Daily Rules, Proposed Rules, and Notices of the Federal Government
* Send an e-mail request to
Submit completed comment forms via e-mail to
The IT security workforce must be prepared to meet the challenges that exist today and in the future. IT security is a strategic aspect of an organization's business or mission and as a strategic priority, it has the potential of enhancing productivity and improving the way an organization functions. As the IT security profession matures, it requires qualified professionals with the competencies to support increasingly sophisticated demands. In response to this challenge, the DHS-NCSD worked with higher education, government and private sector experts to develop an umbrella framework that establishes a national baseline representing the essential knowledge and skills that IT security practitioners must have to perform.
The DHS National Cyber Security Division (NCSD) developed the IT Security EBK as a competency-based framework that links competencies and functional perspectives to IT security roles fulfilled by personnel in the public and private sectors. Potential benefits of the IT Security EBK for both professional development and workforce management initiatives include:
• Articulating the functions that professionals within the IT security workforce perform, in a context-neutral format and language;
• Promoting uniform competency guidelines to increase the overall efficiency of IT security role-based training; and
• Providing a content guideline that can be leveraged to facilitate cost-effective professional development of the IT workforce, including future training and education, academic curricula, or affiliated human resource activities.
The IT Security EBK builds directly upon the work of established bodies of knowledge; it is not an additional set of guidelines, and it is not intended to represent a standard, directive or policy by DHS. Instead, it further clarifies key