A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0)

A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0)

Hardcover

$93.95
Choose Expedited Shipping at checkout for guaranteed delivery by Wednesday, November 21

Product Details

ISBN-13: 9781498739962
Publisher: Taylor & Francis
Publication date: 02/08/2016
Series: Internal Audit and IT Audit Series , #3
Pages: 564
Product dimensions: 6.12(w) x 9.25(h) x 1.30(d)

About the Author

Daniel P Shoemaker, PhD, is principal investigator and senior research scientist at the University of Detroit Mercy’s Center for Cyber Security and Intelligence Studies. Dan has served 30 years as a professor at UDM with 25 of those years as department chair. He served as a co-chair for both the Workforce Training and Education and the Software and Supply Chain Assurance Initiatives for the Department of Homeland Security, and was a subject matter expert for the NICE Cybersecurity Workforce Framework 2.0. Dan has coauthored six books in the field of cybersecurity and has authored more than one hundred journal publications. Dan earned his PhD from the University of Michigan.

Anne Kohnke, PhD, is an assistant professor of IT at Lawrence Technological University and teaches courses in both the information technology and organization development/change management disciplines at the bachelor through doctorate levels. Anne started as an adjunct professor in 2002 and joined the faculty full time in 2011. Her IT career started in the mid-1980s on a help desk, and over the years, Anne developed technical proficiency as a database administrator, network administrator, systems analyst, and technical project manager. After a decade, Anne was promoted to management and worked as an IT director, vice president of IT and chief information security officer (CISO). Anne earned her PhD from Benedictine University.

Ken Sigler is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. His primary research is in the areas of software management, software assurance, and cloud computing. He developed the college’s CIS program option entitled "Information Technologies for Homeland Security." Until 2007, Ken served as the liaison for the college to the International Cybersecurity Education Coalition (ICSEC), of which he is one of three founding members. Ken is a member of IEEE, the Distributed Management Task Force (DMTF), and the Association for Information Systems (AIS).

Table of Contents

Introduction: Defining the Cybersecurity Workforce
Cybersecurity: Failure Is Not an Option
Six Blind Men and an Elephant
Cybersecurity: An Emerging Field
Two Common Sense Factors That Make Cybersecurity Different
Instilling Order in a Virtual World
Combining Effort with Intent in Order to Get a Complete Solution
Cybersecurity: Finding the Right Set of Activities
Changing Times, Changing Players: The Stakes Get Higher
Definitive Step to Ensure Best Practice in Cybersecurity
National Initiative for Cybersecurity Education Initiative
National Cybersecurity Workforce Framework (2.0)
Knowledge Area 1: Securely Provision
Knowledge Area 2: Operate and Maintain
Knowledge Area 3: Protect and Defend
Knowledge Area 4: Investigate
Knowledge Area 5: Collect and Operate
Knowledge Area 6: Analyze
Knowledge Area 7: Oversee and Govern
Chapter Summary
Key Concepts
Key Terms
References

Creating Standard Competencies for Cybersecurity Work
The NICE Workforce Model
Structure and Intent of the NICE Workforce Framework
The NICE Framework Listing of Tasks for Each Specialty Area
Knowledge Area 1: Securely Provision
Knowledge Area 2: Operate and Maintain
Knowledge Area 3: Protect and Defend
Knowledge Area 4: Investigate
Knowledge Area 5: Collect and Operate
Knowledge Area 6: Analyze
Knowledge Area 7: Oversee and Govern
Implementing the Framework in Practice
Adapting the NICE Framework to an Organization
Planning: Converting Theory into Practice
Mapping the NICE Specialty Areas to Business Purposes
Deciding on Which Specialty Area to Employ in a Concrete Solution
Tailoring a Solution from the Concept
Tailoring Specialty Area Tasks to Specific Application
Three Factors That Ensure Proper Application of the Model
Chapter Summary
Key Terms
References

Implementing Standard Cybersecurity
Why It Is Difficult to Protect Our Critical Information Infrastructure
Background: A System of Best Practices
Distinction between This and Other Standards
Benefits
Relationship between the CSF and the NICE Framework
Standard Practice Approach to Implementation
Overview of the NIST Framework for Improving Critical Infrastructure Cybersecurity
Benefits of Adopting the Cybersecurity Framework
The Cybersecurity Framework Core
The Cybersecurity Framework Implementation Tiers
The Framework Profile
The Cybersecurity Framework Is Descriptive and Not Prescriptive
Structure of the Book’s Presentation of the NICE and Cybersecurity Framework
Chapter Summary
Key Terms
References

