Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NICE Publishes Proposed Updates for Three NICE Framework Work Roles and One NICE Framework Competency Area

PROPOSED NICE FRAMEWORK UPDATES FOR PUBLIC COMMENT

The NICE Program Office of the National Institute of Standards and Technology (NIST) is pleased to publish proposed changes to three Work Roles and one Competency Area in the NICE Workforce Framework for Cybersecurity (NICE Framework). We welcome and encourage comments from all interested stakeholders.

The proposed updates apply to:

  • Digital Evidence Analysis (Work Role IN-WRL-002 / OPM Code 211)
    A thorough review of this existing Work Role in the Investigation Work Role Category was conducted with subject matter experts from the Federal Bureau of Investigation and the Department of Justice. This draft adjusts the Task, Knowledge, and Skill (TKS) statements in this Work Role and further adds an alignment of Knowledge and Skill statements to each of the Tasks.
  • Insider Threat Analysis (Work Role PD-WRL-005)
    This Work Role was initially released with Version 1.0.0 (v.1.0.0) of the NICE Framework Components in March 2024. This update includes minor changes to some TKS statements and, significantly, aligns the Knowledge and Skill statements to each Task statement in this role.
  • Operational Technology (OT) Cybersecurity Engineering (New WR DD-WRL-009)
    This new Work Role in the Design & Development Work Role Category is the first role in the NICE Framework to focus on operational technology (OT). 
  • Cyber Resiliency (Competency Area NF-COM-007)
    NICE released 11 new Competency Areas with v.1.0.0 of the components in March 2024. At that time, only the names and descriptions were included. NICE has been working to identify and develop Knowledge and Skill statements for each of the areas. Cyber Resiliency is the first of these to be developed. 

These proposed updates reflect the NICE Program Office’s commitment to maintaining the NICE Framework’s relevance to current cybersecurity practices through the active input of subject matter experts as well as the broader community of cybersecurity practitioners and educators. 

WE WANT TO HEAR FROM YOU!

NICE welcomes comments on the three proposed Work Roles and one Competency Area from all interested parties. Comments received by the November 14 deadline will be acknowledged by email. Comments will be reviewed and adjudicated, and feedback received during this comment period will be used to inform any necessary updates to the relevant proposed Work Roles or Competency Areas. Final updates will be incorporated in the next release of the NICE Framework Components. Take the following steps to share your feedback:

Released September 30, 2024, Updated October 30, 2024