The NICE framework being introduced by nist.gov is pragmatic in its approach and offers understandings that can be adopted by any organisation. Specifically, it lets you identify what cyber designations are applicable to your organisation and which specific combination of academic, certifications and apprenticeship models are applicable to your company.
Current cyber qualifications are limited and somewhat restricted as they are based off TCP/IP technology ecosystems, the NICE framework, goes one step further and allows you to move beyond the client/server architecture to identify what combinations of any cyber activities will be applicable to your needs. It lets you make qualitative and quantitative cyber assessments without any bias.
Its framework uses a common body of knowledge (CBK) instead of having an ecosystem/commercial approach, which means it is impartial and more specific to what defines security within your company. For example, it lets anyone better explain the cognitive difference of a cyber specific role compared to any other technology based role within your company.
Using ontologies of Tasks, Knowledge, Skills and Abilities, it will help you clarify what your cyber requirements are, whether it be in IoT, Cloud, Mobile or even roles associated with Satellite Engineering. It also has security designations pre listed i.e. Work Role Names into which the ontologies are combined. This means when you asses your needs, you can select what combination of security activities you specifically require. This is very different to the current approach.
More importantly, it allows those individuals who are keen to enter/adapt into cyber security roles the ability to do so. By using designations that are based off common business understandings, you will be able to match more confidently profiles against the ontologies of Tasks, Knowledge, Skills and Abilities - Each ontology goes into the hundreds - so it is very comprehensive - The NICE approach gives enhanced clarity and you may find you are using it as a reference quite regularly, especialy when used alongside cyber programmes from Ncsc.gov which can be found here.
A few years back, it was researched that there was a lack of frameworks based off the CBK approach, at the time it led me to create a Cyber Model whose end goal would create Chartered Security Professionals, the original blog can be found here.
Full details on the National Initiative for Cyber Education (NICE) can be found here.
Its framework uses a common body of knowledge (CBK) instead of having an ecosystem/commercial approach, which means it is impartial and more specific to what defines security within your company. For example, it lets anyone better explain the cognitive difference of a cyber specific role compared to any other technology based role within your company.
Using ontologies of Tasks, Knowledge, Skills and Abilities, it will help you clarify what your cyber requirements are, whether it be in IoT, Cloud, Mobile or even roles associated with Satellite Engineering. It also has security designations pre listed i.e. Work Role Names into which the ontologies are combined. This means when you asses your needs, you can select what combination of security activities you specifically require. This is very different to the current approach.
More importantly, it allows those individuals who are keen to enter/adapt into cyber security roles the ability to do so. By using designations that are based off common business understandings, you will be able to match more confidently profiles against the ontologies of Tasks, Knowledge, Skills and Abilities - Each ontology goes into the hundreds - so it is very comprehensive - The NICE approach gives enhanced clarity and you may find you are using it as a reference quite regularly, especialy when used alongside cyber programmes from Ncsc.gov which can be found here.
A few years back, it was researched that there was a lack of frameworks based off the CBK approach, at the time it led me to create a Cyber Model whose end goal would create Chartered Security Professionals, the original blog can be found here.
Full details on the National Initiative for Cyber Education (NICE) can be found here.