Report urges government to start young in cybersecurity recruiting

The government must attract a larger pool of candidates for cybersecurity jobs, in part by generating more interest in the field at younger ages, according to a report released Wednesday by the nonprofit Partnership for Public Service and consultancy Booz Allen Hamilton.

"It's not that we can just compete better [with the private sector for talent], we need to grow the number of people altogether," said Max Stier, president and chief executive officer of the Partnership.

Through a survey with 69 chief information officers, chief information security officers and human resources officials in 18 federal agencies, the Partnership and Booz Allen concluded that the government currently does not have enough cybersecurity experts. Seventy-six percent of survey respondents said recruiting for cybersecurity jobs was a top or high priority, and 41 percent were dissatisfied with the quality of applicants.

The report comes just weeks after a coordinated cyberattack over July 4 targeting a number of federal agencies.

"The overriding finding of our analysis is that our federal government will be unable to combat these threats without a more coordinated, sustained effort to increase cybersecurity expertise in the federal workforce," the report stated.

Analysts cited a host of problems, including a lack of coordination among agencies, overreliance on contractors, the need for more flexibility in recruitment and retention rules, and a lack of cybersecurity training for existing information technology personnel. But the report concentrated on the need for a better pipeline of job candidates and encouraged agencies to reach out to young people.

"Don't wait until they graduate -- get there early and maybe steer their choice of studies," said Ron Sanders, the chief human capital officer of the Office of the Director of National Intelligence.

The report recommended that Congress increase funding for recruitment programs, especially those at colleges and other schools. It endorsed legislation such as the Roosevelt Scholars Act, introduced during the last Congress to give scholarships to graduate students committed to careers in public service, and the 2009 Cybersecurity Act (S. 773), which increases funding for programs promoting cybersecurity studies.

Other recommendations included streamlining the hiring process and creating better job classifications to make sure hiring managers and CIOs and CISOs are in agreement agree on the skills needed.

Stier said agencies should look at NASA, which runs recruitment programs that begin as early as high school or middle school, as a model.

Sanders said this was a prime opportunity for the government to cooperate with the private sector to increase the number of citizens interested in cybersecurity, even as agencies compete with companies to hire them.