NIST Special Publication (SP) 800-50r1 (Revision 1), Building a Cybersecurity and Privacy Learning Program, provides updated guidance for developing and managing a robust cybersecurity and privacy learning program in the Federal Government. This revision was informed by National Defense Authorization Act (NDAA) for FY2021, the Cybersecurity Enhancement Act of 2014, and the NICE Workforce Framework for Cybersecurity (NICE Framework). In addition, the 2016 update to Office of Management and Budget (OMB) Circular A-130 emphasizes the role of both privacy and security in the federal information life cycle and requires agencies to have both security and privacy awareness and training programs.
This revision to SP 800-50:
With the publication of SP 800-50r1, NIST has ceased developing a companion guide—SP 800-16r1 third public draft, A Role-Based Model for Federal Information Technology/Cybersecurity Training—and has withdrawn SP 800-16, Information Technology Security Training Requirements: a Role- and Performance-Based Model (1998).
Security and Privacy: awareness training & education, continuous monitoring, general security & privacy
Applications: cybersecurity education
Laws and Regulations: Cybersecurity Enhancement Act, OMB Circular A-130