Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

NICE Spring 2018 eNewsletter

Featured ArticleNICE Framework in FocusAcademic SpotlightIndustry SpotlightGovernment SpotlightAffiliated Programs UpdatesFunded Projects Updates | NICE Working Group Updates | Key Dates |

Subscribe to the NICE eNewsletter


Clarence Williams_NICE
Welcome! As we head into the spring season with a continued focus on innovatively growing, building, and strengthening our cybersecurity workforce, let’s be reminded of the importance of collaboration, connection, and communication. Learning from others, to include those efforts done by our international partners, allows us to share best practices in cybersecurity education, training, and workforce development. Our featured article is an example of how New Brunswick in Canada has adopted the NICE Cybersecurity Workforce Framework to build a workforce that is skilled, capable, and secure. Whether it’s academia, industry, or government, we all play a part in developing a workforce that is ready and equipped to defend our valued assets. The academic spotlight on New York University Tandon School of Engineering lets us know the importance of using local government and businesses to create programs that develop technical leaders in cybersecurity. The industry spotlight on AT&T shows us how they have created a program to reskill and retool their workforce by allowing the employee to plot a pathway to their desired job or to learn a particular skill. The government spotlight on the Federal Chief Information Officers (CIO) Council Workforce Committee highlights their efforts to provide innovative solutions to building a talented federal cybersecurity workforce to meet department and agency goals. Together we can drive change, together we can stimulate innovation, and together we can pursue action. In the words of Helen Keller, “Alone we can do so little; together we can do so much.”
Clarence Williams
NICE Lead for Government Engagement

Featured Article:

NICE FRAMEWORK ADOPTED IN NEW BRUNSWICK, CANADA 
By Heather MacLean, CyberNB/OpportunitiesNB, New Brunswick, Canada

A key objective of the NICE strategic plan is to collaborate internationally to share best practices in cybersecurity career development and workforce planning (Objective 3.5). In this context, we are pleased to report that the NICE standards and workforce framework are being embraced north of the United States border in Canada.

The government of New Brunswick, Canada launched CyberNB in May 2016 to position the province as a cybersecurity epicentre in Canada. A vibrant cluster of cybersecurity companies already exists in Fredericton, the province’s capital city. As a Special Operating Agency of the government, CyberNB’s mandate is to accelerate the cybersecurity sector’s pace of growth to secure the associated economic benefits and to ensure the public has access to a safe and resilient internet.

Access to highly skilled talent is widely recognized as a major driver of the cybersecurity sector where specialized skills, certifications, and security clearances are integral to ensuring the workforce is capable and secure. A key pillar of the CyberNB strategy is the establishment of a talent pipeline to support both the existing cybersecurity companies and to attract new businesses and investment into the cluster. In 2017, CyberSmart, a key component of CyberNB, is a comprehensive workforce development strategy targeting youth development, workforce standards, training and recruitment, and career awareness.

The CyberSmart team quickly recognized the need for a comprehensive cybersecurity workforce development framework to guide the province’s education, training, and recruitment programs and activities. The team identified the work of NICE and reached out to NICE’s leadership to better understand the NICE Cybersecurity Workforce Framework and to investigate the potential for collaboration. Bilateral meetings ensued between NICE representatives and CyberNB as well as a number of New Brunswick industry leaders. The comprehensive nature of the NICE Framework along with the high degree of acceptance in the United States’ cybersecurity sector is a testament to the leadership of NICE and the multiple agencies involved in its creation over time. 

On February 8, 2018, CyberNB met with its CyberSmart Advisory Council comprised of industry, academic and government cybersecurity leaders and formally recommended the adoption of the NICE Framework and the establishment of the Cybersecurity Workforce Development Initiative (CWDI). CyberNB recommended that the key functions of the CWDI will be to: 1) promote the use of the NICE Framework within the New Brunswick cybersecurity ecosystem; 2) ensure alignment between cybersecurity certifications and the NICE standards and framework; and 3) collect, analyze, and disseminate cybersecurity workforce data. In response to CyberNB’s recommended action, the CyberSmart Advisory Council endorsed the following resolution:

That the CyberSmart Advisory Council supports in principle the establishment of the Cybersecurity Workforce Development Initiative to guide education, training and recruitment in New Brunswick.

