While adapting to new modes of work life, you may also have discovered how remarkably resilient you and your teams are. Many of us have been doing a lot of adapting, adjusting, trying out new styles of getting work done and questioning the old ways. However, this is also a great time for setting a new course ahead—particularly for those who are looking to improve their own cybersecurity skills or those skills of the people on their teams. Considering longer-term goals such as workforce planning and guiding your team to hone the new skills they will need in the future? Thinking about where to begin a career in cybersecurity? Rest assured, there are numerous resources available to you!
Unlike other fields of study, cybersecurity offers countless ways for you to learn both independently and collectively. There are wonderful formal courses of study from four-year institutions and community colleges. Increasingly, the rise of online methods, including video instruction, can make it possible to gain professional skills without ever entering a traditional classroom. Virtual ranges allow someone to practice skills in simulated environments and can allow entire teams to compete or collaborate from any location. Whether you are a professional in the cybersecurity field who is curious about a new skill or certification, or someone seeking to enter the profession, now is a great time to begin online instruction. Leveraging their community of industry, government and academia, the National Initiative for Cybersecurity Education (NICE) has compiled a website featuring free and low-cost education and training options that might tempt a cybersecurity fence-sitter to get started. The website even features several that lead to professional certifications, and all will be great resume additions.
If you manage people with cybersecurity responsibilities, you may be reviewing their job descriptions or considering what training they each need to maintain and build skills. Many companies are now revising their job descriptions to include reference to the cybersecurity work each person does (even when their primary role is not technical) and the related knowledge, skills and abilities needed to perform tasks. For anyone working on these topics, NICE is the home for the industry-standard resource, the NICE Cybersecurity Workforce Framework, or NIST SP 800-181. This is now the standard across the federal government so that cybersecurity work is well-defined, employees can more easily move from one role to another because job requirements are well-articulated and managers can create easy-to-understand career pathways. There is also a related effort in the private sector, led by the Aspen Cybersecurity Group, to encourage companies to align their workforce to the NICE Framework and to drop overly restrictive job requirements. If this is an area you’d like to work on for your organization, please consider joining the NICE Working Group, where you can gain insights into the process and find a community actively sharing ideas and resources. To learn more about NICE, the NICE Framework or to join our working group, please visit our website at www.nist.gov/nice.