Our colleagues at the ISSA are working with NIST on their National Initative for CyberSecurity Education (NICE). NIST would like to have a review of their Track 4 Functional Area 2 requirements by a select number of senior level information security professionals outside of the government area to see if all functional areas are covered as well as the terms used are understandable to those outside of government.
NIST is seeking to ensure that what is put forward will have functional areas that are well defined on a broad base. They want to answer the questions:
Do these 19 competencies provide sufficient coverage?
Is the language “demilitarized and degovernmentized” enough for a national audience to be able to review it and comment appropriately?
In other words, they would like you to look at the current framework from the lens of industry organizations, considering the work conducted within industry that relates to this functional area (i.e., are we missing anything), and whether the language/terminology would resonate with that audience (providing comments as necessary).
I'm asking that a few of our senior member take time to review the attached spreadsheet and provide your comments via email to Marc Noble, Senior VP of ISSA.