Adoption of the NICE standards and framework offers New Brunswick the following specific benefits: 

  1. Provides New Brunswick with a state of the art cybersecurity skills and workforce development framework to guide education, training and recruitment programs and activities;
  2. Avoids considerable development costs in duplicating a similar framework for New Brunswick; and
  3. Promotes cross-border alignment in cybersecurity skills and workforce development.

The cross-border transmission of electricity is a specific example of a shared interest in critical infrastructure. A common cybersecurity lexicon and skills development framework will ensure alignment of cybersecurity expertise and expedite inter-jurisdictional communication and teamwork in all areas of bilateral cybersecurity interaction. Addressing continental-level cybersecurity attacks from individuals, criminal organizations or foreign states will also be expedited if the United States and Canada share common talent development standards.  

CyberNB is now proceeding to formally establish and resource the CWDI and is looking forward to strengthening our collaboration with the NICE organization in the United States. As we move forward north of the border we hope to be able to reciprocate to the support we have received from NICE leaders and officials and contribute to the evolution and strengthening of the NICE Framework by sharing our successes and challenges in cybersecurity workforce development. In addition, CyberNB will be working with our national partners in advocating the adoption of the NICE framework in the rest of Canada.


NICE Framework in Focus

A profile of a cybersecurity practitioner to illustrate application of the NICE Cybersecurity Workforce Framework categories, specialty areas, and work roles.

NICE Framework Categories: 

  • Investigate: Investigate cybersecurity events or crimes related to information technology (IT) systems, networks, and, digital evidence.
  • Oversee and Govern: Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work. 

    NICE Framework Specialty Areas:

    • Cyber Investigation: Applies tactics, techniques, and procedures for a full range of investigative tools and processes to include, but not limited to, interview and interrogation techniques, surveillance, counter surveillance, and surveillance detection, and appropriately balances the benefits of prosecution versus intelligence gathering. 
    • Digital Forensics: Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations. 
    • Training, Education, and Awareness: Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.

    Name: Andy Kleinick 

    NICE Andy Kleinick

    Title: Detective III of Cyber Crimes Section

    Organization: Los Angeles Police Department (LAPD)

    Work Roles: Cyber Crime Investigator, Law Enforcement Forensics Analyst, Cyber Instructor

    Academic Degrees: None

    Certifications: AccessData Certified Examiner (ACE); EnCase Certified Examiner (EnCE); Network Intrusion Responder Program (NITRO)

    Q: Andy, explain your role and responsibilities as a detective in the Computer Crime section of the LAPD?

    A: I am the Senior Detective of LAPD Cybercrime section. I'm responsible for both units within the Cybercrime section. We have two units. One being the investigative unit, which handles what would be considered in California to be 502(c) of the California Penal Code, is basically your unauthorized computer accesses, network intrusions, hacking, theft of data, DDoS attacks, and so on. Our other section is the Digital Forensics section, where we examine all digital evidence, any evidence capable of holding any type of digital information. I am the supervisor over both units.

    Q: Could you say a little more about the size of that actual team in the Computer Crime section, maybe more about the type of roles that those individuals fill?

    A: At the current point, we have 14 people total including myself. It's basically half and half as far as in forensics and investigations. The investigators are pretty much all detectives, anywhere from Detective 1, which is our new detectives through Detective 3, which are the senior detectives, detective supervisors. 

    We work with a Federal task force, with the United States Secret Service, called the Electronic Crimes Task Force, along with several other state, local and Federal agencies including the FBI, the California Highway Patrol, the L.A. County Sheriff's Department, and Los Angeles District Attorney investigators to go out and investigate high tech crimes, mostly involving intrusions, hacking, data thefts, major attacks such as malware attacks, business attacks, such as email compromises, and so on.

    The forensic side are more the geeks. Most of the people who come into forensics have computer backgrounds, and they are the ones analyzing all the digital evidence; be it a tower computer, or the computer inside a motor vehicle. As with other things, the Internet of Things has become so widespread, this constantly changes and upgrades all the time.

    Q: Describe your career path to becoming a Detective 3 in the Computer Crimes section.

