What the Cybersecurity Framework Means to You

The cybersecurity field is in the midst of an identity crisis. Today, an information assurance engineer at one company might have a very different job at another company. The world of cybersecurity is still young, and the needs of employers are varied, so job descriptions vary from one company to the next.

The National Institute of Standards and Technology is working to change that by developing the National Cybersecurity Workforce Framework. As part of the National Initiative for Cybersecurity Education, the framework gives standardized meaning to different job descriptions and specialty areas, along with guidance on the different skills needed in a particular specialty.

The NIST Framework breaks cybersecurity work into seven categories, containing specialty areas arranged based on NICE's research of actual cybersecurity professionals' job descriptions:

  • Securely Provision jobs are responsible for collecting knowledge and analyzing threats and possible vulnerabilities.
  • Protect and Defend jobs specialize in defensive measures.
  • Oversight and Development includes jobs that manage cybersecurity professionals or interact with them.
  • Investigation includes threat investigation and forensics skills.
  • Collect and Operate jobs include both intelligence collection and planning for operations.
  • Operate and Maintain jobs focus on system administration and network maintenance skills.

An Information Assurance Master’s Degree earned online or on campus from Regis University can help provide you with the knowledge, skills and abilities (KSAs) that the framework has identified as essential as the program is modeled on the curricular guidelines and recommendations provided by the NIST National Cybersecurity Workforce Framework Tools in Action.

The framework categorizes courses in the National Initiative for Cybersecurity Careers and Studies training catalog, which can direct you to specialty-relevant classes available through certification organizations, universities, training groups and a few free course sites.

The toolkit also suggests traits you'll need to be part of an effective cybersecurity team, which can also help you prepare for likely questions an employer will ask at an interview.

All this advice spells good news for people entering the cybersecurity field. The toolkit advises employers to offer hiring bonuses and seek candidates from cybersecurity education programs, especially National Security Agency-certified Centers for Academic Excellence.

Regis University is on the list as a Center of Academic Excellence in Information Assurance Education for its Information Assurance degree and certificate programs. The Information Assurance Program at Regis encompasses the Master of Science in Information Assurance, graduate certificates in cybersecurity or in IA policy management, all of which are available online or in person.

If you haven't decided on a career path yet, the categories and specialty areas on the framework website could help you decide what job descriptions most appeal to you. Start by looking at skills you want to learn and navigate through the framework to learn which job specialties make use of those skills, or start with the categories to decide which job descriptions are most appealing, and then make a list of the needed skills and search for educational programs that provide experience in all of those skills.

Regis University's Information Assurance programs could provide the skills you need to begin a journey on the NIST framework. Request more information or call 877-820-0581 to speak with an admission counselor.