White House takes on cyber workforce gap
Connecting state and local government leaders
The Trump administration issued an executive order featuring a rotational assignment program and a cybersecurity competition.
To increase the number of cybersecurity workers in government, the private sector and the educational system, the White House issued an executive order that features a rotational assignment program that allows federal employees to more easily take on cybersecurity roles at other agencies and a "President's Cup Cybersecurity Competition" to spur cybersecurity skills across the federal government.
The structure and format of the competition is still being worked out, a senior administration official told reporters in a press briefing on the order, but pointed to other national competitions like the National Collegiate Cyber Defense Competition and the Atlantic Council's Cyber 9/12 Strategy Challenge as potential models for the government to emulate.
The order also standardizes much of the cybersecurity language and taxonomy across federal purchasing, directing Office of Management and Budget and the General Services Administration to ensure all contracts for IT and cybersecurity services draw from the National Initiative for Cybersecurity Education Framework.
Agencies must evaluate each contract to determine whether their assigned personnel have the necessary tech or cyber experience to carry out their tasks, and an interagency panel will develop a list of cybersecurity aptitude assessments for agencies to use.
"This really looks to reskill and upskill those that might be looking to get into a different line of work within the federal agency, giving them new opportunities, but really first and foremost identifying folks that have the basic raw skills that could easily train up to go fill these thousands of open cybersecurity positions," an administration official said.
The program bears many similarities to a bill sponsored by Sens. Gary Peters (D-Mich.) and John Hoeven (R-N.D.) that unanimously passed the Senate this week.
"This program is an important first step to help minimize our cybersecurity vulnerabilities, fortify our existing networks and systems, and build new and innovative infrastructure that puts safety and security front and center," said Peters, who added he still hopes to see his bill signed into law.
The federal government has struggled to develop a whole-of-government strategy to recruit and retain cybersecurity talent at a time when national security and intelligence agencies are warning that threats to federal systems and networks from nation-state and criminal hacking groups has never been higher.
Officials have consistently pointed to government's restrictive pay scales and its inability to compete with private-sector compensation packages as major contributing factors to the cybersecurity workforce shortage. Over the past few years, federal agencies have rolled out a number of piecemeal programs, such as special retention bonuses for cybersecurity employees and a Cyber Reskilling Academy to retrain federal employees with IT and non-IT backgrounds.
More recently, officials at the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency sought $11.4 million in the Fiscal Year 2020 budget for a Cyber Talent Management System that includes special hiring authorities that would allow them to exempt cyber employees from certain hiring and compensation requirements.
"We're looking at that to then identify what we may want to do from a legislative standpoint, because solving this [problem] more broadly will require legislative action … so we think [the DHS pilot] will likely be a proving ground and something we can build on going forward," a senior administration official said.
This article was first posted to FCW, a sibling site to GCN.