    A: With LAPD, everybody starts in the field as a police officer. I was in the field for several years, about four years, and I was lucky enough to make detective with just four years on the job. Then, once you make detective, you usually go to an area, one of the twenty-one areas in the City of Los Angeles, and you usually move around from table-to-table, from the juvenile table, to robbery, to homicide, to get a flavor of everything you like. From there, I went into auto theft, in the auto theft task force, because I was interested in that. From auto theft, I went into narcotics, and eventually I became a supervisor, which would be a Detective 2, in Internal Affairs.

    From Internal Affairs, I went on to become a Commander's Adjutant, which was a way of learning the inner workings of the department. It helps you promote and it helps you learn and meet the people you need to meet. That's where I made Detective 3, as a Commander's Adjutant, and from there I went to the Cybercrime Section, because that is something I have always been interested in. I worked in computer technology before I even came on the job, like thirty-five some odd years ago. I worked for a company CMI, which was eventually taken over by IBM, which produced hard drives for the IBM XT and AT, and that's pretty much how it happened. I've been there ever since. Of my thirty-one years on the job, approximately fifteen, approximately half, has been in the Cybercrime section.

    To listen to the full audio interview with Andy Kleinick, Detective III of Cyber Crimes Section of the Los Angeles Police Department, click on the audio below.

    Audio file

    Download a transcript of the interview


    Academic Spotlight:

    TAP THE CULTURAL TREND: EMBED INDUSTRY LEADERS IN THE CYBER FELLOWS PROGRAM 
    By Nasir Memon, New York University Tandon Professor of Computer Science and Engineering and Associate Dean of Online Education; Kevin Chung, New York University Tandon Graduate and Founder of the Cyber Fellows Program Capture the Flag

    The Internet of Things, autonomous vehicles, remote medicine with streaming 3D images, artificial intelligence: our digital universe is doubling annually and, with it, threats and vulnerabilities to our security and privacy grow exponentially. Any hope of pulling ahead of cyber criminals and nation-state warriors lies in rapidly educating a huge new cadre of cybersecurity experts by using techniques as revolutionary as today’s technology.

    As unlikely as it seems, the revolutionaries may well sit in the boardrooms of our elite corporations. We have certainly seen business take the lead in any number of political issues of late. But how can academia leverage this cultural force?

    Our experience at the New York University (NYU) Tandon School of Engineering in attempting to disrupt cybersecurity education through our new Cyber Fellows initiative may offer clues.

    We quickly uncovered an eager set of fellow disruptors in New York City government and the city’s most prestigious firms. They told us they observed a gap between what even the best universities teach and the precise set of skills that graduates need in order to step into top positions in this ever-changing field. They were eager to mentor our students, employ them as interns, provide them with their own problems that will form the basis of students’ capstone projects, and consult on curriculum. They were ready to forge a new type of relationship with educators.

    New York City Cyber Command and business leaders from across the United States will be deeply embedded into the Cyber Fellows program. Together we are developing a rigorous online master’s degree program that will begin with modest enrollment but could easily scale to accommodate hundreds or even thousands of the technical leaders we will soon need – people with deep technical skills, creativity, and a network of support that will enable them to remain at the top of their trade.

    No one needs these digital protectors more than the financial giants, tech leaders, business consultancies, and media companies who have enlisted to educate our white hats, among them Blackstone, Bridgewater, EY, Facebook, Goldman Sachs, J.P. Morgan, Jefferies, IBM Security, Morgan Stanley, Synack, T. Rowe Price, and U.S. Bank.

    One of the most valuable resources will come from New York City Cyber Command: our students will get access to a cyber range that the city is building to train its own experts. It will simulate the problems of protecting vast networks and allow students to safely practice addressing security scenarios in a controlled environment.

    Another valuable tool, under the rubric of the NYU Cyber Security Awareness Week (CSAW), will be what we are calling CSAW 365: a library of Capture the Flag (CTF) contests developed over more than a half-dozen years by top industry professionals who worked with our students to produce hacking challenges for the world’s largest student-led cybersecurity games.

    NICE Spring 2018 Academic Spotlight
    The challenges of NYU’s Cybersecurity Awareness Week Capture the Flag contests will be accessible to Cyber Fellows 24/7
     

    Cyber Fellows will get around-the-clock access to versions of these games, and professors will be able to monitor how quickly students progress in order to flag areas in which they need help. CTFs are widely used by academia and industry as recruitment and training tools, and CSAW 365 will develop knowledge of cryptography, steganography, and binary analysis, among other areas.

