Understanding and Applying the Categories and Subcategories of the NIST Cybersecurity Framework (CSF)

Risk Assessment & Management Training for the U.S. Government. This NIST Cybersecurity Framework training course will teach US Government cybersecurity staff to protect their organization from unacceptable losses by effectively assessing and managing risk. They will learn how to employ the NIST Cybersecurity Framework defined by The National Institute of Standards and Technology (NIST), and ensure their organization meets the cyber security laws and regulations imposed on all U.S. Government agencies. The Workforce Framework for Cybersecurity, commonly referred to as the NICE Framework, is a nationally focused resource to help employers develop their cybersecurity workforce. It establishes a common lexicon that describes cybersecurity work and workers regardless of where or for whom the work is performed. The NICE Framework applies across public, private, and academic sectors. The NICE Framework is comprised of the following components:

• Categories (7) – A high-level grouping of common cybersecurity functions
• Specialty Areas (33) – Distinct areas of cybersecurity work
• Work Roles (52) – The most detailed groupings of cybersecurity work comprised of specific knowledge, skills, and abilities (KSAs) required to perform tasks in a Work Role