The Department of Defense, the General Services Administration and NASA are seeking industry comments on a proposed new rule to add workforce knowledge and skill requirements to government cybersecurity and IT support services acquisitions. The agencies published Tuesday in the Federal Register their recommendation to add the National Initiative for Cybersecurity Education, or NICE, Framework to the Federal Acquisition Regulation.
The move is in line with the Executive Order on America’s Cybersecurity Workforce, which President Donald Trump issued in 2019.
Table of Contents
What Is the NICE Framework?
The NICE Framework, developed by the National Institute of Standards and Technology, establishes a common language to be implemented not just in government, but also in the commercial and academic sectors. It identifies proficiencies needed to perform technology and cybersecurity-related work.
The resource aims to improve communication between stakeholders and enhance the development, recruitment and retention of highly qualified professionals in government.
Proposed FAR Changes
Under the Proposed Rule, all agencies will be required to elucidate an acquisition plan’s cybersecurity workforce tasks, knowledge, skills and roles in adherence to the NICE Framework. All offers, quotes and reporting requirements contractors submit to agencies must also align with the NICE Framework.
GSA, DOD and NASA will accept written comments on the proposed FAR amendments until March 4.