The NIST NICE Framework


UNSW Canberra Cyber is placing a high value on a framework that helps define cybersecurity education and related work roles.

The framework, referred to as the National Initiative for Cybersecurity Education (NICE) Framework, is a product of the National Institute for Standards and Technology (NIST). This framework has a corresponding NIST special publication; SP.800-181 which describes a reference structure for a cybersecurity workforce.

The great thing about the NIST NICE framework is that it drills down to the depths of cybersecurity roles in todays connected workforce and describes the knowledge, skills, abilities and tasks (KSATs) a role requires to be effective. These KSATs are tabled in documents, providing an excellent reference resource for job seekers and employers alike, and work around this initiative is ongoing through the NIST working groups and other areas.

The framework sets out seven broad categories in the cybersecurity workforce, with thirty-three specialty areas underneath that, and thereafter defines fifty-two work roles. This data is highly detailed information on the different listed areas, enabling access to clear definitions in a shared language, for anyone involved in cyber security. For example, The National Institute for Cybersecurity Careers and Studies (NICCS) puts this data into a indexed and searchable webpage, which can provide great insight to any number of KSATs, categories, specialty areas or work roles.

This is useful for employees or employers to clearly identify where their skill set is and what a skilled worker looks like for any given security role. It is also highly valuable to education providers, setting out what a course, module or other educational product for cybersecurity can provide for a student.

This enables all participants in cyber security, from early career security professionals through to seasoned agencies looking for candidates to talk about the same verifiable skill set.