Abbey's Bookshop Logo
Go to my checkout basket
Login to Abbey's Bookshop
Register with Abbey's Bookshop
Gift Vouchers
Browse by Category

facebook
Google Book Preview
A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework...
— —
Dan Shoemaker (International Cyber Security Education Coalition/MCISSE, Belleville, Michigan, USA) Anne Kohnke (Lawrence Technological University, Southfield, Michigan, USA)
A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0) by Dan Shoemaker (International Cyber Security Education Coalition/MCISSE, Belleville, Michigan, USA) at Abbey's Bookshop,

A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0)

Dan Shoemaker (International Cyber Security Education Coalition/MCISSE, Belleville, Michigan, USA) Anne Kohnke (Lawrence Technological University, Southfield, Michigan, USA) Ken Sigler (Oakland Community College, Auburn Hills, Michigan, USA)


9781498739962

Productivity Press


Security services;
Computer security;
Network management


Hardback

540 pages

$145.00
We can order this in for you
How long will it take?
order qty:  
Add this item to my basket

A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0) presents a comprehensive discussion of the tasks, knowledge, skill, and ability (KSA) requirements of the NICE Cybersecurity Workforce Framework 2.0. It discusses in detail the relationship between the NICE framework and the NIST's cybersecurity framework (CSF), showing how the NICE model specifies what the particular specialty areas of the workforce should be doing in order to ensure that the CSF's identification, protection, defense, response, or recovery functions are being carried out properly.

The authors construct a detailed picture of the proper organization and conduct of a strategic infrastructure security operation, describing how these two frameworks provide an explicit definition of the field of cybersecurity. The book is unique in that it is based on well-accepted standard recommendations rather than presumed expertise. It is the first book to align with and explain the requirements of a national-level initiative to standardize the study of information security. Moreover, it contains knowledge elements that represent the first fully validated and authoritative body of knowledge (BOK) in cybersecurity.

The book is divided into two parts: The first part is comprised of three chapters that give you a comprehensive understanding of the structure and intent of the NICE model, its various elements, and their detailed contents. The second part contains seven chapters that introduce you to each knowledge area individually. Together, these parts help you build a comprehensive understanding of how to organize and execute a cybersecurity workforce definition using standard best practice.

By:   Dan Shoemaker (International Cyber Security Education Coalition/MCISSE Belleville Michigan USA), Anne Kohnke (Lawrence Technological University, Southfield, Michigan, USA), Ken Sigler (Oakland Community College, Auburn Hills, Michigan, USA)
Imprint:   Productivity Press
Country of Publication:   United States
Volume:   3
Dimensions:   Height: 235mm,  Width: 156mm,  Spine: 33mm
Weight:   930g
ISBN:   9781498739962
ISBN 10:   1498739962
Series:   Internal Audit and IT Audit
Pages:   540
Publication Date:   February 2016
Audience:   College/higher education ,  College/higher education ,  A / AS level ,  Further / Higher Education
Format:   Hardback
Publisher's Status:   Active

