Categories provide the overarching organizational structure of the NICE Framework.
NICE is the National Initiative for Cybersecurity Education led by the National Institute of Standards and Technology (NIST). NICE coordinates with government, academic, and industry partners to build on existing successful programs, facilitate change and innovation, and bring leadership and vision to increase the number of skilled cybersecurity professionals helping to keep our nation secure.
NICE is committed to cultivating an integrated cybersecurity workforce that is globally competitive from hire to retire and prepared to protect our nation from existing and emerging cybersecurity challenges. The NICE Framework supports those in the cybersecurity field and those who might wish to enter the cybersecurity field, to explore Tasks within cybersecurity Categories and work roles.
Reference Spreadsheet for the NICE Framework, with training and certification mapping.
The NICE Framework can be used by employers and organizational leadership to:
• Inventory and track their cybersecurity workforce to gain a greater understanding of the
strengths and gaps in Knowledge, Skills, and Abilities and Tasks performed;
• Identify training and qualification requirements to develop critical Knowledge, Skills,
and Abilities to perform cybersecurity Tasks;
• Improve position descriptions and job vacancy announcements selecting relevant KSAs
and Tasks, once work roles and tasks are identified;
• Identify the most relevant work roles and develop career paths to guide staff in gaining
the requisite skills for those roles; and
• Establish a shared terminology between hiring managers and human resources (HR) staff
for the recruiting, retention, and training of a highly-specialized workforce.
The NICE Framework organizes cybersecurity into seven high-level categories, each comprised of several specialty areas. Within each category, you’ll find a list of specialty areas.