To meet the skills gap, Commonwealth of Virginia on August 31, became the first state to formally adopt National Initiative for Cybersecurity Education (NICE) Workforce Framework and incorporate it into existing cybersecurity education and hiring efforts.
The NICE Framework provides a common language to speak about cyber roles and jobs, and helps define personal requirements in cybersecurity. It is comprised of three components namely categories, specialty areas, and work roles and its key audience consists of employers, workers, training and certification providers, education providers, and technology providers.
The federal framework acts as a catalyst for firms and industry sectors with shared needs for a cyber-workforce. Employers can use the framework to provide guidance for Virginia’s workforce education and training partners.
The NICE framework has been adopted by Virginia’s K-12 career technical education programs and community college system, that allows the state to align secondary and post-secondary education and training to support the growing demand for the cluster of cyber security occupations.
To endorse the guideline, Virginia Governor Terry McAuliffe said, “Adding this framework to our current efforts led by the Secretaries of Technology, Education, Commerce and Trade, and Administration will strengthen the commonwealth’s ability to address the high demand for skilled cyber security professionals and enhance our position as a global leader in cyber security”, while adding “Virginia has one of the highest concentrations of cyber professionals in the country, but we need to continue to evolve our workforce education and training efforts to support Virginia’s businesses as they work to meet the challenges of data security and integrity and thwart compromising cyberattacks”.
Virginia Secretary of Technology Karen Jackson told Statescoop, “Everything we do in the cyber world, through the CIO, CISO — Nelson [Moe] and Mike [Watson] — all of it somehow ties back and has a nexus to that  framework”.
In an email to Statescoop, NICE Director Rodney Petersen said, “the organization does not track which states have adopted the NICE Framework or to what extent — only that there are anecdotes of states having referenced it”.
Development of the NICE Framework was done in coordination with the National Institute of Standards and Technology (NIST), a national focused resource that categorizes and describes cybersecurity work.