A Commerce Department office focused on cybersecurity education released an updated guidance document today aimed at getting government and industry speaking a common language when it comes to the cybersecurity workforce.
The Cybersecurity Workforce Framework divides cybersecurity work into seven broad categories that include over 50 work roles with tasks, knowledge, skills and abilities that relate to each work role.
The framework is designed as a “cybersecurity workforce dictionary that will allow employers, educators, trainers and those in the workforce to use consistent terms to describe cybersecurity work,” according to an announcement describing the draft report from the National Institute of Standards and Technology’s National Initiative for Cybersecurity Education.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
The origin of the framework dates back to 2008 when a council of federal agency chief information officers determined different agencies and private companies used differing and imprecise terms to describe cyber workforce needs and jobs, according to the guidance.
An earlier draft of the framework, released in 2011, was used to define cyber job codes used by the Office of Personnel Management.
“While several of the examples are based upon a strategy that is specific to federal government programs, any organization with cybersecurity workforce needs will benefit from the principles described,” the framework states.
The departments of Defense and Homeland Security helped draft the framework, which will be open for comments until Jan. 6.