The Workforce Framework for Cybersecurity (NICE Framework), NIST Special Publication (SP) 800-181 revision 1, establishes a common language to categorize and describe cybersecurity work. This NICE Framework K12 FAQ helps K12 educators better understand how the NICE Framework can be used to familiarize students with cybersecurity concepts, help students explore cybersecurity work and chart paths for future learning, develop K12 cybersecurity-specific content, and more. It also provides links to related resources for K12 cybersecurity education and to opportunities to engage with other K12 cybersecurity educators in the NICE community.
See also the NICE K12 Cybersecurity Education Community of Interest
The NICE Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication (SP) 800-181 Rev. 1) (November 2020) describes the framework structure itself, while the NICE Framework components – Task, Knowledge, and Skill (TKS) statements, Work Roles and Work Role Categories, and Competency Areas – are maintained separately to provide for a streamlined and agile updating process in the NICE Framework Resource Center. In addition, the NIST Interagency or Internal Report (NISTIR) 8355, NICE Framework Competency Areas: Preparing a Job-Ready Cybersecurity Workforce (June 2023), provides detail on NICE Framework Competency Areas, including their evolution, development, and example uses from various stakeholder perspectives.
The NICE Framework establishes a standard approach and common language for describing cybersecurity work and learner capabilities. This approach allows for the establishment of regular processes for use in career discovery, education and training, hiring and career development, and workforce planning and assessment. It is used in both the public and private sectors and across industries by employers, learners, and education, training, and certification providers.
At its foundation are the NICE Framework building blocks of Task, Knowledge, and Skill (TKS) statements that describe the work and what someone needs to know or do to complete that work. These are applied via Competency Areas and Work Roles.
A Work Role represents a grouping of Task statements for which an individual or team is responsible. Work Roles help define positions – which may be responsible for one or more roles – within an organization. A Competency Area is a cluster of related Knowledge and Skills statements that correlates with one’s capability to perform Tasks in a particular domain. Competency Areas can help learners discover areas of interest, inform career planning and development, identify gaps for knowledge and skills development, and provide a means of assessing or demonstrating a learner’s capabilities in the domain. Work Roles and Competency Areas both provide a mechanism for education and training providers to to develop learning content and assess learners and for employers to assess candidates and develop staff.
Learn more: Getting Started with the NICE Framework
No. The Framework for Improving Critical Infrastructure Cybersecurity (NIST Cybersecurity Framework, or CSF) is a separate framework that focuses on voluntary standards, guidelines, and best practices for managing cybersecurity risk. The NICE Framework focuses on how to manage cybersecurity risk by identifying the work that is needed to be done (i.e., the Tasks involved) and what an individual or team needs to know or do (i.e., the Knowledge and Skills) to complete the Tasks. Both frameworks were developed at the National Institute of Standards and Technology (NIST) and work closely together in identifying core cybersecurity work.
The NICE Framework is used in both the public and private sectors by employers, learners, and education, training, and certification providers. Learners is a term used in the NICE Framework to mean students, job seekers, and current employees alike. It is intended for use across industries and in small, medium, and large organizations. It is used in the United States and internationally. Examples of how the NICE Framework is used include:
Students – whether K12 or post-secondary – can use the NICE Framework’s seven Work Role Categories of 52 Work Roles to learn about the wide range of cybersecurity work and career opportunities. They can also use it to find out more about the specific tasks in these various roles and better understand the skills and knowledge needed to complete them.
Job seekers can use the NICE Framework to learn about position requirements, to identify gaps in their capabilities, and to demonstrate their capabilities.
Education, training, and credential providers can use the NICE Framework to create learning programs and develop curricula and skills assessments that reflect real-world needs.
Employees can use the NICE Framework in career planning and development.
The NICE Framework defines 52 cybersecurity Work Roles, which are organized into seven broad Work Role Categories: Oversight & Governance, Design & Development, Implementation & Operation, Protection & Defense, Investigation, Cyberspace Intelligence, and Cyberspace Effects. The Work Role Categories serve as an entry point for teaching students about cybersecurity concepts and vocabulary. For example, someone working in the Design & Development Work Role Category is involved in designing, procuring, or building secure technology systems, with responsibility for aspects of system or network development.
