Management Matters Management MattersManagement Matters
Practical advice for federal leaders on managing people, processes and projects.

The Upside of High Turnover

ARCHIVES
Thinkstock

The Pentagon can vie with industry for cybersecurity researchers by letting the scientists return to the private sector after a few years in government, the Defense Advanced Research Projects Agency chief said in a novel suggestion for retaining talent from a narrow pool.

Contractors and agencies are seemingly desperate for reformed hackers, academics and other computer security whizzes to defend government networks from constantly morphing threats. Typically, the private sector lures computer scientists by paying a premium and letting them tinker with new gadgets and gizmos. The National Security Agency, the military's cyberespionage force, wants more liberty to offer salary increases and promotions for retention. DARPA, meanwhile, says its own workforce is rebooted every three to five years to keep up with technological advances.

"The shelf life of cyber capabilities is short. We might even posit that the shelf life of cyber skills is relativity short," DARPA acting Director Kaigham J. Gabriel told lawmakers late Tuesday afternoon. The Defense Department may want to preserve a core of professionals, "but in fact perhaps we should just plan on building a model where there will be a significant refresh of folks."

He also offered the somewhat paradoxical advice of dropping education requirements for researcher job eligibility. "This is a community where the traditional metrics of master's degree or a Ph.D. may not be as important," Gabriel said at a Senate Armed Services Emerging Threats and Capabilities Subcommittee hearing. Many of DARPA's cybersecurity program managers do not have doctorates, he said.

"Their skills, their capabilities, their insights are coming from the practice in the community, and frankly, it will have a shelf life," Gabriel said. "They'll go through the three to five years, and they'll move on, and others will come in with a newer, different perspective."

Gabriel noted that DARPA program managers, office directors and even department directors stay for the same time period. "That is the pace at which we believe you need to bring in the talent, to bring in the perspective and the sense of urgency."

Former DARPA Director Regina Dugan departed for a position at Google earlier this month.

NSA Research and Development Director Michael A. Wertheimer told lawmakers he needs greater latitude to promote and pay computer scientists to keep them at his agency.

"The average time and grade is 12 years to your first promotion, 12 years to your second promotion," he said. "You can't walk in and tell them, 'You're going to wait six years if you're good, 12 years if you're average.' "

NSA hires computer scientists with doctorates for $90,000 a year, while equivalent professionals in the private sector net between $75,000 and $124,000, Wertheimer said. In industry, the average salary increase is 4 percent annually, but NSA experts currently are under pay freeze, he said.

The high resignation rate among cybersecurity researchers demonstrates their frustration, Wertheimer said: "If you look at attrition across the National Security Agency, 44 percent who attrit are resigning, as opposed to retiring. In computer science, it's 70 percent" who are leaving before retirement age.

Wertheimer added, "Every one of them says to me on an exit interview, 'It's less about the money. It's the sense that I simply cannot advance in my organization.' "

Government cybersecurity contractors interviewed Tuesday night said the bureaucracy of government turns off skilled experts accustomed to academic freedom and higher productivity.

"If there's no innovation, they don't want to stay around in that place," said one member of the Information Systems Security Association National Capital Chapter who wished to remain anonymous for professional reasons. The chapter primarily consists of federal personnel and contractors. "I would like to go to the government, but with what I'm seeing as a contractor, why would I want to do that?"

Some of the entrenched leaders in government lack technical skills and, due to most procurement schedules, projects can drag on for years, the contractors said. "If they start working for the government they get demoralized," another member said.

One Pentagon contractor said, "the federal service rewards people who are risk avoidant," but observed that returning troops joining federal agencies are shaking up that culture with a "can-do" attitude.

Aliya Sternstein reports on cybersecurity and homeland security systems. She’s covered technology for more than a decade at such publications as National Journal's Technology Daily, Federal Computer Week and Forbes. Before joining Government Executive, Sternstein covered agriculture and derivatives trading for Congressional Quarterly. She’s been a guest commentator on C-SPAN, MSNBC, WAMU and Federal News Radio. Sternstein is a graduate of the University of Pennsylvania.

FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

    Download
  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download
  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.

    Download

When you download a report, your information may be shared with the underwriters of that document.