific knowledge, skills, and abilities (KSAs).
Created by Presidential order in 2008, the NICE Framework was conceived as a tool to help assess the state of cybersecurity in the U.S., assist educators in creating academic programs aligned with specific jobs, and guide employers and policy makers toward the goal of increasing the size and improving the capability of the U.S. cybersecurity workforce. In addition, the Framework serves as a resource for students and mid-career professionals who are interested in pursuing work in the field of cybersecurity and who want to gain a better understanding of the types of jobs that are available and the skills that are required for those jobs.
Indeed, one of the benefits of the Framework is that it creates a common shared language for describing a broad range of cybersecurity functions, thereby facilitating more efficient and effective communication across and between government agencies, private sector companies, institutions of higher education, policy makers, training and certification programs, and those who are considering a career in cybersecurity.
It is important to note that, in addition to the NICE Cybersecurity Workforce Framework, NIST maintains a Cybersecurity Framework that is separate from, yet complementary to the NICE Workforce Framework. The NIST Framework articulates the current consensus standards and practices for addressing cyber threats, managing and mitigating cyber risks, and securing and protecting vital digital infrastructure. In contrast, the NICE Framework is aimed at rationalizing the cybersecurity workforce in order to achieve the goals outlined in the NIST Framework.
How to Access the NICE Framework
The full and unabridged Workforce Framework for Cybersecurity (NICE Framework) document, which includes an executive summary and two appendixes, is available in PDF form through the NIST website. The document was most recently updated in November of 2020. In order to make the Framework more flexible and responsive to changes in the evolving field of cybersecurity, the update does not include lists of Competencies, Work Roles, Tasks, and KSAs, which were part of the document in its first iteration. Instead, those lists have been reassigned as “supplemental content” and are maintained in a more easily updateable reference spreadsheet on the NICE Framework Resource Center website, where other resources like the NICE Framework Competencies: Assessing Learners for Cybersecurity Work are available in PDF form.
How to Use the NICE Framework
In addition to the Workforce Framework for Cybersecurity (NICE Framework) document, NIST maintains a user-friendly interactive version of the Framework at the NICE Framework Resource Center site. There are separate sections for Employer Resources, Education and Training Provider Resources, and Learner Resources, as well as links to many other helpful resources, including the NIST Framework documents referenced above. Among the site’s resources for students is a Cybersecurity Career Profiles document that draws on the NICE Framework to highlight nine common functions in cybersecurity and their corresponding workforce designations. These include:
- Cyber Defense Incident Responder
- Cyber Forensics Expert
- Cyber Legal Advisor
- Cyber Security Engineer
- Information Security Systems Manager
- Multi-Discipline Language Analyst
- Software Developer
- Vulnerability Assessment Analyst
The NIST website is further linked to the National Initiative for Cybersecurity Careers and Studies (NICCS), an online resource that is meant to serve as an interface to connect government agencies, students, educators, and businesses with cybersecurity training programs.
The NICCS website includes a section devoted to the NICE Framework that allows users to explore each of the seven categories of common cybersecurity functions, as well as the 33 areas of cybersecurity work that are outlined in the NICE Framework. This online resource is organized hierarchically and illustrates how each of the work specializations aligns with one of the seven cybersecurity functions. For example, under the “Investigate” function, there are two specialty areas: Cyber Investigation and Digital Forensics. By way of comparison, the “Protect and Defend” function encompasses four specialty areas: Cyber Defense Analysis; Cyber Defense Infrastructure Support; Incident Response; and Vulnerability Assessment and Management.
The NICCS site has many additional features, including a searchable “NICE Cybersecurity Workforce Framework Work Roles” database that allows users to select any of the 52 work roles defined in the NICE Framework for detailed information on the abilities, knowledge, skills, and tasks associated with a particular workforce role. For example, selecting “Vulnerability Assessment Analyst” yields a job description, a list of four job-based abilities (identify systemic security issues; apply programming language structures; share meaningful insights about the context of an organization’s threat environment; and apply cybersecurity and privacy principles to organizational requirements), and lists of knowledge, skills, and tasks associated with the work as a vulnerability assessment analyst.
Similarly, users can select a task, skill, knowledge, or ability and find a corresponding workforce role and job description. For example, selecting “Ability to develop curriculum that speaks to the topic at the appropriate level for the target audience” from the Abilities menu yields Cyber Instructional Curriculum Developer, and “Skill in conducting information searches” from the Skills menu brings up the work role Knowledge Manager.
The interactive features described above, and the entire classification system that comprises the NIST Framework, is thus a valuable tool for anyone interested in exploring careers in cybersecurity, as it allows individuals to determine the roles they may already be qualified for while also identifying additional competencies and KSAs they may want to add to their skillset in order to pursue new avenues in the cybersecurity workforce. Conversely, the NIST Framework can be used by employers to better define their needs and narrow their job descriptions in order to attract more qualified candidates. Finally, academic and professional training programs can utilize the NIST Framework as a means of assessing current cybersecurity programs and creating new programs that address industry needs.
For a more detailed, career-based exploration of the relationship between real-world jobs in cybersecurity and the competencies and KSAs outlined and identified in the NICE Cybersecurity Workforce Framework, refer to our Cybersecurity Workforce section.
Careers in Cybersecurity FAQs:
For more information on our research methods, data sources, program classifications, and other important information to consider while visiting this site, please review our Sources and Disclaimers page.