Teachers and counselors can refer to the Work Roles and accompanying descriptions to introduce students to the wide variety of work in the field. For example, a learner working in Software Security Assessment (one of eight Work Roles under the Design & Development Work Role Category) analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
Examples: The NICE website includes a library of videos depicting “A Day in the Life” of cybersecurity practitioners at businesses, academic institutions, and government agencies. The videos are organized by NICE Framework Category, and each presents a different Work Role. Learn more at NICE Framework Work Role Videos | NIST.
The NICE “Framework in Focus” series profiles cybersecurity practitioners working in a wide variety of roles. The profiles include recorded interviews, allowing students to hear firsthand how practitioners got into the field, the education and training they received, the Work Roles they have held, and how they use the NICE Framework in their jobs.
NICE Framework Work Roles are composed of Task statements that constitute work to be done as well as Knowledge and Skill statements that represent a learner’s potential to perform those Tasks. Teachers can use the Task, Knowledge, and Skill (TKS) statements to prepare students for entering the workforce or continuing into higher education by helping them discover the type of cybersecurity careers available that they may be interested in and the corresponding knowledge and skills that will help qualify them for those careers.
Example: At the Career Technical Education Cyber Academic Pathway at Canyon Springs High School in Moreno Valley, California, students use the NICE Framework to connect Tasks, Knowledge, and Skills to the specific careers they are interested in pursuing.
Cybersecurity games, competitions, and club activities can be built around NICE Framework Work Roles, Competency Areas, or Task, Knowledge, and Skill (TKS) statements. Connecting activities to NICE Framework Work Role Categories, Work Roles, TKS statements, and Competency Areas creates learning experiences that reflect exciting, real-world challenges, while acquainting students with the concepts and language used in higher education, industry, and government.
Example: The NICE Challenge Project offers cybersecurity challenges within virtualized business environments to give students workforce experience before they enter the workforce. The challenges are mapped to NICE Framework Work Role Categories, Work Roles, and TKS statements. For example, the “DASWebs Inc.” challenge is focused on the Implementation & Operation Category. The program, which is available free of charge to educators and students, also generates assessment data about knowledge, skills, and abilities. Educator training is available for teachers who want to learn more.
Cybersecurity content can be developed around NICE Framework Competency Areas or Work Roles and mapped to Task, Knowledge, and Skill (TKS) statements. These components reflect current workplace requirements, enabling educators to focus on the skills and knowledge that employers demand. By building curricula around the NICE Framework components, K12 educators promote skills- and competency-based learning and the development of demonstrable cybersecurity capabilities.
Example: The Palo Alto Network Cybersecurity Academy maps its courses to the NICE Framework Work Roles and TKS statements. The Enterprise Security Management course, for instance, maps to the Systems Security Analysis Work Role. High schools and colleges that join the network have access to the free curriculum, hands-on labs, and faculty training.
The NICE Framework spells out the Knowledge and Skills needed to perform cybersecurity tasks in today’s workplace. A number of organizations that partner with NICE have mapped the NICE Framework components to career pathways and job availability data. These tools illustrate the great demand for cybersecurity practitioners in today’s workplace and the education levels needed for different Work Roles.
Example: CyberSeek, a collaboration between Lightcast, NICE, and CompTIA, analyzes hundreds of millions of job postings and real-life career transitions to provide insight into labor market patterns. The Cyberseek Cybersecurity Supply/Demand Heat Map identifies the number of cybersecurity job openings nationwide and the number of openings in each NICE Framework Category and Work Role. It also provides estimated supply and demand information for common cybersecurity positions.
Cyberseek’s Cybersecurity Career Pathway information shows key jobs within cybersecurity, common transition opportunities between them, and detailed information about salaries, credentials, and skillsets associated with each role.
NICE works to support the K12 education community in a variety of ways, including co-sponsoring the annual NICE K12 Cybersecurity Education Conference, the annual Cybersecurity Career Week, and the NICE K12 Cybersecurity Education Community of Interest (COI). The K12 Cybersecurity Education COI is a forum for K12 teachers, school administrators, local and state education agencies, non-profit organizations, federal agencies, institutions of higher education, and others who are interested in sharing and learning how to grow and sustain diverse students pursuing cybersecurity careers through learning experiences, exposure to career opportunities, and teacher professional development. The group is open to all and meets monthly via video conference. Visit the COI’s webpage for information on how to become a member.
The NICE Community Coordinating Council is made up of three working groups and six communities of interest that meet monthly via video conference. In addition, the NICE Framework Users group hosts an ongoing discussion via a mailing list forum. Information on becoming a member of the council or any of its groups is available here.