NICE Framework & DCWF
How the federal NICE Framework and the DoD Cyber Workforce Framework (DCWF) work together.
What Is the NICE Framework?
The NICE Framework (NIST Special Publication 800-181 Revision 1) is the federal-level Workforce Framework for Cybersecurity, published by the National Institute of Standards and Technology (NIST). It provides a common language for describing cybersecurity work — organizing it into Work Role Categories, Work Roles, Competency Areas, and Task, Knowledge, and Skill (TKS) statements.
The NICE Framework is used across all federal agencies and widely adopted by industry. It serves as the foundation from which the DoD built its own framework — the DCWF.
How DCWF Relates to NICE
The DoD Cyberspace Workforce Framework (DCWF) is the DoD-specific extension of the NICE Framework, established as the “authoritative reference for the identification, tracking, and reporting of DoD cyberspace positions” by DoDD 8140.01 (§Purpose). The DCWF:
- Shares core structure with NICE — many DCWF work roles map directly to NICE work roles
- Extends NICE with DoD-specific roles not found in the civilian framework (e.g., Cyber Operator, Target Developer, Exploitation Analyst)
- Organizes into five workforce elements defined in DoDD 8140.01: IT (Cyberspace), Cybersecurity, Cyberspace Effects, Intelligence (Cyberspace), and Cyberspace Enablers
- Adds qualification requirements through DoDM 8140.03 — the NICE Framework itself does not prescribe qualifications, but the DCWF links each work role to a qualification matrix
The alignment between DCWF work roles and NICE work roles is reviewed at least annually by the Cyberspace Workforce Management Board (CWMB) and published on the DoD Cyber Exchange (DoDM 8140.03, §1.4).
NICE Framework Versions
| Date | Version | Details |
|---|---|---|
| Nov 2020 | SP 800-181 Rev. 1 | Current published revision of the NICE Framework structure document |
| Mar 2025 | Components v2.0.0 | Major update to Work Roles, Competency Areas, and TKS statements |
| Jun 2025 | Proposed updates | Cybercrime Investigation work role update and new AI Security competency area |
| Dec 2025 | Components v2.1.0 | Current version of NICE Framework data components |
Note: NIST publishes the framework structure (SP 800-181) separately from the framework data (Components). The structure document remains Rev. 1, while the data components receive more frequent updates.
Why NICE Matters for DCWF Personnel
- Certification alignment: Many commercial certifications approved in the DoD 8140 Qualification Matrices are mapped to both DCWF and NICE work roles
- Career mobility: Understanding NICE helps when transitioning between DoD and civilian federal or private-sector cybersecurity positions
- Interactive tools: CISA’s Cyber Career Pathways Tool uses NICE Framework data (v2.1.0) — it is an excellent resource for exploring work roles even if you work under DCWF
- Training alignment: The CISA Career Development & Training Guide (Sep 2025) maps training resources to NICE roles
Sources
- NIST SP 800-181 Rev. 1, Workforce Framework for Cybersecurity (NICE Framework), Nov. 2020. Download PDF
- NICE Framework Current Versions, NIST. View
- NICE Framework Latest Updates, NIST. View
- DoDD 8140.01, Cyberspace Workforce Management, Oct. 5, 2020, §Purpose. Download PDF
- DoDM 8140.03, Cyberspace Workforce Qualification and Management Program, Feb. 15, 2023, §1.4. Download PDF