The NICE Cybersecurity Workforce Framework (NCWF) NIST Special Publication 800-181, is a national resource that categorizes and describes cybersecurity work.
The NCWF provides employers, employees, educators, students, and training providers with a common language to define cybersecurity work as well as a common set of tasks and skills required to perform cybersecurity work. Through the process of identifying the cybersecurity workforce and using a standard set of terms we can work together to educate, recruit, train, develop, and retain a highly-qualified workforce.
NICE Cybersecurity Workforce Framework Overview
The task to develop a cybersecurity workforce framework began as a Federally focused effort. The task was expanded beyond the Federal sector in early 2010. NCWF 1.0 was posted for public comment in September 2012, and published for use in April 2013. NCWF 2.0, which was developed through a series of panel discussions focused on a subset of “specialty areas” from NCWF 1.0, was posted in 2014.
The 2016 update to the NICE strategic plan includes an objective to publish and raise awareness of the NCWF to aid our nation as it tackles the challenges of guiding cybersecurity career development and workforce planning.
NIST published the latest NCWF as draft NIST Special Publication 800-181 in November 2016. Thought leadership and outreach for this latest version of the NCWF came from the Cyber Workforce Strategy & Policy Division in Office of the Deputy Department of Defense Chief Information Officer – Cybersecurity and the Cybersecurity Education and Awareness Branch in the Stakeholder Engagement and Cyber Infrastructure Resilience Division of the Office of Cyber Security and Communications at the Department of Homeland Security.
The NCWF is non-prescriptive beyond its mapping of associated tasks and knowledge, skills, and abilities to cybersecurity work roles. Most cybersecurity job or positions will be comprised of multiple work roles.
The NCWF is comprised of the following components:
- Categories (7) – A high-level grouping of common cybersecurity functions;
- Specialty Areas (33) – Distinct areas of cybersecurity work;
- Work Roles (52) – The most detailed groupings cybersecurity work comprised of specific knowledge, skills, and abilities required to perform tasks in a work role;
- Tasks – Specific work activities that could be assigned to a professional working in one of the NCWF’s Work Roles; and
- Knowledge, Skills, and Abilities (KSAs) – Attributes required to perform Tasks, generally demonstrated through relevant experience or performance-based education and training.
The NCWF serves several key audiences within the cybersecurity community including:
- Employers, to help assess their cybersecurity workforce, identify critical gaps in cybersecurity staffing, and improve position descriptions;
- Current and future employees, to help explore Tasks and Work Roles and assist with understanding the KSAs that are being valued by employers for in-demand cybersecurity jobs and positions. The NCWF also enables staffing specialists and guidance counselors to use the NCWF as a resource to support these employees or job seekers;
- Training and certification providers who desire to help current and future members of the cybersecurity workforce gain and demonstrate the KSAs;
- Education providers who may use the NCWF as a reference to develop curriculum, courses, seminars, and research that cover the KSAs and Tasks described; and
- Technology providers who can identify cybersecurity Work Roles and specific Tasks and KSAs associated with services and hardware/software products they supply.
Comments on the NCWF draft were gathered through January 6, 2017, and a final version of the NCWF will released in the spring of 2017.
- Draft NIST Special Publication 800-181, The NICE Cybersecurity Workforce Framework (November 2016)
- Reference Spreadsheet for Draft NIST Special Publication 800-181 (May 2017)
- DHS Cybersecurity Workforce, Education, and Training Portal (aka NICCS)
- NCWF 2.0 Spreadsheet (April 2014)
- NSA DHS CAE Knowledge Unit (KU Mapping to the NCWF 2.0)
- NCWF 1.0 - Interactive PDF (April 2013)
- NCWF 1.0 Development Process (September 2012)
Cybersecurity Work Categories