    Cyber Fellows will also open a new pipeline of learners who will pursue a cybersecurity education: mid-career professionals who hold bachelor’s degrees and who may be working in IT, coding, or low-level cybersecurity positions and are limited by time, location, and the demands of work and family. The flexibility of online education is attractive, as is the affordability of some online programs. Cyber Fellows, for example, will pay just $15,000 for their entire program, thanks to generous scholarships, with no compromises to the high caliber of instruction.

    For those without an engineering background, a 16-week, $1,500 intensive called Bridge to Tandon prepares students to enroll in master’s degree studies in cybersecurity or computer science…because we just can’t open the floodgates fast enough. We’re even experimenting with waiving the GRE for highly qualified Cyber Fellows who maintain high GPAs.

    And once a Cyber Fellow graduates, he or she (females are outnumbering males in Bridge applications, so we have every reason to hope Cyber Fellows can continue this much-needed trend) will be able to audit classes for five years, keeping themselves current while exposing new students to their real-world experience.

    For years, the federal government, foundations, and innovative institutions of higher education seeded innovative educational pilots that grew the emerging generation of security scholars. Today, those roots are taking hold. The time has come to tap the grass-root strength of local government and business to solve one of our world’s most urgent challenges.


    Industry Spotlight:

    USING “SKILLS PIVOT” TO RESKILL EMPLOYEES FOR FUTURE SUCCESS 
    By Paul Eriksen, Lead External Recruiter, AT&T

    Every employee will wonder, at some point in their career, if their particular specialty will continue to be valued or need to be enhanced with additional training. That same concern holds for corporate strategy – companies continue to evolve to meet future demand. As AT&T, the world’s largest telecom company, works on their own evolution, reinventing itself as a cloud-based premier entertainment and communications company, they’ve invested in a program for their employee’s continued learning and skill development. Chairman Randall Stephenson believes you need “to retool yourself and you should not expect to stop.” This innovative program known as “Skills Pivot,” helps employees identify the future value of their current skills and enables them to plot their course forward. Skills Pivot enables AT&T to compete more deftly, given the scale of planned transformation relative to its large employee talent base.

    NICE Rita Marty

    Rita Marty

    A crucial element to the AT&T Skills Pivot program is the training is competency-based. AT&T’s Human Resources’ systems enable employees to plot a path from their current job to any job they desire in the future. The system creates a personalized curriculum with competency-based education programs. These courses allow employees to earn badges that certify competency in new skills. Thousands of AT&T employees have participated in the Skills Pivot program, from those starting their careers to those with decades of experience. In total, AT&T’s employees have completed 2.6 million courses, with 56,000 employees earning 178,000 badges, each a new competency mapped to a job opportunity within the company. Employees can earn badges, certificates, undergraduate degrees, graduate degrees, and even nanodegrees. The company partners with several universities including Notre Dame, Georgia Tech, and Champlain College; as well as online education providers such as Udacity and Coursera.

    As the company transforms to a software-enabled cloud-based architecture, it’s committed to ensuring security of its data, networks, platforms, people and customers against evolving cyber threats. The impact of the global cybersecurity skills gap creates increased opportunities for all employees who want to train for a cybersecurity position. Some of the hot job categories for the technology future include Artificial Intelligence (AI), Cloud, Cybersecurity, and Internet of Things (IoT). As AT&T builds its 5G network, demand for cybersecurity-related jobs and services will also increase.

    Rita Marty, Vice President of Security Architecture at AT&T, leads the teams that are defining the next generation security architecture to support key emerging business initiatives including Virtualization, Domain 2.0, Indigo, Microservices, and the 5G network. Her team’s mission includes understanding the evolving business needs and developing the security architectures, platforms and capabilities to ensure the company’s security posture is maintained or improved while it undergoes its transformation.

    Training future cybersecurity professionals is a shared effort between the academic world and industry. Some in industry would like to see more dedicated undergraduate cybersecurity-focused courses, while others believe the inclusion of cybersecurity concepts throughout the curriculum is a better approach. Rita said, “In the past, many considered cybersecurity to be a specialized area. We know many of the top U.S. computer science programs don’t require stand-alone cybersecurity-related courses.[1] But it’s a core component of today’s technology and operations. Security by design should be present in all technologies developed today and become a foundational component of tech-focused careers.” When asked about her own skills pivot, Rita replied, “I always wanted to stay ahead of technology, so I’ve pivoted my skills multiple times. A skills pivot is not something that a person or a company does one time. It is a continuous, ongoing effort.”

