October 13, 2019
Building Skills through the Cybersecurity Frameworks
October 13, 2019
How does a cybersecurity framework function? The framework defines individual work roles that a cybersecurity professional may be required to do. These work roles are grouped into specialty areas and then higher-level categories. An organization can consult the framework to figure out what kind of cybersecurity professional they need, or what organizational training is necessary to carry out a certain task. Cybersecurity professionals can consult the framework to determine what skills they need for certain positions. For example, governments rely on cybersecurity frameworks to define requirements in their hiring practices. Cybersecurity professionals can reference these requirements to see if they are qualified. They can pursue formal certification in the framework’s roles to become qualified for the position. Cybrary provides resources and courses for attaining qualifications in cybersecurity frameworks. To this end, let’s take a look at two crucial frameworks in the cybersecurity industry: MITRE ATT&CK™ and NICE.
MITRE ATT&CK™MITRE ATT&CK™ functions as a knowledge-base of cybersecurity techniques, much like Cybrary. Hacking and cybersecurity attack methods are individually defined and then grouped into categories. This framework is built from techniques and hacking methods that have been observed in real-world scenarios. There are 12 separate categories for organizing each technique. Unlike NICE, there are no sub-categories; each technique is grouped into one category. For example, “Spearphishing via Service” and “Hardware Additions” are grouped under the “Initial Access” category. Spearphishing and external surveillance hardware are both methods for gaining initial illicit access to a network. Meanwhile, “Input Capture” and “Screen Capture” are grouped under “Collection.” Capturing keyboard input data, otherwise known as keylogging, is a way to collect passwords and other sensitive data. Similarly, screen capture can be used for the collection of valuable data.
NICEThe NICE framework is a cybersecurity framework developed by the NIST or National Institute of Standards and Technology. The NIST is a part of the U.S. Department of Commerce. NICE, or the National Initiative for Cybersecurity Education, defines 52 distinct work roles for cybersecurity professionals. These work roles describe tasks and the knowledge, skills, and abilities to carry them out. Individual work roles are grouped into 33 specialty areas. At the highest level of organization, the NICE Framework defines seven distinct main categories. These categories are “Operate and Maintain,” “Protect and Defend,” “Investigate,” “Collect and Operate,” “Analyze,” “Securely Provision,” and “Oversee and Govern.” This framework can be used by public and private employers to recruit and identify skilled candidates. For cybersecurity professionals, the framework provides a guideline for education and certification. A potential candidate can consult an employer’s requirements on the NICE framework to discover what they need to learn to be qualified. Organizations that provide training, certification, and education on cybersecurity, such as Cybrary, can consult the NICE framework to design their curriculums. Lastly, technology companies can consult the framework when designing hardware and software for the cybersecurity industry.
Start on a NIST NICE career path: