The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) provides updated guidance to Special Publication (SP) 800-50 for developing and managing a robust cybersecurity and privacy learning program in the federal government. The NIST SP 800-50r1 revision was informed by the National Defense Authorization Act (NDAA) for FY2021, the Cybersecurity Enhancement Act of 2014, and the NICE Workforce Framework for Cybersecurity (NICE Framework). Also, the 2016 update to Office of Management and Budget (OMB) Circular A-130 emphasizes the role of both privacy and security in the federal information life cycle and requires agencies to have security and privacy awareness and training programs.
Titled ‘NIST Special Publication (SP) 800-50r1 (Revision 1), Building a Cybersecurity and Privacy Learning Program,’ the revision to SP 800-50 provides guidelines for building and maintaining comprehensive Cybersecurity and Privacy Learning Programs (CPLPs) for federal organizations. It also includes awareness activities and campaigns, awareness training, practical exercises, topic-based training, role-based training, and educational programs. The document also…