    To address its need for cybersecurity talent, AT&T created a three-year cybersecurity development program to allow employees to rotate through various areas of the business before being permanently placed in a cybersecurity role. Andy Benavides was hired into this program after graduating from college with a degree in Computer Science. He believes his skills pivot started his very first day on the job as a technology security professional. AT&T’s training introduced him to cybersecurity concepts he had not learned during his undergraduate experience. He enthusiastically embraces the continuous learning environment at AT&T. He also envisions a potential future skills pivot to machine learning.

    NICE Andy Benavides

    Andy Benavides, AT&T

    Addressing the widely-reported shortage of women in cybersecurity, AT&T is actively working to attract and retain more women in cybersecurity. AT&T's Girl Scout program is among the initiatives intended to inspire young girls to consider careers in STEM or cybersecurity. Rita welcomes Girl Scouts to the AT&T Middletown, NJ office and conducts interactive sessions with them. She serves as a role model for the Scouts as their host and featured presenter. When asked what final piece of advice she has to share, Rita offered, “Embrace change! Don’t be afraid to be part of the transformation. Drive the transformation. Things are happening very fast in the tech world and the only way you can survive as a company or as an individual is to continue to pivot your skills to the future.”

    NICE Girl Scouts AT&T

    Girl Scouts Visit AT&T

    [1] https://www.darkreading.com/vulnerabilities---threats/top-us-undergraduate-computer-science-programs-skip-cybersecurity-classes/d/d-id/1325024 


    Government Spotlight:

    CIO COUNCIL WORKFORCE COMMITTEE: STRENGTHENING THE FEDERAL IT/CYBERSECURITY WORKFORCE 
    By Trey Kennedy, Senior Advisor, Federal CIO Council

    The Federal Government faces an increasing shortage of cybersecurity and IT talent due to persistent recruitment and retention challenges and competition from the private sector. By continuing to partner across the Federal Government and with organizations such as the National Initiative for Cybersecurity Education (NICE), the Federal Chief Information Officers Council (CIO) Council strives to fill the critical gaps as quickly and effectively as possible to defend the nation’s infrastructure, deliver digital services to the American people, and modernize the Federal Government’s IT systems and operations. Developing a Workforce for the 21st Century is one of the drivers for the recently released President’s Management Agenda, and an area where the CIO Council plays a critical role.

    The CIO Council is the principal interagency forum to improve Federal Agency practices related to IT management. The Workforce Committee is co-chaired by Department of Education CIO Jason Gray and Department of Health and Human Services CIO Beth Killoran, and works in partnership with the Federal Human Resources community to develop, implement, and communicate strategies to recruit, retain, and manage a fully trained and qualified IT workforce to meet current and future mission requirements.

    The Workforce Committee is committed to its strategic goal to provide the Federal Government with a cadre of talented IT and cybersecurity professionals with mission critical competencies to meet agency goals. Last November, the Workforce Committee enjoyed early success with its initiative to host the Federal Government’s first-ever Federal Tech/Cyber Hiring and Recruitment Event. Thirty-One Federal Agencies came together to recruit, interview, and hire talent to fill more than 400 IT and cybersecurity vacancies in the Washington, D.C. metropolitan area. The event attracted close to 2,000 candidates who came from 42 states and provided opportunities to interview with agency resource managers and receive training on topics such as resume building. Many agencies that needed to fill vacancies offered candidates tentative job offers on the spot or shortly after the event.

    To build on the success of this event, the Workforce Committee is exploring options for virtual and other innovative recruitment techniques used by the private sector to help the federal government attract high quality candidates and to reduce the time-to-hire.

    This year’s priorities also include driving efforts under the President's Management Agenda and supporting agencies’ implementation of the NICE Cybersecurity Workforce Framework. In addition, the Workforce Committee hosted a Women in Federal Information Technology and Cybersecurity event to celebrate Women’s History Month. Federal IT executives, including the newly appointed Federal CIO Suzette Kent, came together to celebrate the success of women thriving in today’s Federal IT enterprise and discussed strategies to engage, inspire, and motivate more women to embark on careers in IT and cybersecurity. This event took place on Thursday, March 29th at the U.S. Department of Agriculture’s Jefferson Auditorium in Washington DC and was open to the public. A recording of the event can be found on USDA’s YouTube channel, for those who would like to watch the video.


