Cyber Staffing

Official tracks qualified agency specialists to boost proficiency across the nation.

Coordinating interagency efforts to train aspiring cybersecurity specialists, federal employees and the public on data protection is a tall order for Ernest McDuffie, the lead manager for the National Initiative for Cybersecurity Education. Activities to promote safe Web surfing habits include a public awareness campaign, formal cybersecurity education programs, federal workforce training and a new Internet ID system. McDuffie is tracking agencies' progress on all this schooling.

"The problem of training and cybersecurity awareness is bigger than any one agency," he says. "My job has been to figure out what is going on [inside each program] and to bring the tracks into a single unified initiative."

Perhaps the hardest part of the monitoring is defining progress in the burgeoning field of cyber-security education. Indeed, one of McDuffie's goals is to develop performance benchmarks. "The measure is going to be, how is behavior changing across the country for the better," he says. "We're in the process right now of developing a comprehensive strategic plan that will lay out the beginnings of those types of metrics." The strategy is due at the White House in March.

Some scientists argue cyber proficiency suffers from a lack of academic work. "The science [of cybersecurity] seems underdeveloped in reporting experimental results, and consequently in the ability to use them," stated a November 2010 report from JASON, a Defense Department advisory panel. "The research community does not seem to have developed a generally accepted way of reporting empirical studies so that people could reproduce the work and use the results."

McDuffie concedes the newness of the field presents certain logistical and bureaucratic issues, such as obtaining an accurate accounting of the total number of federal cyber specialists. A major goal is to cultivate a large, highly skilled cybersecurity workforce. But he doesn't have a target figure because no one knows which employees to count to assess current staffing.

"What does it mean to be a cybersecurity professional?" he says. "And what is your career path? Because the field is so new and keeps changing, it's hard to answer those questions in any definitive way."

Several vague figures have been bandied about. For example, a former CIA official estimates that about 1,000 security experts in the nation possess the skills to safeguard U.S. cyberspace, but the country needs about 30,000. Homeland Security officials say the number of cyber specialists working for DHS has increased about fivefold in the past two years. McDuffie says two-thirds of all federal employees who work in cybersecurity are at Defense, but he's never heard the number that "all" refers to.

"If I could tell you three years from now what those numbers are from the federal government, that would be a major accomplishment-that we had stable enough definitions about all those different terms," says McDuffie, who works out of the National Institute of Standards and Technology, an agency in the Commerce Department.

Critical to fleshing out those numbers are university graduates with the skills and desire to join the cyber workforce. He gives one cybersecurity education initiative high marks for turning out such individuals. The scholarship for service program that the National Science Foundation runs covers the cost of books, tuition, and room and board for students willing to concentrate in information assurance and then work in the government. "In return for a two-year free ride, they agree to work for the federal government for two years," McDuffie explains. While it's tough to keep track of students once they finish their rotations, all indicators suggest that many stay, he says.

And even if they eventually join the corporate world, that still is a measure of success because the private sector controls about 85 percent of the nation's critical IT infrastructure, he notes.

CompTIA, a trade association that works with NIST to boost the number of credentialed cyber personnel, estimates there are more than 60,000 information security professionals in the federal government certified through its program, not counting contractors. "We feel pretty confident as an industry that we can meet that need" for more sophisticated specialists, says Elizabeth Hyman, CompTIA vice president for public advocacy.

Several other federal departments, such as Homeland Security, coordinate with the private sector and NIST to heighten cybersecurity awareness outside government. NIST recently kicked off a public-private effort to provide consumers with secure online identities so they don't have to memorize a bunch of passwords. The National Strategy for Trusted Identities in Cyberspace aims to offer people a means of verifying who they are interacting with when they conduct online transactions.

Although the model hasn't been finalized yet, some industry officials say the government is making progress.

"The two most critical goals have been cleared," Phil Bond, president and chief executive officer of the trade group TechAmerica, said on Jan. 27 at a Silicon Valley forum sponsored by the Stanford Institute for Economic Policy, NSF's Team for Research in Ubiquitous Secure Technology and various industry groups. "It should be private sector-led," and it is "very important that Commerce was selected as the place to centralize this, Bond said. "Commerce is essentially the private sector's voice in the council of government at the federal government level. From there, listen, learn, help, lead."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by Brocade

    Best of 2016 Federal Forum eBook

    Earlier this summer, Federal and tech industry leaders convened to talk security, machine learning, network modernization, DevOps, and much more at the 2016 Federal Forum. This eBook includes a useful summary highlighting the best content shared at the 2016 Federal Forum to help agencies modernize their network infrastructure.

    Download
  • Sponsored by CDW-G

    GBC Flash Poll Series: Merger & Acquisitions

    Download this GBC Flash Poll to learn more about federal perspectives on the impact of industry consolidation.

    Download
  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

    Download
  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

    Download
  • Sponsored by Aquilent

    A DevOps Roadmap for the Federal Government

    This GBC Report discusses how DevOps is steadily gaining traction among some of government's leading IT developers and agencies.

    Download
  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

    Download
  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

    Download
  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.

    Download
  • Sponsored by CDW-G

    Joint Enterprise Licensing Agreements

    Read this eBook to learn how defense agencies can achieve savings and efficiencies with an Enterprise Software Agreement.

    Download
  • Sponsored by Cloudera

    Government Forum Content Library

    Get all the essential resources needed for effective technology strategies in the federal landscape.

    Download

When you download a report, your information may be shared with the underwriters of that document.