NICE Cybersecurity Workforce Framework


The NICE Cybersecurity Workforce Framework (NCWF) is a national resource that categorizes and describes cybersecurity work. It provides employers, employees, educators, students, and training providers with a common language to define cybersecurity work as well as a common set of tasks and skills required to perform cybersecurity work. Through the process of identifying the cybersecurity workforce and using a standard set of terms we can work together to educate, recruit, train, develop, and retain a highly-qualified workforce. 

NICE Cybersecurity Workforce Framework Overview

The first NCWF was developed by human capital and cybersecurity subject matter experts at several Federal departments, agencies and office.  NCWF 1.0 was posted for public comment in September 2012 and published for use by both the private and public sectors in April 2013.  NCWF 2.0 was developed through a series of panel discussions led by Department of Homeland Security on a subset of the “specialty areas” from NCWF 1.0 and posted for use in 2014.

In 2015, NICE developed a new strategic plan that included an objective to publish and raise awareness of the NCWF to aid our Nation as it tackles the challenges of guiding cybersecurity career development and workforce planning. 

NIST published the latest NCWF (draft NIST Special Publication 800-181) developed with leadership for the Department of Defense and DHS on November 2, 2016. Draft 800-181 aka NCWF is meant to be a cybersecurity workforce dictionary, and consumers of the NCWF can reference it for different workforce development, education, and/or training purposes. It can be used as the starting point to help set standards for developing academic pathways, career pathways, position descriptions, and training content. The NCWF helps to ensure our nation is able to educate, recruit, train, develop, and retain a highly qualified cybersecurity workforce. It serves several key audiences within the cybersecurity community including:

  • Employers, to help assess their cybersecurity workforce, identify critical gaps in cybersecurity staffing, and improve position descriptions;
  • Current and future employees, to help explore Tasks and Work Roles and assist with understanding the KSAs that are being valued by employers for in-demand cybersecurity jobs and positions. The NCWF also enables staffing specialists and guidance counselors to use the NCWF as a resource to support these employees or job seekers;
  • Training and certification providers who desire to help current and future members of the cybersecurity workforce gain and demonstrate the KSAs;
  • Education providers who may use the NCWF as a reference to develop curriculum, courses, seminars, and research that cover the KSAs and Tasks described; and
  • Technology providers who can identify cybersecurity Work Roles and specific Tasks and KSAs associated with services and hardware/software products they supply.

The NCWF is comprised of the following components:

  • Categories (7) – A high-level grouping of common cybersecurity functions;
  • Specialty Areas (33) – Distinct areas of cybersecurity work;
  • Work Roles (52) – The most detailed groupings cybersecurity work comprised of specific knowledge, skills, and abilities required to perform tasks in a work role;
  • Tasks – Specific work activities that could be assigned to a professional working in one of the NCWF’s Work Roles; and
  • Knowledge, Skills, and Abilities (KSAs) – Attributes required to perform Tasks, generally demonstrated through relevant experience or performance-based education and training.

Comments on the NCWF draft are due by January 6, 2017, and a final version of the NCWF will released in the spring of 2017. 


Supporting Materials


Cybersecurity Work Categories

NICE Cube - Workforce Framework

NICE Email Updates
govdelivery bubble icon  Sign Up for NICE E-mail alerts or change your subscriber preferences, please enter your contact information:

Contact Us