Securely Provision General Knowledge Area
Securely Provision Category Overview
Specialty Area 1: Secure Acquisition
Specialty Area 2: Secure Software Engineering
Specialty Area 3: Systems Security Architecture
Specialty Area 4: Technology Research and Development
Specialty Area 5: Systems Requirements Planning
Specialty Area 6: Test and Evaluation
Specialty Area 7: Systems Development
Chapter Summary
Key Terms
References

Operate and Maintain General Knowledge Area
Operate and Maintain Knowledge Area Overview
Specialty Area 1: Data Administration
Factoring Data Administration Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Data Administration
Specialty Area 2: Customer Service and Technical Support
Factoring Customer Service and Technical Support Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Customer Service and Technical Support
Specialty Area 3: Network Services
Factoring Network Services Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Network Services
Specialty Area 4: System Administration
Factoring System Administration Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for System Administration
Specialty Area 5: Systems Security Analysis
Factoring Systems Security Analysis Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Systems Security Analysis
Chapter Summary
Key Terms
References

Protect and Defend General Knowledge Area
Introduction to the Protect and Defend General Knowledge Area
Specialty Area 1: Enterprise Network Defense Analysis
Factoring Enterprise Network Defense Analysis Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Enterprise Network Defense Analysis
Specialty Area 2: Incident Response
Factoring Incident Response Workforce Tasks into the Cybersecurity Framework Functions
After-Action Reviews
Underlying Knowledge, Skill, and Ability Requirements for Incident Response
Specialty Area 3: Enterprise Network Defense Infrastructure Support
Factoring Enterprise Network Defense Infrastructure Support Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Enterprise Network Defense Infrastructure Support
Specialty Area 4: Vulnerability Assessment and Management
Factoring Vulnerability Assessment and Management Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Vulnerability Assessment and Management
Chapter Summary
Key Terms
Reference

Investigate General Knowledge Area
Specialty Area 1: Digital Forensics
Organizing the Tasks of Digital Forensics Using Cybersecurity Framework Functions
Factoring Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Digital Forensics
Application: Organizing a Digital Forensics Function Based on the CSF
Specialty Area 2: Cyber Investigation
Application: Organizing a Digital Forensics Function Based on the CSF
Chapter Summary
Key Terms
References

Collect and Operate and Analyze General Knowledge Areas
Introduction to the Knowledge Areas of the Intelligence Community
Specialty Areas: Collect and Operate and Analyze
Body of Knowledge for Collect and Operate and Analyze
Implementing the Collect and Operate and Analyze Areas
Performing Collection and Operations and Analysis Work
Chapter Summary
Key Terms
References

Oversee and Govern General Knowledge Area
Introduction
Specialty Area 1: Legal Advice and Advocacy
Factoring Legal Advice and Advocacy Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Legal Advice and Advocacy Specialty Area
Specialty Area 2: Strategic Planning and Policy Development
Factoring Strategic Planning Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Strategic Planning and Policy Development Specialty Area
Specialty Area 3: Training, Education, and Awareness
Factoring Training, Education, and Awareness Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Training, Education, and Awareness Specialty Area
Specialty Area 4: Information Systems and Security Operations
Factoring Information Systems and Security Operations Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Information Systems and Security Operations Specialty Area
Specialty Area 5: Security Program Management
Factoring Security Program Management Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Security Program Management Specialty Area
Specialty Area 6: Risk Management
Factoring Risk Management Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Risk Management Specialty Area
Specialty Area 7: Knowledge Management
Factoring Knowledge Management Workforce Tasks into the Cybersecurity Framework Categories
Underlying Knowledge, Skill, and Ability Requirements for Knowledge Management Specialty Area
Chapter Summary
Key Terms
References

Applying the NICE Cybersecurity Workforce Model to the Real World
Why Cybersecurity Needs a Standard of Practice
Three Problems with Cybersecurity
Chapter Summary
Key Terms
Reference

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews