- T0006: Advocate organization's official position in legal and legislative proceedings
- T1020: Determine the operational and safety impacts of cybersecurity lapses
- T1036: Integrate leadership priorities
- T1038: Integrate organization objectives in intelligence collection
- T1054: Scope analysis reports to various audiences that accounts for data sharing classification restrictions
- T1055: Determine if priority information requirements are satisfied
- T1056: Acquire resources to support cybersecurity program goals and objectives
- T1057: Conduct an effective enterprise continuity of operations program
- T1059: Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
- T1060: Advise senior management on organizational cybersecurity efforts
- T1088: Communicate the value of cybersecurity to organizational stakeholders
- T1145: Develop strategic plans
- T1146: Maintain strategic plans
- T1221: Disseminate incident and other Computer Network Defense (CND) information
- T1226: Align cybersecurity priorities with organizational security strategy
- T1227: Manage cybersecurity budget, staffing, and contracting
- T1234: Develop Computer Network Defense (CND) guidance for organizational stakeholders
- T1238: Determine the effectiveness of enterprise cybersecurity safeguards
- T1307: Develop cybersecurity policy recommendations
- T1308: Coordinate cybersecurity policy review and approval processes
- T1310: Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered
- T1335: Promote cybersecurity awareness to management
- T1336: Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
- T1342: Oversee policy standards and implementation strategy development
- T1354: Identify system cybersecurity requirements
- T1355: Determine if vulnerability remediation plans are in place
- T1356: Develop vulnerability remediation plans
- T1376: Develop critical infrastructure protection policies and procedures
- T1377: Implement critical infrastructure protection policies and procedures
- T1450: Allocate and distribute human capital assets
- T1476: Promote awareness of cybersecurity policy and strategy among management
- T1518: Develop organizational cybersecurity strategy
- T1543: Develop cybersecurity policies and procedures
- T1586: Conduct cybersecurity risk assessments
- T1779: Coordinate strategic planning efforts with internal and external partners
- T1862: Establish cybersecurity risk assessment processes
- T1906: Establish a cybersecurity risk management program
- K0498: Knowledge of operational planning processes
- K0644: Knowledge of cybersecurity operation policies and procedures
- K0674: Knowledge of computer networking protocols
- K0675: Knowledge of risk management processes
- K0676: Knowledge of cybersecurity laws and regulations
- K0677: Knowledge of cybersecurity policies and procedures
- K0678: Knowledge of privacy laws and regulations
- K0679: Knowledge of privacy policies and procedures
- K0680: Knowledge of cybersecurity principles and practices
- K0681: Knowledge of privacy principles and practices
- K0682: Knowledge of cybersecurity threats
- K0683: Knowledge of cybersecurity vulnerabilities
- K0684: Knowledge of cybersecurity threat characteristics
- K0688: Knowledge of common application vulnerabilities
- K0689: Knowledge of network infrastructure principles and practices
- K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
- K0729: Knowledge of non-repudiation principles and practices
- K0730: Knowledge of cyber safety principles and practices
- K0743: Knowledge of new and emerging technologies
- K0751: Knowledge of system threats
- K0752: Knowledge of system vulnerabilities
- K0783: Knowledge of network attack characteristics
- K0784: Knowledge of insider threat laws and regulations
- K0785: Knowledge of insider threat tools and techniques
- K0800: Knowledge of evidence admissibility laws and regulations
- K0818: Knowledge of new and emerging cybersecurity risks
- K0819: Knowledge of import and export control laws and regulations
- K0820: Knowledge of supply chain risks
- K0821: Knowledge of federal agency roles and responsibilities
- K0825: Knowledge of threat vector characteristics
- K0831: Knowledge of network attack vectors
- K0839: Knowledge of critical infrastructure systems and software
- K0892: Knowledge of cyber defense laws and regulations
- K0936: Knowledge of network hardware threats and vulnerabilities
- K0983: Knowledge of computer networking principles and practices
- K0990: Knowledge of cyber operations principles and practices
- K1014: Knowledge of network security principles and practices
- K1025: Knowledge of decision-making policies and procedures
- K1079: Knowledge of web application security risks
- K1083: Knowledge of cybersecurity competitions
- K1180: Knowledge of organizational cybersecurity goals and objectives
- K1183: Knowledge of organizational cybersecurity policies and procedures
- K1188: Knowledge of organizational policies and procedures
- K1209: Knowledge of risk mitigation principles and practices
- K1225: Knowledge of system life cycles
- S0111: Skill in interfacing with customers
- S0406: Skill in developing policy plans
- S0414: Skill in evaluating laws
- S0415: Skill in evaluating regulations
- S0416: Skill in evaluating policies
- S0431: Skill in applying critical thinking
- S0506: Skill in identifying customer information needs
- S0511: Skill in establishing priorities
- S0564: Skill in creating system security policies
- S0610: Skill in communicating effectively
- S0686: Skill in performing risk assessments
- S0707: Skill in developing comprehensive cyber operations assessment programs
- S0708: Skill in executing comprehensive cyber operations assessment programs
- S0799: Skill in anticipating new security threats
- S0800: Skill in analyzing organizational patterns and relationships
- S0807: Skill in solving problems
- S0821: Skill in collaborating with internal and external stakeholders
- S0826: Skill in communicating with external organizations
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 2.0.0)