Established in 2002 by the financial sector, the FSSCC coordinates critical infrastructure and homeland security activities within the financial services industry. Its 70 members consist of financial trade associations, financial utilities, and the most critical financial firms. The homepage offers downloads for valuable resources like the Automated Cyber Security Assessment Tool (ACSAT) featured in this website in the Cyber Security ROI section.
NIST Special Publication 800-34, Contingency Planning Guide for Information Technology (IT) Systems provides instructions, recommendations, and considerations for government IT contingency planning. Contingency planning refers to interim measures to recover IT services following an emergency or system disruption. Interim measures may include the relocation of IT systems and operations to an alternate site, the recovery of IT functions using alternate equipment, or the performance of IT functions using manual methods.
The National Initiative for Cybersecurity Education (NICE), led by the National Institute of Standards and Technology (NIST) in the U.S. Department of Commerce, is a partnership between government, academia, and the private sector that seeks to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development.
Throughout this document, the combined terms “cybersecurity workforce” is shorthand for a workforce with work roles that have an impact on an organization’s ability to protect its data, systems, and operations. Included are new work roles that have been known traditionally as information technology (IT) security roles. Those roles have been added to this workforce framework to highlight their importance to the overall cybersecurity posture of an organization. Additionally, some of the work roles described herein include the shorter term cyber to be inclusive of sectors where cyber has become the conversational norm for this field.
Throughout this document, the combined terms “cybersecurity workforce” is shorthand for a workforce with work roles that have an impact on an organization’s ability to protect its data, systems, and operations. Included are new work roles that have been known traditionally as information technology (IT) security roles. Those roles have been added to this workforce framework to highlight their importance to the overall cybersecurity posture of an organization. Additionally, some of the work roles described herein include the shorter term cyber to be inclusive of sectors where cyber has become the conversational norm for this field.
The NICE Framework provides a blueprint to categorize, organize, and describe cybersecurity work into Categories, Specialty Areas, Work Roles, tasks, and knowledge, skills, and abilities (KSAs). The NICE Framework provides a common language to speak about cybersecurity roles and jobs.