Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NICE 2018 Fall eNewsletter

| Featured Article | NICE Framework in Focus | Academic Spotlight | Industry Spotlight | Government Spotlight | Affiliated Program Updates | Funded Project Updates | NICE Working Group Updates | Key Dates |

Subscribe to the NICE eNewsletter


Aditya Singh

Welcome! My name is Aditya Singh, and I was an Intern at the NICE Program Office this past summer. I secured my internship with NICE through the Summer High School Internship Program (SHIP) at NIST. I am currently a senior at River Hill High School in Clarksville, Maryland, and as I apply for college I hope to pursue a major in Computer Science. One of my main projects this summer was to analyze the numerous categories and subcategories of the Framework for Improving Critical Infrastructure Cybersecurity and align them to the NICE Cybersecurity Workforce Framework work roles. While both frameworks sufficiently describe cybersecurity, it is helpful to see them mapped together to show linkages between the what and the who of cybersecurity work. This quarter’s featured article will further explain how these two frameworks meet. I hope my contributions to this mapping project provide a greater level of understanding!

Featured Article

By Bill Newhouse, Deputy Director, National Initiative for Cybersecurity Education, National Institute of Standards and Technology, U.S. Department of Commerce, and Greg Witte, Security Engineer, G2 Inc.

Over the last few years, NIST has been taking deliberate steps to integrate its cybersecurity initiatives, especially those happening with its Applied Cybersecurity Division (ACD), one of seven technical divisions in NIST’s Information Technology Laboratory. ACD implements practical cybersecurity and privacy guidance through outreach and effective application of those standards and best practices necessary for the U.S. to operationalize cybersecurity capabilities.

Two important efforts underway within ACD include the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework), which helps organizations to better understand and improve their cybersecurity risk management and the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NICE Framework). Both the Cybersecurity Framework and the NICE Framework offer a common lexicon and taxonomy that have helped to evolve our nation’s efforts in cybersecurity risk management and workforce education and training.

The Cybersecurity Framework includes a companion roadmap that discusses NIST’s next steps with the Framework and identifies key areas of development, alignment, and collaboration. Workforce has always been identified as one of the key areas to relate to in the Cybersecurity Framework, and ACD has begun efforts to map the Cybersecurity Framework to the NICE Framework. This mapping allows organizations to not only use the Cybersecurity Framework to answer the what and how questions about where to begin to address cybersecurity risk, but also use the NICE Framework to address who is needed to perform the cybersecurity work to help organizations reduce risk.

The Framework for Improving Critical Infrastructure Cybersecurity

The Cybersecurity Framework was developed with a focus on industries vital to national and economic security, including energy, banking, communications, and the defense industrial base. When the plan for creation of the Cybersecurity Framework was first announced in the 2013 State of the Union address, the President called for a model that would encourage use of existing standards and would help users to build an actionable roadmap to document effective practices and improve cybersecurity. It has since proven flexible enough to be adopted voluntarily by large and small companies and organizations across all industry sectors, as well as by federal, state, and local governments.

ACD published the first version of the Cybersecurity Framework in 2014 and last year produced an updated version (1.1). “The release of Cybersecurity Framework Version 1.1 is a significant advance that truly reflects the success of the public-private model for addressing cybersecurity challenges,” said Under Secretary of Commerce for Standards and Technology and NIST Director, Walter G. Copan. “From the very beginning, the Cybersecurity Framework has been a collaborative effort involving stakeholders from government, industry and academia. The impact of their work is evident in the widespread adoption of the framework by organizations across the United States, as well as internationally."

The NICE Cybersecurity Workforce Framework

A skilled cybersecurity workforce is needed to meet the unique cybersecurity needs of critical infrastructure, large and small companies, and organizations across all industry sectors, as well as by federal, state and local governments, as noted in the Cybersecurity Framework companion roadmap. 

Readers of this eNewsletter know that NICE is a partnership between government, academia, and the private sector working to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development to support a digital economy enabled by a knowledgeable and skilled cybersecurity workforce. Common taxonomy and language from the NICE Framework, a nationally-focused resource that categorizes and describes cybersecurity work, plays a central role in facilitating the public-private partnership. 

The Challenge

For organizations who may just have come to the realization that they need to build a cybersecurity program to mitigate cybersecurity risks to their mission and business processes, the Cybersecurity Framework’s core is a set of cybersecurity activities, desired outcomes, and applicable references which offers organizations a systematic approach to help identify what to do and to answer how to address cybersecurity risk.


