A new white paper reinforces the notion that the way forward is to work around the current system.
Reading the new white paper by the Cyberspace Solarium Commission, “Growing A Stronger Federal Cyber Workforce,” triggered memories of the 1976 movie Network when an aging TV anchorman tells the audience, “I’m mad as ... ”—you remember the rest.
The white paper is not the problem; it describes a credible strategy. The rage was triggered by knowing “the five elements” of a federal cyber workforce strategy—workforce planning, recruiting, developing, retaining and growing the national talent pool—are core human resource concerns and then realizing the report is silent on the role of HR, except for stressing the need for “variance” from “government’s standard human resource practices.”
The Office of Personnel Management is mentioned once in the report with a brief reference to OPM’s responsibility for workforce policies. The only discussion of “personnel” is a section on the security clearance process.
The phrase “civil service system” is absent. With each of the five elements, the report confirms the system’s failure. The continuing thread is the need for flexibility to work around the system.
The discussion of the first element introduces the need for flexibility. The focus is job classification and the main point is that cybersecurity work roles do not fit cleanly into one of the occupations paid under the General Schedule. Years ago, as new technology specialties emerged, OPM concluded it had a problem classifying the new jobs and switched to the catch-all series 2210—Information Technology Management. The main point: cyber jobs are not easily categorized.
Classification is an antiquated HR practice that originated in the 1800s. Those long job descriptions are another outworn practice originally used to define and control what an employee was expected to do. Classification as practiced in government does not exist in business or any other sector. Its unstated purpose is centralized control across government. It locks government into outdated, generic standards and a 1949 hierarchy of jobs that artificially delimit how much jobs can be paid.
The report makes the important point that the recommendations are not new. “Many of these recommendations have been circulating for years but remain unimplemented or underutilized because of under resourcing or bureaucratic hurdles.” A report from 2009, “Cyber In-Security: Strengthening the Federal Cybersecurity Workforce,” a joint product of the Partnership for Public Service and Booz Allen Hamilton, made similar recommendations. That report called for the White House “to lead a nationwide effort to encourage more Americans to develop technology, math and science skills.”
The Cyberspace Solarium Commission, which produced the latest white paper, was created by Congress to identify a strategic approach “to protect the United States against attacks of significant consequence in cyberspace.” The country has made a solid commitment to building a cybersecurity infrastructure but those 30,000 vacancies make it clear the people problems have not been solved. It’s been a decade since President Obama declared cybersecurity to be “one of the most serious economic and national security challenges we face as a nation.”
A number of points stand out in reading the white paper:
- First, the paper emphasizes the importance of flexibility and special authorities and implicitly assumes the civil service system will continue as the basis for workforce management. An obvious point is that cyber jobs warrant a completely separate pay system, not “pay flexibility.” The best performers, especially those in knowledge jobs, expect their value to be recognized. More broadly, it would be advantageous to adopt the National Geospatial-Intelligence Agency reform strategy and create a best practice HR system for cybersecurity and STEM specialists.
- Second, the report is typical of many high level reports in that the focus is policies and systems. It is silent on the issues, positive and negative, that affect an employee’s work experience. It is also silent on how employee experience and knowledge of career opportunities can be used to make working for government more attractive. Employees understand the changes needed to attract talent, the reasons for early turnover, and the issues that affect performance better than anyone. In the NGA reform efforts, front line workers were instrumental in the planning and their ongoing feedback was important to addressing issues over time.
- Third, the Partnership/BAH report recognizes that government needs to invest in the supervisory skills of managers and supervisors. There is solid evidence they are instrumental in retaining the talent and in creating high performance work groups. The failure to recognize the importance of managers and supervisors is unfortunately common in reports on workforce problems. As a manager quoted in a recent article described her role, “Ultimately, my job is to give energy, empowerment, and vision to the employees I lead.” They are the key to employee engagement. Government needs to augment its investment in managers and supervisors.
- Fourth, the silence on the role of HR ignores the obvious point that in other sectors talent management is the domain of HR. The role of HR has undergone steady change for roughly three decades. In today’s successful companies, HR executives are proactive leaders in addressing workforce issues. In government there is “a disconnect between front-line managers and HR.” That disconnect is very evident in the commission’s white paper.
The HR problem has to be addressed soon or government’s workforce and performance problems will continue to deteriorate. Recently, the HR problem was addressed in a lengthy report, “Transforming the Governance of Federal Human Capital Management,” which was jointly produced by the Senior Executives Association and the Center for Organizational Excellence. That followed a report from the SEA, “Are Declines in U.S. Federal Workforce Capabilities Putting Our Government at Risk of Failing?” The SEA members are accountable for agency performance. SEA has released a series of reports over the past several years on HR management problems. The SEA-COE report presented an emphatic case for investing in an HR function that is instrumental in addressing workforce problems.
An issue that is not stressed in these reports is that the HR offices have virtually no involvement in the day to day management of employees. The pandemic and subsequent increase in remote work has triggered still unresolved questions about how best to sustain essential performance levels. Reports have confirmed agencies have high and costly turnover of recently hired employees. Experts have argued managers need a different approach to supervision.
One of the recent developments in HR best practices is that performance management should shift to ongoing coaching and mentoring. That means frequent, often brief and informal conversations. A good analogy is the way coaches in football games discuss plays when offense and defense come off the field. Year-end ratings are still important; the best performers need to be recognized and (in every other sector) rewarded. It’s the ongoing experience that’s important to employee engagement and performance.
That approach to supervision is especially important for developing high performing knowledge workers. It's central to creating high performance work groups. Gallup and other experts have highlighted the importance of day to day supervision.
The civil service system as well as the merit principles are silent on what’s needed. Today’s workforce issues were not considerations a century ago. The importance of effective supervision was not addressed in the commission’s white paper or many of the prior reports on building the cybersecurity workforce. But that should not be surprising when HR experts are not included in the discussions.
Managers and supervisors need training and people management tools to support their responsibility. Here again prior reports have failed to address this need. One that stands out is the Homeland Security Department’s IT Workforce Assessment for Cybersecurity report from 2013. The 130-page report has 90 pages devoted to highly detailed findings plus numerous tables and graphs. The level of specificity defies practical use.
To emphasize a point, managers need tools that facilitate meaningful discussions with subordinates of each individual’s strengths and weaknesses along with developmental and career plans. A central issue with knowledge jobs is focusing on specific, job relevant competencies. A rule of thumb is that there should be no more than 10 competencies defined with jargon relevant to the job family.
The bottom line is that government needs to fill thousands of cyber vacancies. It also needs to fill thousands of other vacancies. The white paper is correct in arguing “government must next turn to the programs that make public service a prospect attractive to talented individuals.” That’s important in all fields, especially those requiring specific knowledge and skills. It also needs to reduce the early turnover of recent hires. The SEA report was accurate: workforce problems are putting our government at risk of failing.
The website announcement for the SEA-COE report posed a central question: “Why after so many expert recommendations over many years has the civil service not been modernized?” The country needs an answer, hopefully in the next administration. This is a very different world than existed when the civil service system was adopted.