Executive Cybersecurity Leadership [NICE Framework Work Role]

T0006: Advocate organization's official position in legal and legislative proceedings
T1020: Determine the operational and safety impacts of cybersecurity lapses
T1036: Integrate leadership priorities
T1038: Integrate organization objectives in intelligence collection
T1054: Scope analysis reports to various audiences that accounts for data sharing classification restrictions
T1055: Determine if priority information requirements are satisfied
T1056: Acquire resources to support cybersecurity program goals and objectives
T1057: Conduct an effective enterprise continuity of operations program
T1059: Perform cost/benefit analyses of cybersecurity programs, policies, processes, systems, and elements
T1060: Advise senior management on organizational cybersecurity efforts
T1088: Communicate the value of cybersecurity to organizational stakeholders
T1145: Develop strategic plans
T1146: Maintain strategic plans
T1221: Disseminate incident and other Computer Network Defense (CND) information
T1226: Align cybersecurity priorities with organizational security strategy
T1227: Manage cybersecurity budget, staffing, and contracting
T1234: Develop Computer Network Defense (CND) guidance for organizational stakeholders
T1238: Determine the effectiveness of enterprise cybersecurity safeguards
T1307: Develop cybersecurity policy recommendations
T1308: Coordinate cybersecurity policy review and approval processes
T1310: Implement protective or corrective measures when a cybersecurity incident or vulnerability is discovered
T1335: Promote cybersecurity awareness to management
T1336: Verify the inclusion of sound cybersecurity principles in the organization's vision and goals
T1342: Oversee policy standards and implementation strategy development
T1354: Identify system cybersecurity requirements
T1355: Determine if vulnerability remediation plans are in place
T1356: Develop vulnerability remediation plans
T1376: Develop critical infrastructure protection policies and procedures
T1377: Implement critical infrastructure protection policies and procedures
T1450: Allocate and distribute human capital assets
T1476: Promote awareness of cybersecurity policy and strategy among management
T1518: Develop organizational cybersecurity strategy
T1543: Develop cybersecurity policies and procedures
T1586: Conduct cybersecurity risk assessments
T1779: Coordinate strategic planning efforts with internal and external partners
T1862: Establish cybersecurity risk assessment processes
T1906: Establish a cybersecurity risk management program

K0498: Knowledge of operational planning processes
K0644: Knowledge of cybersecurity operation policies and procedures
K0674: Knowledge of computer networking protocols
K0675: Knowledge of risk management processes
K0676: Knowledge of cybersecurity laws and regulations
K0677: Knowledge of cybersecurity policies and procedures
K0678: Knowledge of privacy laws and regulations
K0679: Knowledge of privacy policies and procedures
K0680: Knowledge of cybersecurity principles and practices
K0681: Knowledge of privacy principles and practices
K0682: Knowledge of cybersecurity threats
K0683: Knowledge of cybersecurity vulnerabilities
K0684: Knowledge of cybersecurity threat characteristics
K0688: Knowledge of common application vulnerabilities
K0689: Knowledge of network infrastructure principles and practices
K0728: Knowledge of Confidentiality, Integrity and Availability (CIA) principles and practices
K0729: Knowledge of non-repudiation principles and practices
K0730: Knowledge of cyber safety principles and practices
K0743: Knowledge of new and emerging technologies
K0751: Knowledge of system threats
K0752: Knowledge of system vulnerabilities
K0783: Knowledge of network attack characteristics
K0784: Knowledge of insider threat laws and regulations
K0785: Knowledge of insider threat tools and techniques
K0800: Knowledge of evidence admissibility laws and regulations
K0818: Knowledge of new and emerging cybersecurity risks
K0819: Knowledge of import and export control laws and regulations
K0820: Knowledge of supply chain risks
K0821: Knowledge of federal agency roles and responsibilities
K0825: Knowledge of threat vector characteristics
K0831: Knowledge of network attack vectors
K0839: Knowledge of critical infrastructure systems and software
K0892: Knowledge of cyber defense laws and regulations
K0936: Knowledge of network hardware threats and vulnerabilities
K0983: Knowledge of computer networking principles and practices
K0990: Knowledge of cyber operations principles and practices
K1014: Knowledge of network security principles and practices
K1025: Knowledge of decision-making policies and procedures
K1079: Knowledge of web application security risks
K1083: Knowledge of cybersecurity competitions
K1180: Knowledge of organizational cybersecurity goals and objectives
K1183: Knowledge of organizational cybersecurity policies and procedures
K1188: Knowledge of organizational policies and procedures
K1209: Knowledge of risk mitigation principles and practices
K1225: Knowledge of system life cycles

S0111: Skill in interfacing with customers
S0406: Skill in developing policy plans
S0414: Skill in evaluating laws
S0415: Skill in evaluating regulations
S0416: Skill in evaluating policies
S0431: Skill in applying critical thinking
S0506: Skill in identifying customer information needs
S0511: Skill in establishing priorities
S0564: Skill in creating system security policies
S0610: Skill in communicating effectively
S0686: Skill in performing risk assessments
S0707: Skill in developing comprehensive cyber operations assessment programs
S0708: Skill in executing comprehensive cyber operations assessment programs
S0799: Skill in anticipating new security threats
S0800: Skill in analyzing organizational patterns and relationships
S0807: Skill in solving problems
S0821: Skill in collaborating with internal and external stakeholders
S0826: Skill in communicating with external organizations

Executive Cybersecurity Leadership

Task statements

Knowledge statements

Skill statements