    Affiliated Programs Updates

    Various organizations within the U.S. government own and operate programs designed to enhance the cybersecurity education, training, and workforce development needs of the nation. The following are a few of those programs.

    National Initiative for Cybersecurity Careers and Studies (NICCS)

    NICE NICCS

    The NICE Cybersecurity Workforce Framework Mapping Tool

    The National Initiative for Cybersecurity Careers & Studies (NICCS) is the nation’s one-stop shop for cybersecurity careers and studies. It connects the public with information on cybersecurity awareness, degree programs, training, careers, and talent management. The Training Catalog connects the public to nearly 3,000 cybersecurity courses offered by organizations across the nation and is growing every day.

    On February 26, 2018, NICCS deployed the NICE Cybersecurity Workforce Framework Mapping Tool to enable managers and human capital professionals to enter information about a cyber position, and generate reports to better understand how well their teams align to the NICE Cybersecurity Workforce Framework.

    The tool is currently only available to DHS Federal Employees and Contractors who are on the DHS network.  In the near future, the mapping tool will be available to the public for general use. If you are a DHS Federal Employee or Contractor and having trouble accessing the tool, please contact the NICCS team at NICCS@hq.dhs.gov.

    Learn more at: niccs.us-cert.gov or email us at NICCS@hq.dhs.gov for more information.

    Advanced Technological Education

    The Security Technologies Advanced Technological Education (ATE) Centers are: the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological Education Connections (BATEC), which is also funded by the National Science Foundation (NSF); are producing the fifth annual Community College Cyber Summit (3CS). The outcomes of 3CS leverage community college cybersecurity programs across the nation by introducing the latest technologies, best practices, curricula, products, and more.

    3CS will take place from August 2-4, 2018, at Mt. Hood Community College in Gresham, OR, and the Marriott Downtown Waterfront Hotel in Portland, OR. This is the only national academic conference focused on cybersecurity education at community colleges. The overarching theme this year is "Expanding Expertise -- Transforming Cybersecurity Programs." There will also be a pre-summit job fair on August 2nd. Participants can attend sessions organized into four tracks: "New to Cybersecurity"; "Experienced in Cybersecurity, and CAE Aspirants"; "Expanding Expertise in Curriculum"; and "Students." Visit www.my3cs.org for more information on the agenda and links to register as an attendee and/or sign up as an employer at the pre-summit job fair. Early Bird registration is available through May 18. Register today at www.my3cs.org.

    Learn more at www.atecenters.org/st and www.nsf.gov/ate

    NICE Cybersecurity Workforce Framework

    The NICE Framework is a reference resource describing cybersecurity work. NIST is stewarding conversations to map competencies to the NICE Framework. Many organizations begin their focus on cybersecurity by using a different framework known as the Cybersecurity Framework

    The Cybersecurity Framework Core provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand. The Core guides organizations in managing and reducing their cybersecurity risks in a way that complements an organization’s existing cybersecurity and risk management processes. NICE recognizes that many people focused on workforce, would like to see a mapping that ties the Cybersecurity Framework to the NICE Framework. Drafting that mapping and providing opportunities for our industry, academic, and government colleagues to participate in the process will begin soon. Stay tuned for those opportunities.

    Learn more at nist.gov/nice/framework.


    Funded Projects Updates:

    NIST Announces Cooperative Agreement with Florida International University to Support NICE Stakeholder Engagement

    The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has announced a cooperative agreement with Florida International University (FIU) to assist the National Initiative for Cybersecurity Education (NICE) in its outreach efforts to the cybersecurity education, training, and workforce development communities. FIU, and its partner New America, will work with the NICE Program Office to execute a Stakeholder Engagement Program that will include planning and managing the NICE Annual Conference. Learn more and read the full press release here.

    NICE Challenge Project 

    Just one quarter in, and the NICE Challenge Project is already having a great year!

