Breaking Out the Cybersecurity Workforce Framework

Transcription

1 Breaking Out the Cybersecurity Workforce Framework Ray Trygstad Industry Professor of Information Technology & Management; Associate Director, IIT Center for Cyber Security & Forensics Education

2 The Framework: What Is It? NICE Cybersecurity Workforce Framework (NCWF) NIST Special Publication (draft) A national resource that categorizes and describes cybersecurity work Began as Federal effort and expanded beyond in 2010

3 The Framework: What Is It? The foundation for increasing the size and capability of the U.S. cybersecurity workforce; it provides A common definition of cybersecurity A comprehensive list of cybersecurity tasks The knowledge, skills, and abilities required to perform those tasks

4 The Framework: What Is It? By using the Framework: Educators can create programs aligned to jobs Students will graduate with knowledge and skills employers need Employers can recruit from a larger pool of more qualified candidates Employees will have portable skills and better defined career paths and opportunities Policy makers can set standards to promote workforce professionalization

5 The Framework: Structure Seven Categories High-level grouping of common cybersecurity functions Thirty-Three Specialty Areas Distinct areas of cybersecurity work Fifty-Two Work Roles Most detailed groupings comprised of specific knowledge, skills, and abilities required to perform specific tasks in a work role

6 The Framework: Categories Operate and Maintain Securely Provision Oversee and Govern Protect and Defend Analyze Collect and Operate Investigate

7 The Framework: Categories Securely Provision (SP) Conceptualize, design and build secure information technology (IT) systems, with responsibility for aspects of systems and/or networks development Operate and Maintain (OM) Provide support, administration, and maintenance necessary to ensure effective and efficient information technology (IT) system performance and security

8 The Framework: Categories Oversee and Govern (OV) Provide leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work Protect and Defend (PR) Identify, analyze, and mitigate threats to internal information technology (IT) systems and/or networks

9 The Framework: Categories Analyze (AN) Perform highly specialized review and evaluation of incoming cybersecurity information to determine usefulness for intelligence Collect and Operate (CO) Provide specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence

10 The Framework: Categories Investigate (IN) Investigate cybersecurity events or crimes related to information technology (IT) systems, networks, and digital evidence

11 Area/Work Role Relationships

12 Tied to and works with

13 The Framework: Work Roles Comprised of tasks with associated knowledge, skills, and abilities Tasks drawn from list of 928 tasks Knowledge drawn from list of 614 items Skills drawn from 359 items Specific abilities drawn from list of 119 items Several work roles may be included in a single position

14 The Framework: Tasks

15 The Framework: Knowledge

16 The Framework: Skills

17 The Framework: Abilities

18 The Framework: Work Roles

19 Breaking Out the Work Roles Not currently in usable state Probably need additional information OPM Cybersecurity Category/Specialty Area Code (drawn from Specialty Areas) Job titles associate with this work role Expand codes into actual paragraphs Expanded work roles we have titled Work Role Details

20

21

22

23 Uses of Expanded Work Roles Consistent position/job descriptions Support HR for staffing the cybersecurity function in the organization Mapping against NIST Cybersecurity Framework implementation will allow determination of proper staffing levels Work Roles are not just security roles; many are for straight IT staff with addition of clearly defined security roles & responsibilities

24 Uses of Expanded Work Roles Curricular design to allow educational preparation for specific work roles Cross map to Knowledge Units in NSA/ DHS Centers of Academic Excellence Cross map to ACM/IEEE-CS model curricula in IT and Cybersecurity as well as ABET Accreditation Standards Cross-check against course design & course objectives/outcomes

25 Uses of Expanded Work Roles Technology providers can identify cybersecurity Work Roles and specific Tasks and KSAs associated with services and hardware/software products they supply

26 Flaws in the Draft Good thing it s a draft! Wanted to create Work Role Details for disaster recovery/business continuity No work roles defined in the Framework Hundreds of job titles in this field Lists of Tasks, Knowledge, Skills, & Abilities not in any order Additions just get tacked on the end

27 Directions from here Review & Comment period for the Framework ended in January 2017 First official version will be published this spring Get it use it it s free and it s in the public domain so you can adapt it any way you want

28 Key Bibliography Items National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Draft Version 1.1 January 10, Newhouse, Bill; Keith, Stephanie; Scribner, Benjamin; & Witte, Greg Draft NIST Special Publication NICE Cybersecurity Workforce Framework (NCWF) National Institute of Standards and Technology November U.S. Department of Homeland Security The National Cybersecurity Workforce Framework U.S. Department of Defense DoD Cyberspace Workforce Framework (DCWF) Overview February

29 The End Questions? Thank you! Ray Trygstad