Librería Portfolio

Features

Explains the Department of Homeland Security (DHS) National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0)
Gives an overview explication of the framework, its concepts, the underlying relationships between the areas, and the general content of those areas
Provides a road map that allows you to understand the application and uses of the NICE content, as well as applications of this book in training situations
Aligns with and explains the requirements of a national level initiative to standardize the study of information security (first book to do so)
Summary

A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0) presents a comprehensive discussion of the tasks, knowledge, skill, and ability (KSA) requirements of the NICE Cybersecurity Workforce Framework 2.0. It discusses in detail the relationship between the NICE framework and the NIST's cybersecurity framework (CSF), showing how the NICE model specifies what the particular specialty areas of the workforce should be doing in order to ensure that the CSF's identification, protection, defense, response, or recovery functions are being carried out properly.

The authors construct a detailed picture of the proper organization and conduct of a strategic infrastructure security operation, describing how these two frameworks provide an explicit definition of the field of cybersecurity. The book is unique in that it is based on well-accepted standard recommendations rather than presumed expertise. It is the first book to align with and explain the requirements of a national-level initiative to standardize the study of information security. Moreover, it contains knowledge elements that represent the first fully validated and authoritative body of knowledge (BOK) in cybersecurity.

The book is divided into two parts: The first part is comprised of three chapters that give you a comprehensive understanding of the structure and intent of the NICE model, its various elements, and their detailed contents. The second part contains seven chapters that introduce you to each knowledge area individually. Together, these parts help you build a comprehensive understanding of how to organize and execute a cybersecurity workforce definition using standard best practice.




Table of Contents

Introduction: Defining the Cybersecurity Workforce
Cybersecurity: Failure Is Not an Option
Six Blind Men and an Elephant
Cybersecurity: An Emerging Field
Two Common Sense Factors That Make Cybersecurity Different
Instilling Order in a Virtual World
Combining Effort with Intent in Order to Get a Complete Solution
Cybersecurity: Finding the Right Set of Activities
Changing Times, Changing Players: The Stakes Get Higher
Definitive Step to Ensure Best Practice in Cybersecurity
National Initiative for Cybersecurity Education Initiative
National Cybersecurity Workforce Framework (2.0)
Knowledge Area 1: Securely Provision
Knowledge Area 2: Operate and Maintain
Knowledge Area 3: Protect and Defend
Knowledge Area 4: Investigate
Knowledge Area 5: Collect and Operate
Knowledge Area 6: Analyze
Knowledge Area 7: Oversee and Govern
Chapter Summary
Key Concepts
Key Terms
References

Creating Standard Competencies for Cybersecurity Work
The NICE Workforce Model
Structure and Intent of the NICE Workforce Framework
The NICE Framework Listing of Tasks for Each Specialty Area
Knowledge Area 1: Securely Provision
Knowledge Area 2: Operate and Maintain
Knowledge Area 3: Protect and Defend
Knowledge Area 4: Investigate
Knowledge Area 5: Collect and Operate
Knowledge Area 6: Analyze
Knowledge Area 7: Oversee and Govern
Implementing the Framework in Practice
Adapting the NICE Framework to an Organization
Planning: Converting Theory into Practice
Mapping the NICE Specialty Areas to Business Purposes
Deciding on Which Specialty Area to Employ in a Concrete Solution
Tailoring a Solution from the Concept
Tailoring Specialty Area Tasks to Specific Application
Three Factors That Ensure Proper Application of the Model
Chapter Summary
Key Terms
References

Implementing Standard Cybersecurity
Why It Is Difficult to Protect Our Critical Information Infrastructure
Background: A System of Best Practices
Distinction between This and Other Standards
Benefits
Relationship between the CSF and the NICE Framework
Standard Practice Approach to Implementation
Overview of the NIST Framework for Improving Critical Infrastructure Cybersecurity
Benefits of Adopting the Cybersecurity Framework
The Cybersecurity Framework Core
The Cybersecurity Framework Implementation Tiers
The Framework Profile
The Cybersecurity Framework Is Descriptive and Not Prescriptive
Structure of the Book's Presentation of the NICE and Cybersecurity Framework
Chapter Summary
Key Terms
References

Securely Provision General Knowledge Area
Securely Provision Category Overview
Specialty Area 1: Secure Acquisition
Specialty Area 2: Secure Software Engineering
Specialty Area 3: Systems Security Architecture
Specialty Area 4: Technology Research and Development
Specialty Area 5: Systems Requirements Planning
Specialty Area 6: Test and Evaluation
Specialty Area 7: Systems Development
Chapter Summary
Key Terms
References

Operate and Maintain General Knowledge Area
Operate and Maintain Knowledge Area Overview
Specialty Area 1: Data Administration
Factoring Data Administration Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Data Administration
Specialty Area 2: Customer Service and Technical Support
Factoring Customer Service and Technical Support Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Customer Service and Technical Support
Specialty Area 3: Network Services
Factoring Network Services Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Network Services
Specialty Area 4: System Administration
Factoring System Administration Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for System Administration
Specialty Area 5: Systems Security Analysis
Factoring Systems Security Analysis Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Systems Security Analysis
Chapter Summary
Key Terms
References

Protect and Defend General Knowledge Area
Introduction to the Protect and Defend General Knowledge Area
Specialty Area 1: Enterprise Network Defense Analysis
Factoring Enterprise Network Defense Analysis Workforce Tasks into the Cybersecurity Framework Functions
Underlying Knowledge, Skill, and Ability Requirements for Enterprise Network Defense Analysis
Specialty Area 2: Incident Response
F