Identify, Detect, Respond, Protect, and Recover
Credit: N. Hanacek/NIST

The Cybersecurity Framework’s five functions expand to 23 categories and 108 subcategories, each of which has associated informative references. Mapping the Cybersecurity Framework’s subcategories to NICE Framework work roles connect the what's needed and how to accomplish it questions, with the who is needed questions when building a program to address cybersecurity risk. Subcategories are written as positive outcomes, such as the third subcategory of the Risk Assessment category of the Identify function, “Threats, both internal and external, are identified and documented”. While the Cybersecurity Framework draws on many industry-recognized references to help an organization decide what needs to be done to achieve cybersecurity goals, it does little to clarify just who will contribute to the activities necessary to make those goals reality.   

Practitioners of the Cybersecurity Framework can record an organization’s policies and practices in a template called a "Profile", which documents the various activities, expressed as outcomes, that should be performed. Cybersecurity framework profiles are an organization’s unique alignment of their organizational requirements and objectives, risk appetite, and resources against the desired outcomes of the framework core. Profiles are primarily used to identify and prioritize opportunities for improving cybersecurity at an organization but offer very little to help an organization understand who they need to have on board to take on the challenges that are identified.  

The who question also exists in a field that most recently showed 301,873 cybersecurity job openings in the U.S. based on data from April, 2017 through March, 2018. Cyberseek, the source of this data, maps the job openings to the categories of work identified in the NICE Framework.

Working from “What and How” to “Who”

WHAT: An organizational policy states that, “The information system wipes device and wipes account information from managed mobile devices using the organization’s mobile device management system after 10 consecutive, unsuccessful device logon attempts.” Opportunities to improve this practice to reduce risk are often documented in a target profile. 

HOW: The target profile might include a desired outcome like, “The organization has a mobile device management system that includes remote wipe-device and wipe-account capabilities.” Identifying if the desired outcome supports the policy helps create a roadmap to reduce risk but does not answer the important part about who will be responsible for making the outcome happen.

The Cybersecurity Framework includes this security control in the subcategory identified as PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks).

WHO: Mappings of the Cybersecurity Framework components to NICE Framework work roles can be done by taking keywords in the subcategory outcome description and searching for those keywords in an online NICE Framework database. In this instance, the keyword “authentication” returns the following:

Task ID: T0446
Task Description: Design, develop, integrate, and update system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation.
Work Role ID: SP-SYS-001
Work Role: Information Systems Security Developer
Work Role Description: Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
Category: Securely Provision
Specialty Area: Systems Development

Task ID: T0489
Task Description: Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
Work Role ID: OM-ANA-001
Work Role: Systems Security Analyst
Work Role Description: Responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Category: Operate and Maintain
Specialty Area: Systems Analysis

One can use the same database to identify knowledge, skill, ability, and additional task statements for these work roles that can help determine if someone with these skills already exists within the organization to perform this role, or to look for training mapped to the NICE Framework for an existing employee, or to develop a position description and advertise a job vacancy using NICE Framework language to help improve the chances applicants can perform the work necessary to reduce cybersecurity risk.


To help disseminate this much needed information, ACD is in the process of documenting the NICE Framework work roles most relevant to perform the work described by the positive outcomes expressed in each of the 108 subcategories from the Cybersecurity Framework. Like many of NIST’s products, it’s not prescriptive, but is intended instead to enable organizations to address not only the What and How outcomes for cybersecurity improvement most needed for that organization, but also determine the Who that is needed to achieve those objectives.

NICE Framework in Focus

A profile of a cybersecurity practitioner to illustrate application of the NICE Cybersecurity Workforce Framework categories, specialty areas, and work roles.

NICE Framework Category: Protect and Defend 

Description: Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks.

NICE Framework Specialty Areas

  • Cyber Defense Analysis: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
  • Incident Response: Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities.  

Name:  Matthew McCollough 

NICE Framework in Focus Matt McCullough

Title: Security Operations Center (SOC) Analyst

Organization: Minnesota IT Standards and Resource Management Security Operations Center

Work Roles: Cyber Defense Analyst/Cyber Defense Incident Responder 

Academic Degrees: Associate of Applied Science in Paramedic Sciences, Century College; Bachelor of Science in Business and Physiology, University of Minnesota; Associate of Applied Science in Network and Systems Administration, Lake Superior College; Master of Science in Information Assurance and Cybersecurity, Saint Cloud State University

Certifications: CompTIA Security+; CompTIA Cybersecurity Analyst CySA+; Certified Information Security Professional (CISSP) Associate 

Q: Welcome to the NICE eNewsletter regular column on the NICE Cybersecurity Workforce Framework in Focus. The NICE framework is a way to describe cybersecurity work. It provides common definitions and a taxonomy that describes seven categories, 33 specialty areas, and 52 work roles, and there's lots of details in the framework including, tasks, knowledge, skills and abilities. But it really helps to bring those work roles and specialty areas to life when we can profile somebody who's doing the real work. So, I'm pleased today to welcome Matthew McCollough, from Minnesota, who's going to talk to us about his work in cybersecurity. Matt, thanks for joining us today.

A: Thank you for having me.

