NICE Framework Now Updated on NICCS

In March 2024, NICE Framework Components v1.0.0 was released. This data includes changes to Work Role Categories and Work Role names and descriptions; 11 Competency Areas; new Insider Threat Analysis Work Role; and updates to align Task, Knowledge, and Skill (TKS) statements with the TKS Authoring Guide principles.

The Workforce Framework for Cybersecurity, commonly referred to as the NICE Framework, is a nationally focused resource to help employers develop their cybersecurity workforce. It establishes a common lexicon that describes cybersecurity work and workers regardless of where or for whom the work is performed. The NICE Framework applies across public, private, and academic sectors.

  • Categories (7): – A high-level grouping of common cybersecurity functions        
  • Work Roles (52): – A grouping of work for which someone is responsible or accountable. Please note, Work Roles are not synonymous to job titles or occupations.        
  • TKS Statements (2,200+): A set of discrete building blocks that describe the work to be done (in the form of Tasks) and what is required to perform that work (through Knowledge and Skills). 
  • Competency Areas (11): Clusters of related Knowledge and Skill statements that correlate with one’s capability to perform Tasks in a particular domain.        

To explore the updated version of the NICE Framework, click on the Work Role Categories below or use the links at the top of this page to search within the NICE Framework components. To learn more, review the NICE Framework Overview PDF