National Cybersecurity Workforce Framework Benjamin Scribner - - PowerPoint PPT Presentation

national cybersecurity workforce framework
SMART_READER_LITE
LIVE PREVIEW

National Cybersecurity Workforce Framework Benjamin Scribner - - PowerPoint PPT Presentation

Nov 10, 2023 172 likes •316 views

Federal Information Systems Security Educators March 19, 2014 National Cybersecurity Workforce Framework Benjamin Scribner Department of Homeland Security (DHS) National Cybersecurity Education & Awareness Branch (CE&A) T HE CYBER THREAT

slide-1
SLIDE 1

National Cybersecurity Workforce Framework

Benjamin Scribner Department of Homeland Security (DHS) National Cybersecurity Education & Awareness Branch (CE&A) Federal Information Systems Security Educators March 19, 2014

slide-2
SLIDE 2

2

THE CYBER THREAT LANDSCAPE

slide-3
SLIDE 3

3

THE CYBER THREAT LANDSCAPE

slide-4
SLIDE 4

4

CYBERSECURITY IS NOT HOMEBUILDING

Employers Training Certification

slide-5
SLIDE 5

5

The National Initiative for Cybersecurity Education (NICE) was established to raise national cybersecurity awareness, broaden the pool of cyber workers through strong education programs, and build a globally competitive cybersecurity workforce.

  • NICE was launched in March 2010 in response to national directives; born from the

Comprehensive National Cybersecurity Initiative (CNCI) (of 2008), recommendation #8

  • NICE is a nationally-coordinated effort comprising over 20 federal departments and

agencies that focuses on cybersecurity awareness, education, training and professional development.

WHY CAN’T WE ALL JUST BE N.I.C.E.?

slide-6
SLIDE 6

NICE developed the National Cybersecurity Workforce Framework (the Framework) to codify cybersecurity work and to identify the specialty areas of cybersecurity professionals.

6

THE SOLUTION

The Framework establishes:

  • A common taxonomy and lexicon which organizes

cybersecurity work into 31 specialty areas within 7 categories.

  • A baseline of tasks, specialty areas, and knowledge, skills

and abilities (KSAs) associated with cybersecurity professionals.

The Framework assists with strategic human capital efforts, including:

  • Workforce Planning
  • Recruitment and Selection
  • Training and Development
  • Succession Planning
slide-7
SLIDE 7

7

Cyber Threat Analysis Targets Exploitation Analysis All Source Intelligence Vulnerability Assessment and Management Incident Response CND Incident Response Computer Network Defense (CND) Digital Forensics Investigation Collection Operations Cyber Operations Planning Cyber Operations Systems Development Test and Evaluation Systems Security Architecture Information Assurance (IA) Compliance Technology Research and Development Software Assurance and Security Engineering Systems Requirement Planning

Investigate Collect and Operate Analyze Protect and Defend

Data Administration Customer Service and Technical Support Systems Security Analysis Knowledge Management Network Services System Administration

Operate and Maintain

Strategic Planning and Policy Security Program Management (CISO) Education and Training Legal Advice and Advocacy Information Systems Security Operations

Oversight and Development Securely Provision

  • The Framework’s 31 Specialty Areas (SA), organized into

7 Categories, encompass the entirety of national cybersecurity work.

  • Organizations can use the SAs to identify, build, and

customize cybersecurity roles based on mission requirements.

FRAMEWORK CATEGORIES AND SPECIALTY AREAS

slide-8
SLIDE 8

8

According to the U.S. Bureau of Labor Statistics, there are approximately 4.0 million people employed in the U.S. IT labor workforce. 82% 5% 4% 5% 3% PRIVATE SECTOR SELF-EMPLOYED FEDERAL GOV'T

Percentage of IT Workers by Technology Domain Percentage of IT Workers by Sector

5% 5% 8% 8% 9% 12% 16% 17% 20% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Application Development Application Support Data Center End-User Computing IT Service Desk IT Management Data Network Finance and Administration Voice Network

*Source: CompTIA Colloquium 2012 - U.S. IT Market Supply and Demand Briefing

U.S. IT WORKFORCE STATISTICS

slide-9
SLIDE 9

Colleges can create programs that are aligned to jobs Students will graduate with knowledge and skills that employers need Employers can recruit from a larger pool of more qualified candidates Employees will have a better defined career path and opportunities Policy makers can set standards to promote workforce professionalization

9

When degrees, jobs, training and certifications are aligned to the Workforce Framework…

BENEFITS OF USING THE FRAMEWORK

slide-10
SLIDE 10

10

AND IT’S REQUIRED

slide-11
SLIDE 11

THE NATIONAL INITIATIVE FOR CYBERSECURITY CAREERS AND STUDIES (NICCS™) PORTAL

11

The Nation’s one-stop-shop for cybersecurity careers and studies

  • Interactive Workforce Framework
  • Searchable Training Catalog
  • Framework implementation how-to guide
  • Stop-Think-Connect awareness materials
  • Teaching & workforce development tools
  • News and events

www.niccs.us-cert.gov

slide-12
SLIDE 12

12

  • Use 3 digits to capture granularity
  • Track people as well as positions
  • Search by task, not title
  • Leverage NICCS and FedVTE
  • Develop career paths aligned to Framework
  • Promote Framework adoption
  • Get involved!

A FEW BEST PRACTICES

slide-13
SLIDE 13

13

Questions?

NICE will continue to share materials with cybersecurity professionals across the nation in the public, private, and academic sectors. For questions about NICE, the Framework, and other initiatives, please contact:

Ben Scribner

National Cybersecurity Education & Awareness Branch Tel (703) 235-5293, Benjamin.Scribner@hq.dhs.gov Visit the Framework here: http://niccs.us-cert.gov/training/tc/framework Visit NICCS here: www.niccs.us-cert.gov