Q: Matt, why don't you explain a little bit about your role and responsibilities as a SOC Analyst in a security operations center.

A: My role as SOC analyst kind of revolves around three primary responsibilities right now. The first one being, "eyes-on glass", which is your serious, typical SOC duties of parsing through all of our logs, and looking through our SIMS, and trying to identify any actionable incidents, or actionable threats that are happening on our network. When we're not doing that, my other two roles revolve around two other kind of big projects we're rolling out at the State of Minnesota. The first one being, I manage the endpoint anti-virus solution for the 25 thousand endpoints we have. When that's not taking up the rest of my day, I help out with the third project which is trying to encompass all of our county networks into our centralized state network and helping roll out our daily IT solutions to each of them.

To listen to the full audio interview with Matthew McCollough, Security Operations Center analyst, Minnesota IT Standards and Resource Management Security Operations Center, click on the audio below.

Audio file

Download a transcript of the interview

Academic Spotlight

By Sean McNally, CyberPatriot Coordinator, Elk Grove Unified School District (EGUSD); Veronica Barajas, Librarian, Zachry Middle School; Marc Segal, Director of Innovation, Atlas; and Matt Pronio, Program Manager, Nepris

For the first time since the Labor Department started keeping track in 2000, there are more job openings in the U.S. than unemployed workers to fill them. The number of openings hit a record 6.7 million for July 2018, exceeding the number of jobless by 352,000. On paper, there are more jobs than job seekers. This news comes as the unemployment rate sits at 3.9 percent nationwide, a rate that measures the percentage of out-of-work people who are actively looking for a job against the entire labor force.

We have a unique situation—a low jobless rate, record job openings, and more than enough people to fill them. So why aren’t employers hiring the millions available who are actively looking for work? Some economists consider a big factor to be a skills mismatch. Simply put, there is a disconnect between the skills employers are looking for in their workers and the skills the jobseekers have.

Entire industries, as well as individual companies, are feeling the pressure of these issues already, and are on the hunt for a solution. It all comes down to the education and training of both the current and future workforces in a way that is both exciting and effective.

Sean’s Story 

As a CyberPatriot Coordinator in Sacramento, CA, I am working diligently to help fill the cybersecurity workforce pipeline by providing regional training opportunities for students, teachers, and technical mentors on all things cybersecurity. In an industry like cybersecurity, where technology progresses quickly and there is a very real need to be ahead of the curve, being well-trained is critical. By introducing students to professionals in the field and to the career options that are available, I hope that they can be excited and passionate about learning more.

NICE Nepris Screen Shot


I have been able to keep my trainings relevant and insightful with Nepris, an online, skills-based volunteering platform that virtually connects today’s industry professionals with teachers and students in the classroom to provide insight and training for careers. I use the video chat platform to enable thousands of students to connect with industry professionals at the same time, regardless of location. Today’s students, who will become the future workforce, are loving it. 

This interaction feeds our students’ curiosity in the field of cybersecurity and advances their learning of it. Giving them access to well-trained professionals, levels the playing field and allows all students from all backgrounds the opportunity to learn. It is my understanding that there are over 35,000 educators that currently use this platform, spanning every state in the country. All of us are concerned about tomorrow’s workforce needs.

Veronica’s Story

As a school librarian, I help my middle schoolers connect with industry professionals based on topics they are interested in. These topics include: how the scarab beetle changed history, global warming, careers in cybersecurity, the effects of radiation on humans, civil rights, journey to Mars, careers in AI, intelligence, gaming, music’s effect on mood, side effects of prescription medicines, and sports injuries, just to name a few. Once the topic is chosen, I use Nepris to scour the globe for professionals to match each need, and connect them with the classroom for short, micro-engagements of inspiration. 

I have also looked at the Industry Chats feature where industry professionals submit their own ideas and they pick a topic, date, and time convenient for them to chat. The classroom joins the live discussion and multiple classrooms can be involved in a single engagement. It definitely increases the impact of the industry professional, and the students like it as well.

Marc’s Story

I am a civil engineer in Austin, TX, and like other industry professionals I am interested in giving back and engaging students to see the exciting career options in STEM. I connected with a classroom that was working on a project to solve Austin’s traffic problems. I was so impressed with their ideas, engagement, and feedback, that I submitted an industry chat on the same topic; all about traffic, its causes, and solutions

It’s awesome to watch their eyes light up when they make the connection during one of our sessions. You can almost watch their minds at work: thinking, exploring, solving problems. There’s an incredible amount of untapped potential in these students, and I hope to bring it to the surface. I often receive emails from teachers with photos of hand-written thank you notes from the students. In those notes are also student’s ideas on how to solve the problems we discussed in my session. 

I’ve seen how students take what they learn from these connections and apply it to their lives. It shows a desire to act and to solve problems. After one connection about community service, I couldn’t help but be proud when the teacher’s students went on to start their own community service project. They put their learning to action and made a difference in their community.

