Component 3: Cybersecurity Workforce Structure
Lead: DHS supported by OPM


Component 3 is the Workforce Structure component of NICE and focuses on talent management of cybersecurity professionals. It aims to evaluate the professionalization of the workforce, recommend best practices for forecasting future cybersecurity needs, and define national strategies for recruitment and retention.


  • Component 3 works collaboratively with federal agencies, State, Local, Tribal and Territorial (SLTT) governments, industry, and academia to study the application of professionalization in cybersecurity specialty areas.
  • Component 3 is developing scalable and repeatable workforce planning methodologies using leading practices to plan for future cybersecurity needs.
  • Component 3 endeavors to provide a strategy to all levels of government and industry to help them recruit, retain, and grow a qualified cybersecurity workforce.


Component 3 has initiated activities in each focus area:

  • Professionalization – Component 3 is conducting research for a historical case study of how other career groups have executed the professionalization process to inform recommendations for professional cybersecurity evaluation criteria. NICE intends to recommend professionalization standards which will strengthen the cybersecurity field through consistency of membership.

  • Workforce Planning – Component 3 is conducting research into workforce planning best practices and processes, including how organizations have already started to evaluate forecasting for cyber professionals and cybersecurity nuances. NICE is working to ultimately provide methods and tools which will allow organizations to gage their own cybersecurity strengths and weaknesses, forecast their own cybersecurity needs, and provide them with the best practices on how to become more agile to allow for more rapid adaptations to the ever changing technological environment.

  • Recruitment and Retention - Component 3 is gathering data from individuals at all cybersecurity career levels across sectors to develop a cybersecurity professional profile as well as career roadmaps outlining how individuals can enter and progress through the cybersecurity field. The data and tools will shape a national recruitment and retention strategy for cybersecurity, providing organizations of any size with best practice resources to recruit and retain cybersecurity professionals.

News and Activities:
  • OPM Completes Governmentwide Cybersecurity Survey

    Washington, DC - In September 2010 the U.S. Office of Personnel Management (OPM) launched a governmentwide cybersecurity survey to approximately 50,000 employees and their supervisors who handle cybersecurity as part of their daily job responsibilities. The survey results are being used to construct a cybersecurity competency model that pinpoints the skills necessary for a cybersecurity professional and to establish a plan for successful recruitment, performance, and development in Federal cybersecurity positions.
    More.....  Report.....

  • OPM, NICE work to define cybersecurity workforce problems

    Getting a feel for the number of federal, cybersecurity workers is difficult because it involves many different types of work, which are classified differently at each agency. An IT worker, an engineer and an acquisition manager could all be part of the cybersecurity workforce, but not every engineer is working exclusively on cybersecurity issues, explained Higgins.

    OPM will soon launch a survey to assess the competencies of these workers in order to build models that will help OPM better guide agencies and identify areas of need in federal cybersecurity, Higgins said... more...

  • NIST is currently developing guidance to support the development of training for personnel with significant information security responsibilities as well as basic computer security literacy courses. Click here for a copy of the document.

  • One of the strategies that OPM currently employs is the Federal Cyber Service, a scholarship program funded through the National Science Foundation. Go to to learn more.

Events | Resources | FAQs | About NIST | Contact Us