Introduction: Defining the Cybersecurity Workforce Cybersecurity: Failure Is Not an Option Six Blind Men and an Elephant Cybersecurity: An Emerging Field Two Common Sense Factors That Make Cybersecurity Different Instilling Order in a Virtual World Combining Effort with Intent in Order to Get a Complete Solution Cybersecurity: Finding the Right Set of Activities Changing Times, Changing Players: The Stakes Get Higher Definitive Step to Ensure Best Practice in Cybersecurity National Initiative for Cybersecurity Education Initiative National Cybersecurity Workforce Framework (2.0) Knowledge Area 1: Securely Provision Knowledge Area 2: Operate and Maintain Knowledge Area 3: Protect and Defend Knowledge Area 4: Investigate Knowledge Area 5: Collect and Operate Knowledge Area 6: Analyze Knowledge Area 7: Oversee and Govern Chapter Summary Key Concepts Key Terms References Creating Standard Competencies for Cybersecurity Work The NICE Workforce Model Structure and Intent of the NICE Workforce Framework The NICE Framework Listing of Tasks for Each Specialty Area Knowledge Area 1: Securely Provision Knowledge Area 2: Operate and Maintain Knowledge Area 3: Protect and Defend Knowledge Area 4: Investigate Knowledge Area 5: Collect and Operate Knowledge Area 6: Analyze Knowledge Area 7: Oversee and Govern Implementing the Framework in Practice Adapting the NICE Framework to an Organization Planning: Converting Theory into Practice Mapping the NICE Specialty Areas to Business Purposes Deciding on Which Specialty Area to Employ in a Concrete Solution Tailoring a Solution from the Concept Tailoring Specialty Area Tasks to Specific Application Three Factors That Ensure Proper Application of the Model Chapter Summary Key Terms References Implementing Standard Cybersecurity Why It Is Difficult to Protect Our Critical Information Infrastructure Background: A System of Best Practices Distinction between This and Other Standards Benefits Relationship between the CSF and the NICE Framework Standard Practice Approach to Implementation Overview of the NIST Framework for Improving Critical Infrastructure Cybersecurity Benefits of Adopting the Cybersecurity Framework The Cybersecurity Framework Core The Cybersecurity Framework Implementation Tiers The Framework Profile The Cybersecurity Framework Is Descriptive and Not Prescriptive Structure of the Book's Presentation of the NICE and Cybersecurity Framework Chapter Summary Key Terms References Securely Provision General Knowledge Area Securely Provision Category Overview Specialty Area 1: Secure Acquisition Specialty Area 2: Secure Software Engineering Specialty Area 3: Systems Security Architecture Specialty Area 4: Technology Research and Development Specialty Area 5: Systems Requirements Planning Specialty Area 6: Test and Evaluation Specialty Area 7: Systems Development Chapter Summary Key Terms References Operate and Maintain General Knowledge Area Operate and Maintain Knowledge Area Overview Specialty Area 1: Data Administration Factoring Data Administration Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Data Administration Specialty Area 2: Customer Service and Technical Support Factoring Customer Service and Technical Support Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Customer Service and Technical Support Specialty Area 3: Network Services Factoring Network Services Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Network Services Specialty Area 4: System Administration Factoring System Administration Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for System Administration Specialty Area 5: Systems Security Analysis Factoring Systems Security Analysis Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Systems Security Analysis Chapter Summary Key Terms References Protect and Defend General Knowledge Area Introduction to the Protect and Defend General Knowledge Area Specialty Area 1: Enterprise Network Defense Analysis Factoring Enterprise Network Defense Analysis Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Enterprise Network Defense Analysis Specialty Area 2: Incident Response Factoring Incident Response Workforce Tasks into the Cybersecurity Framework Functions After-Action Reviews Underlying Knowledge, Skill, and Ability Requirements for Incident Response Specialty Area 3: Enterprise Network Defense Infrastructure Support Factoring Enterprise Network Defense Infrastructure Support Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Enterprise Network Defense Infrastructure Support Specialty Area 4: Vulnerability Assessment and Management Factoring Vulnerability Assessment and Management Workforce Tasks into the Cybersecurity Framework Functions Underlying Knowledge, Skill, and Ability Requirements for Vulnerability Assessment and Management Chapter Summary Key Terms Reference Investigate General Knowledge Area Specialty Area 1: Digital Forensics Organizing the Tasks of Digital Forensics Using Cybersecurity Framework Functions Factoring Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Digital Forensics Application: Organizing a Digital Forensics Function Based on the CSF Specialty Area 2: Cyber Investigation Application: Organizing a Digital Forensics Function Based on the CSF Chapter Summary Key Terms References Collect and Operate and Analyze General Knowledge Areas Introduction to the Knowledge Areas of the Intelligence Community Specialty Areas: Collect and Operate and Analyze Body of Knowledge for Collect and Operate and Analyze Implementing the Collect and Operate and Analyze Areas Performing Collection and Operations and Analysis Work Chapter Summary Key Terms References Oversee and Govern General Knowledge Area Introduction Specialty Area 1: Legal Advice and Advocacy Factoring Legal Advice and Advocacy Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Legal Advice and Advocacy Specialty Area Specialty Area 2: Strategic Planning and Policy Development Factoring Strategic Planning Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Strategic Planning and Policy Development Specialty Area Specialty Area 3: Training, Education, and Awareness Factoring Training, Education, and Awareness Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Training, Education, and Awareness Specialty Area Specialty Area 4: Information Systems and Security Operations Factoring Information Systems and Security Operations Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Information Systems and Security Operations Specialty Area Specialty Area 5: Security Program Management Factoring Security Program Management Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Security Program Management Specialty Area Specialty Area 6: Risk Management Factoring Risk Management Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Risk Management Specialty Area Specialty Area 7: Knowledge Management Factoring Knowledge Management Workforce Tasks into the Cybersecurity Framework Categories Underlying Knowledge, Skill, and Ability Requirements for Knowledge Management Specialty Area Chapter Summary Key Terms References Applying the NICE Cybersecurity Workforce Model to the Real World Why Cybersecurity Needs a Standard of Practice Three Problems with Cybersecurity Chapter Summary Key Terms Reference

Daniel P Shoemaker, PhD, is principal investigator and senior research scientist at the University of Detroit Mercy's Center for Cyber Security and Intelligence Studies. Dan has served 30 years as a professor at UDM with 25 of those years as department chair. He served as a co-chair for both the Workforce Training and Education and the Software and Supply Chain Assurance Initiatives for the Department of Homeland Security, and was a subject matter expert for the NICE Cybersecurity Workforce Framework 2.0. Dan has coauthored six books in the field of cybersecurity and has authored more than one hundred journal publications. Dan earned his PhD from the University of Michigan. Anne Kohnke, PhD, is an assistant professor of IT at Lawrence Technological University and teaches courses in both the information technology and organization development/change management disciplines at the bachelor through doctorate levels. Anne started as an adjunct professor in 2002 and joined the faculty full time in 2011. Her IT career started in the mid-1980s on a help desk, and over the years, Anne developed technical proficiency as a database administrator, network administrator, systems analyst, and technical project manager. After a decade, Anne was promoted to management and worked as an IT director, vice president of IT and chief information security officer (CISO). Anne earned her PhD from Benedictine University. Ken Sigler is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. His primary research is in the areas of software management, software assurance, and cloud computing. He developed the college's CIS program option entitled Information Technologies for Homeland Security. Until 2007, Ken served as the liaison for the college to the International Cybersecurity Education Coalition (ICSEC), of which he is one of three founding members. Ken is a member of IEEE, the Distributed Management Task Force (DMTF), and the Association for Information Systems (AIS).

My Shopping Basket
Your cart does not contain any items.