Federal Framework Seeks to Define Cyber Security Roles

Susan Hall

A framework for developing the cyber security work force within federal government has been released for public comment. This much-needed specialty doesn't fit into the typical government job descriptions and classification system, creating a cry to develop interagency consistency in qualifications and roles. The White House a few months ago issued a cyber security road map, setting a timeline for identifying needed skills and evaluating the status of the work force.


This new document is open to public comment through Dec. 16. According to the commentary in the Cybersecurity Workforce Framework, created by the National Initiative on Cybersecurity Education:

Slide Show

Top 10 Cyber Security Threats of 2011 and Beyond

The next decade portends new threats that surpass those of years past in both intensity and impact.

Today, there is little consistency in how cybersecurity work is defined or described throughout the federal government and the nation. The absence of a common language to discuss and understand the work and skill requirements of cybersecurity professionals hinders our nation's ability to baseline capabilities, identify skill gaps, develop cybersecurity talent in the current work force and prepare the pipeline of future talent....
Much as other professions have defined their specialties (e.g., law, medicine), it is now time to forge a common set of definitions for the cybersecurity work force.

Though created from input across various federal agencies, the document calls for ensuring that the framework can be adopted in the private sector as well, Nextgov reports. Demand for cyber security professionals is estimated to grow to 2.5 million new workers by 2015, with government struggling to compete with the private sector for this talent, according to Federal Computer Week.


The framework group lists job titles into these categories:


  • Securely provision - workers who conceptualize, design and build secure IT systems.
  • Operate and maintain - those responsible for providing support, administration and maintenance necessary to ensure effective and efficient IT system performance and security.
  • Protect and defend - a specialty area for those who identify, analyze and mitigate threats to internal IT systems or networks.
  • Investigate - workers who investigate cyber events and/or crimes of IT systems, networks and digital evidence.
  • Operate and collect - professionals responsible for collecting cyber security information to be used in developing intelligence.
  • Analyze - professionals responsible for highly specialized review and evaluation of incoming cyber security information to determine its usefulness for intelligence.
  • Support - those who provide support so that others may effectively conduct cyber security work.


You'll find a template for submitting comments here.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.