Matt’s Viewpoint 

I’m lucky enough to experience the impact and value of these engagements on a regular basis as the program manager for the online platform used to support learning - watching the metaphorical lightbulb flicker on in a student's brain and witnessing their excitement and energy afterwards is incredible. Connecting students with industry professionals makes classroom learning truly relevant, beyond the typical quizzes, tests, and projects of school. It enables every student, regardless of background, location, or socioeconomic status, to see real-world application of their lessons and opens the door for early career exposure that might not otherwise be possible. The Career Explorer tool within Nepris is connected to O*NET and the U.S. Department of Labor, so students can search different careers to learn about a career’s future outlook, the education and skills necessary for it, salaries, personality matches, work styles, and more. 

Once they find their passion, I’ve seen that students have an insatiable appetite for knowledge, which leads to them virtually working with current industry professionals to define a career pathway. Because these professionals are scattered across the nation and the globe, they provide students with different ideas, perspectives, and experiences that just aren’t available in every American hometown. With this early exposure to different career perspectives and a defined career path, students get a huge jump-start on the industry-specific education and training needed for their dream career, which equates to a far more sophisticated employee. All this, and the students haven’t even left the classroom. 

Putting learning into action, exposing students to a variety of careers, and providing them with a career path to follow from an early age is irreplaceable. Outcomes like these speak volumes, especially as finding skilled workers becomes more difficult. Students are begging to learn more about what opportunities are out there, and some of the most common requests might surprise you: healthcare, construction, IT, agriculture, welding, cybersecurity, hospitality, manufacturing, aerospace, and more. These are also some of the careers that are most in need of skilled workers. 

Once students are engaged in these interactions they begin to see the bigger picture and what is possible for them. They don’t just listen more attentively - they become more engaged in learning, asking questions and thinking through problems that deepen their understanding of a topic. They see a future for themselves that was previously unimaginable, and many have been inspired to pursue careers based on these connections. Students see how different industries and careers impact their world and they want to take part in that change. This level of engagement and progress doesn’t often come this easy, and just might be the game changer America’s workforce needs.

Industry Spotlight

Investing in Future Generations to Propel Progress in Cybersecurity Industry
By Matt Richards, Chief Marketing Officer at Datto 

Cyber threats are scary. Especially if you are a small business and your data is being held for ransom through ransomware--the threat is real. Businesses now face tremendous challenges in keeping their data secure and accessible, while complying with industry and consumer privacy regulations. While the hit felt by loss of data can be equal to businesses of all sizes, large corporations have the financial resources to protect their data against large scale attacks with high-end infrastructure. Small and medium sized businesses simply do not. Datto’s CEO, Austin McChord, wanted to do something about it. 

In 2009, he graduated with a 2.2 GPA from Rochester Institute of Technology (RIT). Unlike many of his classmates, McChord didn’t have his sights set on landing the big job at a Silicon Valley tech company. No, his focus was on other things--namely starting his own company. He had been conceptualizing a technology that could help companies outside the enterprise back up and protect their data--a piece of hardware. He was counseled against pursuing it, but disregarding advice, he started Datto in his parents’ basement in Connecticut using $80,000 of “funding” obtained by using a credit card. 

Today, Datto is still in Connecticut, but also has 21 other locations worldwide. Datto has 1,400 employees who provide data protection, business management, networking and cloud-to-cloud backup to customers who are IT managed service providers (MSPs) that service the non-enterprise businesses who really need it. The company touches more than half a million small and medium businesses through over 14,000 partners and continues to grow. In late 2017, Datto was successfully acquired by Vista Equity Partners and simultaneously merged with Autotask Corporation. 

After the acquisition, McChord was grateful for his success in developing solutions in cybersecurity and wanted to encourage workforce innovation by seeding the success of others in his path. McChord is grateful for the terrific teachers he had along the way, at RIT and before. The crucial shortage of cybersecurity teachers was identified in the recent response to the President’s Executive Order as a challenge to growing our cybersecurity workforce. With this and the need for great teachers in mind, last year, McChord donated $50 million to his alma mater RIT, the largest individual contribution in the school’s history. It landed McChord on The Chronicle of Philanthropy’s “Philanthropy 50” list, and he was the youngest person on it. 

His gift will be used to fund two projects: The first $30 million will be used for creative entrepreneurship initiatives, including scholarships for students to take an "entrepreneurial gap year." The other $20 million will be used to address the shortage of teaching talent and curriculum in cybersecurity, and this funding will be used to expand facilities and establish endowments to attract and retain faculty and graduate students, primarily in the B. Thomas Golisano College of Computing and Information Sciences, the largest of RIT’s nine colleges. 

“Austin’s very generous donation will be used to establish a Global Cybersecurity Institute at RIT, which will build on the university’s established expertise in computing and cybersecurity,” said Anne Haake, dean of the B. Thomas Golisano College of Computing and Information Sciences. “Since 2006, RIT has been designated as a Center for Academic Excellence in Information Assurance and Cyber Defense by the Department of Homeland Security and the National Security Agency, and we are one of the few in the country to have a designated department of cybersecurity. In 2017, the department, which offers both bachelor and Master of Sciences degrees in computing security had nearly 400 students enrolled. This gift will go toward expanding our facilities, helping meet the national demand for talented graduates in this field.”

Small and medium businesses paid more than $300 million globally in ransom after their data was hijacked by ransomware, according to our 2017 annual survey. Fighting for these businesses is Datto’s cause and we believe that investment in innovation matters, whether it’s through the training and upskilling of current employees or supporting education and research to develop future employees. Consider the generational impact that a focused endowment can make on the future of your industry. 

“My goal with this gift is two-fold,” said Austin McChord. “First is to help make more resources available to students, alumni and the community at-large to create, build and innovate for the future. But it’s also to help recognize those who helped you along the way. My success today would not have been possible without my time at RIT.”

Government Spotlight

By Brian Marko, Program Manager, Energy Sector Exercises, Infrastructure Security & Energy Restoration (ISER), Office of Cybersecurity, Energy Security, and Emergency Response (CESER), U.S. Department of Energy

Capitalizing on the expertise of its national laboratories, the U.S. Department of Energy (DOE) hosts interactive, scenario-based competitions to give student teams a hands-on cybersecurity experience that raises awareness of the nexus between critical infrastructure and cybersecurity. This initiative is focused on supporting the capacity of cybersecurity talent and to fill the gap between supply and demand. “Unfilled cybersecurity careers will reach more than 1.5 million by 2019, and with the ever-increasing amount of technology placed on the internet, security is a high priority.” 

DOE’s competitions feature cyber-physical infrastructure, lifelike anomalies and constraints, and actual end users, allowing students to get a realistic experience managing threats and vulnerabilities in the energy system. Students use a hands-on security approach to defend their team’s infrastructure against attacks from servers and virtual machines on the physical devices in front of them.


US DOE CyberForce Competition

Cybersecurity Competitions

The competition is focused on building actual scenarios relevant to the energy sector that incorporate real-world constraints such as limited budget for maintenance or upkeep, insufficient understanding of the system’s needs, website defacement, and lack of permission controls. The approach is to provide the following: 

  1. Cyber-Physical Infrastructure
    A cyber-physical device is provided to each team, allowing students to see the real-world implications of a disruption to critical infrastructure from a cyber-attack. When the team’s cyber infrastructure is compromised, the participants will see the light bulb go out indicating a disruption in critical services to utility customers.
  2. Unique Defenses 
    Encourages teams to employ unique defense strategies and techniques to safeguard their cyber assets. Teams are scored on their level of innovation in creating solutions, such as developing a working defense to continuously maintain system operations and avoid service disruptions.
  3. Usability 
    Many cyber defense competitions do not account for system usability, defined as the end user's ability to continue operations. DOE’s competitions not only account for system usability as defined by end user’s ability to continue operations, but also assess usability as part of each team’s overall score, requiring teams to balance security and usability. If users are unable to navigate the system, or complete basic tasks within the system, the team’s usability score decreases. Teams face the added challenge of interacting with end users and working through real-world issues and requests made by the end user, all while actively defending their networks.
  4. National Laboratory Expertise
    DOE leverages the technical expertise of the national laboratories to develop unique scenarios and facilitate participation by teams across the United States.

In summary, the CyberForce Competition is designed to address several primary objectives that benefit DOE and the energy sector:

  1. Inspire and develop high-caliber candidates to join the energy workforce.
  2. Raise awareness of the DOE and national laboratory leadership in cybersecurity.
  3. Participation by students, and demonstration of value to industry partners.


US DOE CyberForce Comp Banner

Team applications must be submitted by September 28, 2018. For more information on the CyberForce Competition, please visit here .

Affiliated Program Updates

Various organizations within the U.S. government own and operate programs designed to enhance the cybersecurity education, training, and workforce development needs of the nation. The following are a few of those programs.

National Initiative for Cybersecurity Careers and Studies (NICCS)

The National Initiative for Cybersecurity Careers & Studies (NICCS) is the nation’s one-stop shop for cybersecurity careers and studies. It connects the public with information on cybersecurity awareness, degree programs, training, careers, and talent management. As of September 2018, the Training Catalog connects the public to over 4,000 courses every day.

The NICCS Team has recently updated the website to improve the way users navigate the site and access the various cybersecurity resources available. Additionally, over the last few months, NICCS has added the following new features:

  • The CAE Highlight Page
  • NICE Cybersecurity Workforce Framework Capability Indicators Feature
  • NICE Cybersecurity Workforce Framework Keyword Search Feature

The CAE Highlight Page

NICCS is proud to announce a new initiative highlighting the National Centers of Academic Excellence (CAE) in Cyber Defense on the NICCS website. To show appreciation to the CAEs who contribute to the NICCS Training Catalog, each quarter we will highlight two to four CAEs, and the courses that they provide, on the new CAE Highlights page. CAEs can self-nominate to be featured on NICCS; however, they must already be a NICCS Training Provider before submitting the following:

  • Highlight image(s) (size 1000px by 400px) of your CAE and your CAE logo that are 508 compliant
  • One-paragraph (250 words max) introducing the CAE
  • Link to the CAE’s website and courses provided on NICCS

Please email niccs [at] (subject: CAE%20Highlight%20self-nomination%20process) (NICCS[at]hq[dot]dhs[dot]gov) for additional information on the self-nomination process.

NICE Cybersecurity Workforce Framework Capability Indicators Feature

The Department of Homeland Security (DHS) and the National Institute for Standards and Technology (NIST) developed the NICE Cybersecurity Workforce Framework Work Role Capability Indicators, which expand the NICE Framework to include the factors an organization can look for when hiring and developing cybersecurity talent.

The capability indicators are now integrated and searchable within the NICE Cybersecurity Workforce Framework Tool on NICCS. Each indicator includes recommendations and examples referenced from the draft NICE Framework Work Role Capability Indicators. You can find the capability indicators within the work role pages of the framework along with the related knowledge, skills, abilities, and tasks.

NICE Cybersecurity Workforce Framework Keyword Search Feature

NICCS has added an additional feature when viewing the framework from a bottom-up approach. Users can still search the framework by clicking one of the work roles, tasks, skills, knowledge areas, or abilities hyperlinks. Users can also perform a keyword search of the framework. The keyword search returns results for all the tasks, skills, knowledge areas, or abilities based on the keyword entered by user.

Learn more about NICCS, the CAE program and the NICE Cybersecurity Workforce Framework at: or email us at niccs [at] (NICCS[at]hq[dot]dhs[dot]gov) for more information.

CyberCorps: Scholarship for Service (SFS)

Community College Cyber Pilot (C3P) Program Awards Made

The National Science Foundation (NSF) has made its first set of awards through the new Community College Cyber Pilot (C3P) Program (PD 18-1668), with the aim to place highly qualified cybersecurity professionals in government positions, in alignment with the National Defense Authorization Act of 2018.

Through the National Defense Authorization Act for Fiscal Year 2018 (NDAA18), the NSF in coordination with the Office of Personnel Management, is authorized to develop and implement a Community College Cyber Pilot (C3P) program as part of NSF's CyberCorps®: Scholarship for Service (SFS) Program. Specifically, NDAA18 authorizes scholarships for eligible students who are pursuing associate degrees or specialized program certifications in the field of cybersecurity; and have bachelor’s degrees or, are veterans of the Armed Forces.

The projects funded through this pilot program are estimated to provide scholarship support for 70 students and will integrate research on best practices in persistence and retention strategies for veteran and underrepresented STEM majors.

The proposed partnerships among community colleges will allow for collaboration on activities, including student skills competitions, certification preparation workshops, faculty-student mentorship, and visits to local federal agencies. The awards will also pave the way for the development of models to expand the SFS program to community colleges.

The project titles, principal investigators and sponsor institutions for the new awards are:

Community College Cyber Pilot (C3P) Program Webinar on October 5, 2018

The second webinar about the Community College Cyber Pilot (C3P) Program will be held on Friday, October 5th, 2018, at 2:00 PM Eastern Daylight Time. Join the meeting at the following WebEx meeting space:

Meeting number (access code): 907 470 275 Meeting password: C3P$update

To join by phone: 510-210-8882/Global call-in numbers:

Trouble joining the meeting?:


The GenCyber Program is playing a significant role in increasing awareness of cybersecurity. The program has experienced significant growth since its inception in 2014. Just this year, the GenCyber Program sponsored 150 summer camps at 84 different institutions in 43 states across the nation and included over 3,700 students, and 1,000 teacher participants. If you are interested in holding a GenCyber Camp next year, the 2019 GenCyber Program Call for Proposals has been released and is posted at with a closing date of October 12, 2018.

Learn more at

NICE Cybersecurity Workforce Framework

The NICE Framework is a reference resource describing cybersecurity work. Industry often uses the Cybersecurity Framework, which consists of standards, guidelines, and best practices, to manage cybersecurity-related risk. Both of these frameworks can be used together to help evolve the nation’s efforts in cybersecurity risk and workforce, education, and training. Learn more in this quarter’s featured article. 

