"The Nation's cybersecurity workforce is at the forefront of protecting critical infrastructure and computer networks from attack by foreign nations, criminal groups, hackers, and terrorist organizations. Organizations must have a clear understanding of their cybersecurity human capital skills and abilities as well as potential infrastructure needs to ensure protection against threats to information systems. Today, the cybersecurity community has evolved enough to define a National Cybersecurity Workforce Framework for understanding specialty areas of cybersecurity work and workforce needs. As a result, the field has reached a maturity level that enables organizations to inventory current capabilities. Next, as the nation seeks to build a skilled cybersecurity workforce, it will be necessary for organizations to mature further and begin forecasting future demand for the cybersecurity workforce. The National Initiative for Cybersecurity Education (NICE) evolved from the Comprehensive National Cybersecurity Initiative (CNCI), Initiative 8 - Expand Cyber Education, to develop a technologically-skilled and cyber-savvy workforce of people with the right knowledge and skills. Towards those ends, Component 3 of NICE is focused on the cybersecurity Workforce Structure - specifically the role of workforce planning in developing the national cybersecurity workforce. By identifying best practice1 elements of workforce planning across three components- Process, Strategy, and Infrastructure - and the unique attributes of the cybersecurity workforce, this paper serves as a starting point to encourage discussion around the best methods for cybersecurity workforce planning and ultimately identifying an approach to address significant cybersecurity workforce gaps nationwide."
National Initiative for Cybersecurity Careers and Studies: https://niccs.us-cert.gov/