    During the first quarter of this year we released a plethora of Webportal user interface updates, new post-challenge analytics features, and expanded our concurrent user capacity roughly 4-fold. After these updates we immediately noticed a drastic uptick in daily deployments and reservations. While we are not filling up our new concurrent user capacity just yet, we have gone from deploying about 500 workspaces (challenge environments) per month up to 1,600 per month. This roughly equates to deploying 20k virtual machines to students each and every month!

    Looking forward to the next quarter we are focusing on releasing new challenges and our new Protect & Defend workspace. Early in the quarter we expect to be releasing the new workspace with 10 new challenges based on Protect & Defend tasks from the perspective of Protect & Defend work roles.

    The NICE Challenge Project has two monthly webinars for curators. The "Curator Crash Course" webinar occurs on the first Friday of every month and covers everything a new curator needs to know to get starting using the NICE Challenges. This includes running through a challenge, using the NICE Challenge Webportal, and discussion on integration of challenges into classes. The "Meet the NICE Challenges" Webinar occurs on the third Friday of every month and covers two challenges in depth. This includes possible challenge solutions and context development methodology. Each of these webinars are about one hour in length and require the curator to register ahead of time. More information on these and signup forms can be found at www.nice-challenge.com.

    The project's development and content decisions are driven not only by our strategic vision, but by the extremely valuable feedback we receive from our growing user base, whom we feel privileged to work with on this journey forward in creating the next generation in hands-on cybersecurity content.

    If you are a professor/staff member at an educational institution within the United States looking to sign up, or would just like to learn more, head over to www.nice-challenge.com.

    CyberSeek

    One key feature of the CyberSeek career pathway tool is the ability show key jobs within cybersecurity, common transition opportunities between them, and detailed information about the salaries, credentials, and skillsets associated with each role. The CyberSeek career pathway, which maps to the NICE Cybersecurity Workforce Framework, helps both individuals interested in cybersecurity careers and employers looking to fill job openings. The expanded, interactive career pathway includes information on 10 core cybersecurity roles and 5 tech jobs that often serve as “feeder roles” to cybersecurity positions. 

    Both the career pathway tool and heat map include embeddable widgets. Anyone interested in the cybersecurity workforce can embed versions of the heat map and career pathway on their websites with links back to CyberSeek.org.

    Learn more at www.cyberseek.org.

    National Integrated Cyber Education Research Center

    As the computer science movement continues to grow, the need for cybersecurity grows in parallel. This focus on cybersecurity ensures that we are not only preparing students with the technical skills needed to fill the number of 21st century jobs that are open today, but also ensuring that students have the foundational skills to operate in a secure and ethical manner. The Department of Homeland Security Cybersecurity Education Training and Assistance Program (CETAP), in partnership with the Cyber Innovation Center and its National Integrated Cyber Education Research Center (NICERC) continue to positively influence the K-12 classroom through project driven, cyber-based curricula and professional development programs for teachers in order to begin systematically empowering educators with the resources needed to prepare our students and our future workforce. These resources, available to every K-12 educator at no cost, span across the country with teachers from all 50 states accessing and integrating the curricula into their classrooms. In addition, partnerships with state departments of education are being solidified to seamlessly integrate concepts of cybersecurity into existing math, science and liberal arts state-level standards.

    Learn more at www.NICERC.org.

    Regional Alliances and Multi-Stakeholder Partnerships to Stimulate (RAMPS) Cybersecurity Education and Workforce Development

    While the project period of the RAMPS program comes to a close, it is encouraging to see the RAMPS groups continue work and efforts beyond the project period. For example, the Hampton Roads Cybersecurity Education, Workforce and Economic Development Alliance (HR Cyber), has secured funding to continue and expand upon activities. HR Cyber has received Growth and Opportunity (GO) Virginia grants to build the HRCyber Co-Lab, which will serve as an anchor for innovation in the cybersecurity, data analytics, autonomous vehicles, and virtual technologies markets in Hampton Roads. There are four pillars to this project:

    1. Virginia Cyber Trail – an outreach and collaboration effort across multiple GO regions to link educators, practitioners, researchers, and investors as a pathway for innovation.
    2. Industry Collaboratives – connects industry to academic and federal laboratories to accelerate innovation and technology transfer.
    3. Cyber Arena – a virtual environment to innovate, test, and transition new technologies into the collaborative network.
    4. Digital Entrant Programs – will create digital jobs through internships at industry partners and will incentivize startups and companies in technology markets.

