NIST Releases Draft NISTIR 8193, National Initiative for Cybersecurity Education (NICE) Framework Work Role Capability Indicators: Indicators for Performing Work Roles.
Comments for this draft NISTIR are due by: December 8, 2017.
The national need for a common lexicon to describe and organize the cybersecurity workforce and requisite knowledge, skills, and abilities (KSAs) led to the creation of the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NICE Framework). The NICE Framework defines the spectrum of cybersecurity work as well as tasks and knowledge, skills, and abilities (KSAs) for over 50 common Work Roles. While the Work Roles have made the NICE Framework easier to associate to specific positions, they do not provide organizations with guidance on how to determine if a professional can perform a Work Role. This report provides capability indicators which are intended to help organizations address this challenge. Capability indicators are recommended education, certification, training, experiential learning, and continuous learning that could signal an increased ability to perform a given Work Role. Though capability indicators are not formal qualification requirements, they provide a menu of characteristics recommended by subject matter experts (SMEs) that should be customized by each organization based on need and incorporated into hiring and employee development efforts (e.g., recruiting, building career paths). Overarching findings pertaining to capability indicators across Work Roles and proficiency levels are also provided in this report.