Report urges government to start young in cybersecurity recruiting

The government must attract a larger pool of candidates for cybersecurity jobs, in part by generating more interest in the field at younger ages, according to a report released Wednesday by the nonprofit Partnership for Public Service and consultancy Booz Allen Hamilton.

"It's not that we can just compete better [with the private sector for talent], we need to grow the number of people altogether," said Max Stier, president and chief executive officer of the Partnership.

Through a survey with 69 chief information officers, chief information security officers and human resources officials in 18 federal agencies, the Partnership and Booz Allen concluded that the government currently does not have enough cybersecurity experts. Seventy-six percent of survey respondents said recruiting for cybersecurity jobs was a top or high priority, and 41 percent were dissatisfied with the quality of applicants.

The report comes just weeks after a coordinated cyberattack over July 4 targeting a number of federal agencies.

"The overriding finding of our analysis is that our federal government will be unable to combat these threats without a more coordinated, sustained effort to increase cybersecurity expertise in the federal workforce," the report stated.

Analysts cited a host of problems, including a lack of coordination among agencies, overreliance on contractors, the need for more flexibility in recruitment and retention rules, and a lack of cybersecurity training for existing information technology personnel. But the report concentrated on the need for a better pipeline of job candidates and encouraged agencies to reach out to young people.

"Don't wait until they graduate -- get there early and maybe steer their choice of studies," said Ron Sanders, the chief human capital officer of the Office of the Director of National Intelligence.

The report recommended that Congress increase funding for recruitment programs, especially those at colleges and other schools. It endorsed legislation such as the Roosevelt Scholars Act, introduced during the last Congress to give scholarships to graduate students committed to careers in public service, and the 2009 Cybersecurity Act (S. 773), which increases funding for programs promoting cybersecurity studies.

Other recommendations included streamlining the hiring process and creating better job classifications to make sure hiring managers and CIOs and CISOs are in agreement agree on the skills needed.

Stier said agencies should look at NASA, which runs recruitment programs that begin as early as high school or middle school, as a model.

Sanders said this was a prime opportunity for the government to cooperate with the private sector to increase the number of citizens interested in cybersecurity, even as agencies compete with companies to hire them.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.