Knowledge ID: K0892
Knowledge of cyber defense laws and regulations
Work roles with this Knowledge
Cybersecurity Policy and Planning
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-002Responsible for developing and maintaining cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.
Cybersecurity Workforce Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-003Responsible for developing cybersecurity workforce plans, assessments, strategies, and guidance, including cybersecurity-related staff training, education, and hiring processes. Makes adjustments in response to or in anticipation of changes to cybersecurity-related policy, technology, and staffing needs and requirements.Authors mandated workforce planning strategies to maintain compliance with legislation, regulation, and policy.
Cybersecurity Legal Advice
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-006Responsible for providing cybersecurity legal advice and recommendations, including monitoring related legislation and regulations.
Executive Cybersecurity Leadership
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-007Responsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Privacy Compliance
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-008Responsible for developing and overseeing an organization’s privacy compliance program and staff, including establishing and managing privacy-related governance, policy, and incident response needs.
Security Control Assessment
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-012Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.
Systems Authorization
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-013Responsible for operating an information system at an acceptable level of risk to organizational operations, organizational assets, individuals, other organizations, and the nation.
Systems Security Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-014Responsible for managing the cybersecurity of a program, organization, system, or enclave.
Systems Requirements Planning
Category: Design and DevelopmentNICE Framework ID: DD-WRL-006Responsible for consulting with internal and external customers to evaluate and translate functional requirements and integrating security policies into technical solutions.
Defensive Cybersecurity
Category: Protection and DefenseNICE Framework ID: PD-WRL-001Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Digital Forensics
Category: Protection and DefenseNICE Framework ID: PD-WRL-002Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.
Cybercrime Investigation
Category: InvestigationNICE Framework ID: IN-WRL-001Responsible for investigating cyberspace intrusion incidents and crimes. Applies tactics, techniques, and procedures for a full range of investigative tools and processes and appropriately balances the benefits of prosecution versus intelligence gathering.
Digital Evidence Analysis
Category: InvestigationNICE Framework ID: IN-WRL-002Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.
All-Source Analysis
Category: Cyberspace IntelligenceNICE Framework ID: CI-WRL-001Responsible for analyzing data and information from one or multiple sources to conduct preparation of the operational environment, respond to requests for information, and submit intelligence collection and production requirements in support of intelligence planning and operations.
Cyber Intelligence Planning
Category: Cyberspace IntelligenceNICE Framework ID: CI-WRL-004Responsible for developing intelligence plans to satisfy cyber operation requirements. Identifies, validates, and levies requirements for intelligence collection and analysis. Participates in targeting selection, validation, synchronization, and execution of cyber actions. Synchronizes intelligence activities to support organization objectives in cyberspace.
Multi-Disciplined Language Analysis
Category: Cyberspace IntelligenceNICE Framework ID: CI-WRL-005<p>Responsible for applying language and cultural expertise with target, threat, and technical knowledge to process, analyze, and disseminate intelligence information derived from language, voice, and/or graphic materials. Creates and maintains language-specific databases and working aids to support cyber action execution and ensure critical knowledge sharing. Provides subject matter expertise in foreign language-intensive or interdisciplinary projects.</p>
Cyber Operations Planning
Category: Cyberspace EffectsNICE Framework ID: CE-WRL-002Responsible for developing cybersecurity operations plans; participating in targeting selection, validation, and synchronization; and enabling integration during the execution of cyber actions.
Mission Assessment
Category: Cyberspace EffectsNICE Framework ID: CE-WRL-004Responsible for developing assessment plans and performance measures; conducting strategic and operational effectiveness assessments for cyber events; determining whether systems perform as expected; and providing input to the determination of operational effectiveness.
Partner Integration Planning
Category: Cyberspace EffectsNICE Framework ID: CE-WRL-005<p>Responsible for advancing cooperation across organizational or national borders between cyber operations partners. Provides guidance, resources, and collaboration to develop best practices and facilitate organizational support for achieving objectives in integrated cyber actions.</p>
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 1.0.0)