Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
PROPOSED NICE FRAMEWORK UPDATES FOR PUBLIC COMMENT
The NICE Program Office of the National Institute of Standards and Technology (NIST) is pleased to publish three proposed Work Roles and updates to two Competency Areas of the NICE Workforce Framework for Cybersecurity (NICE Framework). We welcome and encourage comments from all interested stakeholders.
The proposals include:
- Cybersecurity Supply Chain Risk Management Work Role (new OG-WRL-017)
- Risk Management Work Role (new OG-WRL-018)
- Learning Program Management Work Role (new OG-WRL-019)
- Cryptography Competency Area (NF-COM-006)
- DevSecOps Competency Area (NF-COM-008)
These proposed updates reflect the NICE Program Office’s commitment to maintaining the NICE Framework’s relevance to current cybersecurity practices through the active input of subject matter experts as well as the broader community of cybersecurity practitioners and educators.
WE WANT TO HEAR FROM YOU!
NICE welcomes comments on the proposed updates from all interested parties. Comments received by the February 2, 2026 deadline will be acknowledged by email. Comments will be reviewed and adjudicated, and feedback received during this comment period will be used to inform any necessary updates to the relevant proposed Components. Final updates will be incorporated in the next release of the NICE Framework Components. Take the following steps to share your feedback:
- Visit the NICE Framework Resource Center Public Comments page to access and review the proposed update spreadsheets
- Submit comments to NICEFramework [at] nist.gov (NICEFramework[at]nist[dot]gov) by 11:59 pm ET on Monday, February 2, 2026
- Join the NICE Framework Users Group to participate in community discussions!