Professional Documents
Culture Documents
For This Assignment
For This Assignment
[Professor Name]
Course Name
The National Institute for Cybersecurity Careers and Studies (NICCS) from the
Department of Homeland Security has developed a Cybersecurity Workforce Framework
(Newhouse et al., 2016) to provide the cyber workforce with a comprehensive collection of work
functions. Although this ontology was created to support the hiring criteria of the US
government and was not empirically supported, it reflects the well-documented rostering of the
cyber domain's job roles. This collection includes nine categories of work-roles, 31 specialization
areas and more than 1000 forms of expertise, skills, and abilities. Reading through them, I have
identified one area that is most aligned to my current educational interest, i.e., Analyze.
According to Cable & Parsons (2001), part of the problem for cyber professionals and the
businesses looking to hire them is that very few people outside the tech industry grasp the cyber
domain's scope. Nevertheless, the vast majority of businesses use the cyber domain for logistics,
connectivity, human resource management and a wide variety of other functions. As a result,
organizations looking to hire cyber professionals operate outside of their core competencies and
thus may not be able to develop a good sense of person-organization suitability. Additionally,
Baker (2016) is of the view that human resources may not understand the language needed to
appropriately advertise for the knowledge, skills, and attitudes they are looking for due to the
complexity of the cyber domain. Finally, in an era of ever tightening budgets, many companies
may want to hire a single professional as opposed to a team in order to keep costs contained or
may seek to contract out the work without fully understanding their own needs.
Since cyber work is hard to grasp, my questions from the professionals would be that how cyber
employees can build trust close to that of other careers and how can it provide opportunity for
corruption, from bad actors as well as from disgruntled employees or even well-meaning
employees. Therefore these questions raise recruiting challenge in today's job market, where
workers are employed for skillsets rather than values.
Therefore, a critical problem with developing a baseline of cyber skills, however, is the
over emphasis on technical skills such as computer sciences or electrical engineering (Gates et
al., 2014). While technical skills are an important aspect of knowledge within the cyber domain,
it is only one aspect. Cyber threat detection requires knowledge not only of technical
vulnerabilities but in understanding how everyday user behavior increases network
vulnerabilities (Arachchilage and Love, 2013). Convincing users to engage in best practices, as
opposed to actively working against network security officers is a skill set that relies more on
social skill and persuasion than technical skill (Shillair et al., 2015). Criminal investigations are
another area within the overarching cyber domain that is both technical and investigative and
relies more on social skill than raw cognitive ability.
References
Arachchilage, N. A., and Love, S. (2013). A game design framework for avoiding phishing
Baker, M. (2016). Striving for Effective Cyber Workforce Development. Pittsburgh, PA:
Cable, D. M., and Parsons, C. K. (2001). Socialization tactics and personorganization fit. Pers.
Shillair, R., Cotten, S. R., Tsai, H. Y., Alhabash, S., LaRose, R., and Rifon, N. (2015). Online
safety begins with you and me: convincing internet users to protect themselves. Comput.