National Initiative for Cybersecurity Careers and Studies - Essay Example

The National Initiative for Cybersecurity Education, NICE, is a national effort comprising more than twenty Federal agencies and departments, industry and academia seeking to raise cybersecurity awareness in America through the improvement of cyber skills, knowledge, and behavior by making training and educational resources available to every population segment, hence creating a safer cyberspace for all. The NICE framework gives a standardized working taxonomy that fits into the occupational structure of an organization. The framework gives seven categories of jobs sharing common functions (Jackson, 2011). ‘Securely’ provides for the conceptualization, designing, and building of secure IT systems. The administration, maintenance, and support for performance and security would be covered under ‘operate and maintain.’

‘Protect and defend’ ensures that threats get identified, analyzed, and mitigated. The framework also provides for the ‘investigation’ of breaches, crimes, and incidents. Under ‘operate and collect,’ intelligence would be developed from cybersecurity information. The ‘analyze’ arm of the framework encompasses reviewing and evaluating incoming information to evaluate how useful it would be for intelligence. Finally, the framework offers ‘support’ to other parties undertaking cybersecurity tasks. Therefore, this framework provides a standard approach that baselines capabilities, identifies gaps in skills, develops cybersecurity talent in organizations, and prepares for future talent.

The NICE initiative is an important component of organizations based on the key findings of a cybercrime survey in the US by Price Waterhouse Coopers, PWC (2013). The survey indicates that organizational leaders do not know those responsible for the cybersecurity of their organizations. In case of an attack, such organizations would find it difficult to identify those responsibly. The NICE initiative serves the important role of ensuring organizations have cybersecurity workers and defining cybersecurity professional requirements.

Secondly, many leaders still underestimate the capabilities of their cyber adversaries and the associated possible reputational, financial, and regulatory risks. NICE raises awareness of the risks involved in online activities, hence informing such leaders appropriately. Finally, through expanding social collaborations, the use of mobile devices, and the adoption of cloud computing, leaders unknowingly increase their vulnerabilities to digital attacks. Through broadening the pool of support workers in cybersecurity and developing and maintaining an internationally competitive cybersecurity workforce, the NICE initiative ensures that organizations adopt emerging technologies without compromising the security of their information.

Led by the National Institute of Standards and Technology, NIST, the NICE initiative anticipates raising a cyber-secure public and an internationally acclaimed cybersecurity workforce (Bullock, Haddow, & Coppola, 2013). Thus, it aims at making resources for educating and training on the improvement of cyber skills, knowledge, and behavior available to all the population segments to make the American public aware of the risks associated with online activities. It seeks to bring forth a secure digital nation that would advance the economic prosperity of America and its national security through cybersecurity awareness. Another outcome expected of NICE as documented by NICCS (2013) includes an increased number of skilled national cybersecurity support workers.

The implementation of the NICE framework in organizations would require workforce planning that would identify the gaps in the skills and proficiencies needed for cybersecurity roles. An effectively undertaken workforce planning, including process, strategy, and infrastructure, forecasts demand. The cybersecurity workforce would be categorized into their respective specializations based on the skills required, under which they would be expected to undertake the mandated responsibilities. Furthermore, there would be a need to set up a governance structure as argued by Bullock et al. (2013), which prioritizes the planning cycles and enforces the required procedure and information sharing so that organizations realize optimal results from this initiative.

The NICE framework addresses legal and ethical issues involved in information technology. The investigative arm of the framework provides for digital forensics and investigation to determine prosecutable cases. Through oversight and development, it offers organizations sound advice on legal matters. Additionally, this arm reinforces information technology ethics by overseeing information assurance in and out of the network environment, including procurement duties. The secure provision arm ensures the observation of ethical standards through enforcement of information assurance compliance, software assurance, systems security architecture, and tests and evaluations aimed at determining how systems have complied with the requirements and specifications. This ensures the privacy of information and averts identity theft, a key ethical issue in information technology (Bott, 2005). Read More