Establishing capability indicators that can help organizations build formal qualification requirements for each NICE Cybersecurity Workforce Framework work role will aid organizations in meeting cybersecurity workforce development goals. NIST Interagency Report (NISTIR) 8193, co-authored by representatives from the U.S. Department of Homeland Security, National Institute of Standards and Technology and Booz Allen Hamilton Inc., helps determine what qualities or accomplishments indicate that someone is suitable to perform a particular job or activity. These qualities are defined in this report as “capability indicators.”
The national need for a common lexicon to describe and organize the cybersecurity workforce and requisite knowledge, skills and abilities (KSAs) led to the creation of the National Initiative for Cybersecurity Education Cybersecurity Workforce Framework (NICE Framework). The NICE Framework defines the spectrum of cybersecurity work as well as tasks and knowledge, skills and abilities (KSAs) for over 50 common work roles. While the work roles have made the NICE Framework easier to associate to specific positions, they do not provide organizations with guidance on how to determine if a professional can perform a work role.
This report provides capability indicators which are intended to help organizations address this challenge. Capability indicators are recommended education, certification, training, experiential learning, and continuous learning that could signal an increased ability to perform a given work role. Though capability indicators are not formal qualification requirements, they provide a menu of characteristics recommended by subject matter experts that should be customized by each organization based on need and incorporated into hiring and employee development efforts (e.g., recruiting, building career paths). Overarching findings pertaining to capability indicators across work roles and proficiency levels are also provided in this report.
Read the full report and provide comments at https://csrc.nist.gov/publications/detail/nistir/8193/draft.
Learn more about the NICE Cybersecurity Workforce Framework at nist.gov/nice/framework.