    Learn more about each of the RAMPS programs by visiting their websites listed below:

    The Partnership to Advance Cybersecurity Education and Training (PACET)

    Learn more at www.albany.edu/facets

    The Hampton Roads Cybersecurity Education, Workforce and Economic Development Alliance (HRCyber)

    Learn more at www.securitybehavior.com/hrcyber

    Cincinnati-Dayton Cyber Corridor (Cin-Day Cyber)

    Learn more at www.cindaycyber.org

    Cyber Prep Program

    Learn more at www.ppcc.edu/cyberprep

    The Arizona Statewide Cyber Workforce Consortium

    Learn more at www.ArizonaCyber.org


    NICE Working Group Updates:

    The NICE Working Group (NICEWG) continues to work toward identifying and producing deliverables that energize and promote cybersecurity education, training, and workforce development. At the last NICEWG monthly meeting, a new subgroup was announced. The Apprenticeship subgroup joins the existing K-12, Collegiate, Competitions, Training and Certifications, and Workforce Management subgroups.

    The Apprenticeship subgroup is appropriate for anyone who is interested in learning more about how apprenticeships work in white-collar occupations; to understand the role of Federal, State and Local government in assisting and approving an apprenticeship; where there are existing programs; what the steps are to build a cybersecurity apprenticeship program; curriculum resources and education partners; the role of an intermediary; and much more. The subgroup will be led by two co-chairs: Girish Seshagiri, Executive Vice President and CTO at ISHPI Information Technologies and Jennifer Carlson, Executive Director of WTIA Workforce Institute and Apprenti.

    Learn more about the NICE Working Group and sign up to participate in the NICE Working Group at the Working Group’s website.


    Key Dates:

    National Cyber Summit, June 5-7, 2018

    Register today! The National Cyber Summit will take place June 5-7, 2018, in Huntsville, Alabama. This year, there will be four tracks: Advanced Manufacturing, Finance, Technical, Research/IEEE, and Education and Workforce Development. The Cyber Cup Challenge is also back at the Summit this year. The challenge aims to inspire technical skillset development through fun security-focused competitions. Below are details about the two types of teams.

    Learn more, view the full agenda, and register today at www.nationalcybersummit.com.

    Community College Cyber Summit (3CS), August 2-4, 2018

    Register today! 3CS will take place on August 2-4, 2018, at Mt. Hood Community College in Gresham, Oregon, and the Marriott Downtown Waterfront Hotel in Portland, Oregon. The overarching theme this year is "Expanding Expertise -- Transforming Cybersecurity Programs." Participants can attend sessions organized into four tracks: "New to Cybersecurity"; "Experienced in Cybersecurity, and CAE Aspirants"; "Expanding Expertise in Curriculum"; and "Students." There will also be a pre-summit job fair on August 2nd. Registration for attendees and job fair employers/recruiters is open now. Early Bird registration is available through May 18.

    Register today at www.my3cs.org.

    NICE K12 Cybersecurity Education Conference, December 3-4, 2018

    Save the date for the NICE K12 Cybersecurity Education Conference! In 2018, the NICE K12 Conference will take place at the Grand Hyatt in San Antonio, Texas on December 3-4. 

    Learn more at www.nist,gov/nice/k-12conference

    NICE Webinars

    On March 21, 2018 NICE held a webinar on “The Evolution of Federal Government Cybersecurity Education and Scholarship Programs.” The webinar described NISTs leadership of NICE, the role of the National Science Foundation in providing grants as part of the CyberCorps: Scholarship for Service Program, the Department of Defense interests in the Information Assurance Scholarship Program now known as the Cyber Scholarship Program, and the expansion of the Department of Homeland Security/National Security Agency Centers of Academic Excellence in Cybersecurity. View a recording and more here.

    On February 21, 2018 NICE hosted a webinar on “Development of Soft Skills That Are in Demand by Cybersecurity Employers.” This webinar explored frameworks, resources, and effective approaches for developing soft skills to complement NICE Framework KSA’s to develop a well-rounded cybersecurity workforce. View a recording and more here.

    NICE webinars are free to attend, but registration is required.

    Learn more, view webinar recordings, and more here.

    Created April 4, 2018, Updated November 27, 2018