National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework

Knowledge, skills, and abilities (KSAs) is used to describe a set of competencies that can be demonstrated by a person. In the technology industry, KSA is often used to develop job description, training and development, or evaluation of job performance. A recent study (Jones, Namin, and Armstrong 2018) solicited a list of current practices and views from a group of cyber professionals at two premier hacker conferences, Black Hat 2016 and DEF CON 24. Their findings had shown the top five KSAs expressed by the current professionals are: understanding of network protocols, network security architecture concepts (including how the traffic flows across the network), basic system administration, network, and operating system hardening techniques and overall system and application security threats and vulnerabilities. More than half of the participants indicated that these KSAs were mostly learned from their job, followed by school and self-learning. There is a need to continue to improve skills of the current professionals as well as preparing those who are interested to work in the cybersecurity domain.

NICE Framework 2.0 has been developed and updated with a taxonomy of 7 workforce categories, 33 specialty areas, 52 work roles, and associated KSAs for the cybersecurity domain. Encompassing three components (enhancing awareness, expanding the pipeline, and evolving the field), the NICE framework 2.0 identifies seven work categories: Security Provision, Operate and Maintain, Protect and Defend, Investigate, Collect and Operate, Analyze, Oversee, and Govern (Newhouse et al. 2017). Table 4.1 displays the term and descriptions of each workforce category in an alphabetical order. Three workforce categories appear relevant to what information profession does: Oversee and Govern, Analyze, and Collect and Operate. While Oversee and Govern focus on cybersecurity management, Analyze, and Collect emphasize gathering and evaluating cybersecurity information.

As shown in Figure 4.1, mapping the specialty areas with workforce categories, some of the specialty areas in other categories also seem relevant to information profession. For instance, data administration and knowledge management pertain to Operate and Maintain category; risk management in Securely Provision is related to Oversee and Govern. Analyze competency seems to be the core knowledge areas of security analytics supporting Investigate and Collect and Operate and inform other four workforce categories (Protect and Defend, Oversee and Govern, Operate and Maintain, and Security Provision) to make data-driven decisions. Reciprocally, data administration and knowledge management aid in ensuring the processes align with analytics project management.

Table 4.1 NICE Cybersecurity Workforce Framework Categories and Descriptions

Category

Descriptions

Analyze (AN)

Performs highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

Collect and Operate (CO)

Provides specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.

Investigate (IN)

Investigates cybersecurity events or crimes related to information technology (IT) systems, networks, and digital evidence.

Operate and Maintain (OM)

Provides the support, administration, and maintenance necessary to ensure effective and efficient information technology (IT) system performance and security.

Oversee and Govern (OV)

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

Protect and Defend (PR)

Identifies, analyzes, and mitigates threats to internal information technology (IT) systems and/or networks.

Securely Provision (SP)

Conceptualizes, designs, procures, and/or builds secure information technology (IT) systems, with responsibility for aspects of system and/or network development.

Source: Department of Homeland Security, Office of Cybersecurity and Communications, National Initiative for Cybersecurity Careers and Studies (2019a).

Cybersecurity Education in North America iSchools

The turn of the century is characterized by globalization and the increased emphasis on knowledge as a factor of growth. This has given rise to intellectual capital, intellectual property, and wider concept of the knowledge-based economy. It has also given rise to the birth of online mega corporations such as Google, Amazon, Netflix, and Facebook. The shift from brick and mortar institutions to data- and technology-driven institutions created growing interest in new areas within the information field such as knowledge management, knowledge discovery, big data, data analytics, and data science. The increased emphasis on intangible assets and the relationship between technology, people, and information formed the basis for birth of the ¡Schools movement or the Information Schools. It started in 2005, when a number of library and information science schools realized that their

Securely Provision ____ей____

Oversee and Operate and

Govern (OV) Maintain (OM)

Risk Management (RSK)

Analyze (AN)

Legal Advice and Advocacy (LGA)

Data Administration (OTA)

Software Development (DEV)

Threat Analysis (TWA)

Protect and

Defend (PR)

Training, Education, and Awareness (TEA)

Knowledge Management (KMG)

Systems Architecture (ARC)

Collect and

Operate (CO)

Exploitation Analysis (EXP)

Cybersecurity Defense Analysis (CDA)

Cybersecurity Management (MGT)

Customer Service and Technical Support (STS)

Technology R&D (TRD)

Investigate (IN)

Collection Operations (CLO)

All-Source Analysis (ASA)

Cybersecurity Defense Infrastructure Support (INF)

Strategic Planning and Policy (SPP)

Network Services (NET)

Systems Requirements Planning (SRP)

Cyber Investigation (INV)

Cyber Operational Planning (OPL)

Targets (TGT)

Incident Response (CIR)

Executive Cyber Leadership (EXL)

Systems Administration (ADM)

Test and Evaluation (TST)

Digital Forensics (FOR)

Cyber Operations (OPS)

Language Analysis (LNG)

Vulnerability Assessment and Management (VAM)

Program/Project Management (PMA)and Acquisition

Systems Analysis (ANA)

Systems Development (SYS)

I______________________________________________________________________________________________________I I_________________________________________________________________________________________________________________I

Bridging the Cybersecurity Talent Gap

Program/Project Management Supervision, Management and Leadership

_ w

Figure 4.1 The Cybersecurity Workforce Framework.

Adapted from Partnership for Public Service, and Booz Allen Hamilton (2015, 8).

teaching and research programs had the capacity to reach a broader audience and to prepare students for work beyond librarianship. The iSchools represent a shift in directions and philosophy from the traditional library and information science education.

Since the inception of the consortium of iSchools, the number of universities that joined the iSchools movement had increased to more than 80 schools from around the world. Many iSchools modify their representation by changing their name of library and information science by dropping the word “library” to reflect a broader nature of the information profession. Despite the name change, most of the current iSchools still focus on preparing librarian, archivist, or curators for different organizations and institutions. Most of the graduate-level library science programs of the current iSchools in North America are accredited by the American Library Association.

It is important to note that a number of institutions that joined the iSchools movement were not purely library science schools. Some of the institutions are engineering and computer science schools as part of the Computing Research Association and some are business schools. This shift in direction of broadening the information field is evident from the inclusion of computer and business schools as well as diversifying the iSchools degree program offering to include new and emerging areas such as data science, cybersecurity, and knowledge management. The iSchools organization vision as stated on iSchools.org (2014) is to expand internationally, recognized for creating innovative information solutions and systems to benefit individuals, organizations, and society at large.

 
Source
< Prev   CONTENTS   Source   Next >