Featured eBooks
Artificial Intelligence and Efficiency
Health Tech
Sponsor Content
Golden Dome Insights & Updates
Insights & Reports
Agentic AI for federal advantage: A practical playbook
Presented By Carahsoft
Download Now
Success Through Digital Resilience: How Splunk and ThousandEyes Enhance Network Visibility
Presented By Splunk | Carahsoft
Download Now
Employee Policy

Government lacks strategy for cybersecurity workforce

The federal government still has no government-wide master strategy to build and maintain a cybersecurity workforce, according to a report released this week.

FederalSoup Staff,
Federal Soup

|
Federal Soup

The federal government still has no government-wide master strategy to build and maintain a cybersecurity workforce, according to a report released this week.

According to the new report from the Partnership for Public Service and Booz Allen Hamilton, without an overriding strategy, federal agencies are operating largely on their own "under a haphazard system."

While the report finds that some intelligence and defense agencies have had a greater measure of success in tackling their cybersecurity needs, the lack of a government-wide plan has left most agencies foundering without an understanding of emerging talent needs, or a basic knowledge about which current employees require further training. In fact, the government still "does not know exactly how many cyber workers it employs, what skills they have, where they work and what skills they need," the study stated.

The report also attributed some blame to an "antiquated" jobs classification system that puts too many cyber workers under the GS  2210 Information Technology Management Series, which the report said cannot encompass the full range of cybersecurity jobs, and which currently contains only one occupational specialty focused on cybersecurity.

These complications, in addition to other endemic, government-wide hindrances to hiring and retaining employees, make it even harder for agencies to compete with private-sector employers to attract highly sought after cybersecurity professionals, the report notes.

"Currently, federal agencies are scrambling to attract and retain elite professionals to strengthen their defenses, but as outlined in this report, they often are impeded in getting some of the highly skilled employees by the absence of a government-wide strategy, and because of factors such as weak talent pipelines, insufficient applicant assessments, a cumbersome and inflexible hiring process, a lack of consistent and targeted training, non-competitive pay, and ill-defined job classifications and career paths," the report states.

"The demand for such talent is outstripping the supply, and that demand is expected to grow and evolve in the years ahead as cyber threats increase in number and complexity," it said.

As part of a comprehensive strategy, the authors recommend the government take a range of actions to shore up its cybersecurity workforce and put a hiring pipeline in place. Among other things, the recommendations include:

  • Offering more cybersecurity internships and scholarships;
  • Creating a civilian Cyber Reserve Training Corps similar to the Reserve Officers' Training Corps;
  • Expanding direct-hire authority for cyber positions;
  • Putting all cyber positions in the excepted service;
  • Establishing a cybersecurity training academy; and
  • Developing a market-sensitive pay system for the cyber workforce.

"The cyber talent crisis has persisted long enough," the report states. "Our nation is at risk as the number and sophistication of cyber-attacks continue to grow, but the government has failed to act with urgency."

NEXT STORY: IG cites glimmer of financial hope for Postal Service