A preliminary mapping of the knowledge, skill, and ability statements from the NICE Framework to competencies has been drafted and is available for viewing via the hyperlink in the “Next Steps” section at the bottom of the NICE Framework web page. This initial draft has been developed in preparation of a new draft version of NIST SP 800-16, a Role-Based Model for Federal Information Technology / Cybersecurity Training.

Keep up-to-date with the NICE Framework here 

Funded Program Updates

NICE Challenge Project

Over the summer, several big development efforts started at the NICE Challenge Project. Some of these new efforts include a modernized notification system, challenge remapping to the updated NICE Framework and CAE Knowledge Units, allowing curator comments on challenge submissions, email-based logins, and major user interface overhauls to the submission review and reservation curator pages. We expect to release these features over the course of the fall as they are finalized and tested; except for curator comments on challenge submissions which has been released. 

In addition to these major Webportal updates, we will be releasing a wave of new challenges in the "Protect & Defend" environment over the fall quarter.

The NICE Challenge Project has two monthly webinars for curators. The "Curator Crash Course" webinar occurs on the first Friday of every month and covers everything a new curator needs to know to get started using the NICE challenges. This includes running through a challenge, using the NICE Challenge Webportal, and discussion on integrating challenges into classes. The "Meet the NICE Challenges" webinar occurs on the third Friday of every month and covers two challenges in depth. They include possible challenge solutions and context development methodology. Each webinar is about one hour in length and requires the curator to register ahead of time. More information on these webinars and signup forms can be found at .

The project's development and content decisions are driven not only by our strategic vision, but by the extremely valuable feedback we receive from our growing user base, whom we feel privileged to work with on this journey forward in creating the next generation in hands-on cybersecurity content. If you are a professor/staff member at an educational institution within the United States looking to sign up, or would like to learn more, head over to .

National Integrated Cyber Education Research Center (NICERC)

Our Department of Homeland Security (DHS) Cybersecurity Education & Awareness Branch (CE&A) colleagues are pleased to announce that the National Integrated Cyber Education Research Center (NICERC), the academic division of the Cyber Innovation Center (CIC), has been awarded the Cybersecurity Education and Training Assistance (CETAP) grant. NICERC’s programs are focused on growing and educating the next generation cyber-literate workforce through K-12 education. This is the second time CIC has received the grant. Since FY13, CIC has developed 15 courses with 2,700 hours of STEM content and has reached over 10,000 teachers, affecting over 1,900,000 students nationwide.

The CETAP grant provides funding to develop and distribute K-12 cybersecurity, STEM, and computer science curricula to educators across the country. Additionally, the grant support the development and implementation of engagement strategies to reach teachers and communities nation-wide to expand existing cybersecurity education programs.

As background, CE&A manages programs to develop the highly-skilled cybersecurity professionals needed to secure the national cyber infrastructure and information systems. To that end, CE&A promotes cybersecurity training and awareness for elementary, middle, and high school aged students and their teachers. Increasing the number of graduates of cyber and STEM disciplines is an important element in the development of our national cybersecurity workforce.

Overall, the goals of the CETAP grant include:

  1. Expand awareness of national cybersecurity education and workforce issues.
  2. Encourage entry into cybersecurity academic programs and careers through hands-on, engaging cybersecurity-integrated ready-to-use tools. 
  3. Provide a portable curricular model to aid in replication to all 50 States, Washington D.C., Puerto Rico, and the US Virgin Islands. 
  4. Offer the means to measure the long-term effects of teacher training in the use of the proposed curricular solution and its impact on students, including the number of teachers who are trained, the number of students they instruct, the number of students that choose to pursue cybersecurity-related STEM disciplines and cybersecurity professions, and define and track other key metrics. 
  5. Develop and implement a comprehensive engagement strategy that enables DHS to reaching an increasing number of K-12 stakeholders.

Learn more at

NICE Working Group Updates

The NICE Working Group (NICEWG) continues to work toward identifying and producing deliverables that energize and promote cybersecurity education and training. For example, the Workforce Management subgroup recently released a draft guidebook, Cybersecurity is Everyone’s Job, which provides things to know, and things to do, for everyone in an organization regardless of its type or size. It is intended for the general audience, who may not otherwise be knowledgeable about, or interested in, cybersecurity. It can be read as a complete guide, or by business function as a standalone guide.

The NICE Working Group also welcomes Amelia Phillips, from Highline College, as a new co-chair to the Competitions subgroup !  

Learn more about the NICE Working Group and sign up to participate at

Key Dates

Community College Cyber Pilot (C3P) Program Webinar, October 5, 2018

The National Science Foundation, in coordination with the Office of Personnel Management, has developed a Community College Cyber Pilot (C3P) program as part of NSF's CyberCorps®: Scholarship for Service (SFS) program. Specifically, this program provides scholarships for eligible students who: are pursuing associate degrees or specialized program certifications in the field of cybersecurity; and,

(A) have bachelor’s degrees, or,

(B) are veterans of the Armed Forces.

The second informational webinar about the Community College Cyber Pilot (C3P) Program will be held on Friday, October 5th, 2018, at 2:00 PM Eastern Daylight Time. Join the meeting at the following WebEx meeting space:

Meeting number (access code): 907 470 275 Meeting password: C3P$update
To join by phone: 510-210-8882
Global call-in numbers:
Trouble joining the meeting?:

GenCyber Call for Proposals Closing Date, October 12, 2018

The GenCyber program provides summer cybersecurity camp experiences for students and teachers at the K-12 level. The goals of the program are to increase interest in cybersecurity careers and diversity in the cybersecurity workforce of the nation, help all students understand correct and safe on-line behavior and how they can be good digital citizens, and improve teaching methods for delivery of cybersecurity content in K-12 curricula.

The National Security Agency is soliciting proposals from universities, public or private schools or school systems, not-for-profit institutions, or non-profit institutions to participate in the 2019 GenCyber Program. Proposals are due by 11:59PM EDT October 12, 2018. 

Learn more about GenCyber and how to submit a proposal for funding at

NIST Lunch, Learn, and Listen, October 16, 2018



Join us at the National Cybersecurity Center of Excellence (NCCoE) in Rockville, Maryland, a part of the National Institute of Standards and Technology (NIST), for collaborative discussions with industry experts, informative presentations, and networking opportunities. The NIST Lunch, Learn, and Listen will take place on October 16, 2018 at 11:00am – 1:30pm. Students are encouraged to attend, and lunch is included.

Register today for free at

NICE Conference and Expo, November 6-7, 2018

Registration is open!

The 2018 NICE Conference will take place November 6-7, 2018 in Miami, Florida. This year’s theme, “Innovations in Cybersecurity Education, Training, and Workforce Development”, inspires presentations that demonstrate new, creative, innovative, and effective approaches that will prepare, grow, and sustain a national cybersecurity workforce to safeguard and promote America’s national security and economic prosperity.

The conference will feature four tracks:

  1. Growing the Cybersecurity Workforce
  2. Expanding the Workforce Through Diversity and Inclusion
  3. Interdisciplinary and Cross-Domain Education and Training
  4. Talent Management and Workforce Development 

Learn more, view the conference agenda, and register at

National Cybersecurity Career Awareness Week, November 12-17, 2018

National Cybersecurity Career Awareness Week is a celebration to focus local, regional, and national interest to inspire, educate and engage children through adults to pursue careers in cybersecurity. Cybersecurity Career Awareness Week takes place during November’s National Career Development Month, and each day of the week-long celebration provides for learning about the contributions, innovations and opportunities that can be found by exploring cybersecurity as a field of study or career choice.

Learn more and get involved today at

NICE K12 Cybersecurity Education Conference, December 3-4, 2018

Registration is open!

The NICE K12 Conference will take place at the Grand Hyatt in San Antonio, Texas on December 3-4, 2018. The conference will feature five tracks:

  1. Increasing Cybersecurity Career Awareness
  2. Infusing Cybersecurity Across the Education Portfolio
  3. Integrating Innovative Cybersecurity Educational Approaches
  4. Designing Cybersecurity Academic and Career Pathways
  5. Promoting Cyber Awareness
  6. Learn more, view the agenda, and register at

NICE Webinars

On October 10, 2018 NICE will hold a webinar on, “The Underserved Cybersecurity Workforce - Securely Provisioning our Future.” This webinar will explore how a more aggressive approach to building more secure systems and networks could potentially relieve some of the workforce demand in other areas (e.g., "Protect and Defend", "Investigate", etc.), and the role that education, training, and workforce will play to securely provision our future. Learn more and register here .
On September 12, 2018 NICE held a webinar on, “AfterSchool Programs Present Opportunities to Grow the Cybersecurity Workforce.” This webinar discussed discuss how AfterSchool programs are helping students explore the topic of cybersecurity, possibilities of technology, and help youth develop a plan to achieve their chosen careers. View a recording and more here

On July 18, 2018 NICE held a webinar on, “State Governments Pursuing New Tactics in the War for a Skilled Cybersecurity Workforce.” This webinar described how state governments are creatively looking to address both state government and industry cybersecurity workforce challenges through investments that foster innovation, entrepreneurship, and collaboration. View a recording and more here .

On June 27, 2018 NICE held a webinar on, “Cybersecurity Education and Training for the Operational Technology Workforce.” This webinar described the differing approaches to cybersecurity in operational technology (OT) versus IT environments, and how education and training providers can help students and employees through specialized curriculum and lab environments, and better secure ICS and SCADA systems. View a recording and more here .

NICE webinars are free to attend, but registration is required. 

Learn more, view webinar recordings, and more here

Created September 19, 2018, Updated April 19, 2021