Knowledge of risk mitigation principles and practices
Work roles with this Knowledge
Cybersecurity Workforce Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-003Responsible for developing cybersecurity workforce plans, assessments, strategies, and guidance, including cybersecurity-related staff training, education, and hiring processes. Makes adjustments in response to or in anticipation of changes to cybersecurity-related policy, technology, and staffing needs and requirements. Authors mandated workforce planning strategies to maintain compliance with legislation, regulation, and policy.
Executive Cybersecurity Leadership
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-007Responsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Systems Security Management
Category: Oversight and GovernanceNICE Framework ID: OG-WRL-014Responsible for managing the cybersecurity of a program, organization, system, or enclave.
Insider Threat Analysis
Category: Protection and DefenseNICE Framework ID: PD-WRL-005Responsible for identifying and assessing the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.
Source: Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1) (Version: 2.0.0)