Knowledge ID: K0784
Knowledge of insider threat laws and regulations
Work roles with this Knowledge
Cybersecurity Legal Advice
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-006Responsible for providing cybersecurity legal advice and recommendations, including monitoring related legislation and regulations.
Executive Cybersecurity Leadership
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-007Responsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Security Control Assessment
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-012Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.
Systems Authorization
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-013Responsible for operating an information system at an acceptable level of risk to organizational operations, organizational assets, individuals, other organizations, and the nation.
Defensive Cybersecurity
Category: Protection and DefenseNICE Framework ID: PD-WRL-001Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Insider Threat Analysis
Category: Protection and DefenseNICE Framework ID: PD-WRL-005Responsible for identifying and assessing the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.
Cybercrime Investigation
Category: InvestigationNICE Framework ID: IN-WRL-001Responsible for investigating cyberspace intrusion incidents and crimes. Applies tactics, techniques, and procedures for a full range of investigative tools and processes and appropriately balances the benefits of prosecution versus intelligence gathering.
Digital Evidence Analysis
Category: InvestigationNICE Framework ID: IN-WRL-002Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.
Cyber Intelligence Planning
Category: Cyberspace IntelligenceNICE Framework ID: CI-WRL-004Responsible for developing intelligence plans to satisfy cyber operation requirements. Identifies, validates, and levies requirements for intelligence collection and analysis. Participates in targeting selection, validation, synchronization, and execution of cyber actions. Synchronizes intelligence activities to support organization objectives in cyberspace.
Multi-Disciplined Language Analysis
Category: Cyberspace IntelligenceNICE Framework ID: CI-WRL-005<p>Responsible for applying language and cultural expertise with target, threat, and technical knowledge to process, analyze, and disseminate intelligence information derived from language, voice, and/or graphic materials. Creates and maintains language-specific databases and working aids to support cyber action execution and ensure critical knowledge sharing. Provides subject matter expertise in foreign language-intensive or interdisciplinary projects.</p>
Cyber Operations Planning
Category: Cyberspace EffectsNICE Framework ID: CE-WRL-002Responsible for developing cybersecurity operations plans; participating in targeting selection, validation, and synchronization; and enabling integration during the execution of cyber actions.
Partner Integration Planning
Category: Cyberspace EffectsNICE Framework ID: CE-WRL-005<p>Responsible for advancing cooperation across organizational or national borders between cyber operations partners. Provides guidance, resources, and collaboration to develop best practices and facilitate organizational support for achieving objectives in integrated cyber actions.</p>
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)