Government
,
Industry Specific
,
Recruitment & Reskilling Strategy
Federal Officials Say There is ‘No Silver Bullet’ to Fixing the Cyber Workforce Gap
U.S. federal agencies struggle to recruit and retain the next generation of cybersecurity talent, officials testified Wednesday, despite a range of initiatives meant to attract a diverse array of skills and perspectives to the cyber workforce.
See Also: OnDemand | National Treasure of Cybersecurity: Guarding Against BEC and Phishing Attacks
The Department of Defense Office of the National Cyber Director and the Office of Management and Budget have worked to harmonize cybersecurity job requirements and remove certain educational barriers, such as making a four-year degree a prerequisite. Those efforts led the Pentagon to set up a special pay and personnel system for cyber and information technology employees called the Cyber Excepted Service, said to Defense Principal Deputy CIO Leslie Beavers.
But the United States – along with the rest of the world – still faces a critical cyber workforce gap, as most experts say at least 500,000 positions need to be filled to adequately protect national security and public health against emerging threats.
“There is work to be done,” Beaver told the House Homeland Security Committee about ongoing cybersecurity hiring and retention efforts, adding: “We have been very aggressive in expanding our recruiting over the years.”
The White House released a national cyber workforce strategy in 2023 that called for boosting recruitment in untapped parts of the country (see: White House Unveils National Cyber Workforce Strategy).
ONCD developed the which calls for a whole-of-government approach to addressing federal cyber workforce needs and includes a series of investments in cybersecurity education and workforce development projects across the public and private sectors.
“Although the problem we have is clear, the solutions are complex,” Seeyew Mo, ONCD assistant national cyber director for cyber workfroce, training and education, testified.
A Tuesday update on implementation said agencies are pivoting to skills-based hiring and talent development and expanding cyber learning opportunities within federal government. The Office of Personnel Management has begun streamlining the hiring process by providing agencies with candidates who have ready-to-use hiring certificates, according to the update, while ONCD has launched a “national workforce road show” to help attract talent across all industry sectors.
ONCD recently established the National Cyber Workforce Coordination Group, which includes senior leadership from various federal agencies, to support the implementation of the workforce strategy. Agencies are “actively participating in the implementation” of the workforce strategy through the working group, Mo said, “by leading initiatives and producing deliverables that respond to the challenges facing cyber education and workforce development.”
“There’s no silver bullet,” he later added.
Some federal agencies have launched successful workforce upskilling and education programs, such as the National Security Agency’s National Centers of Academic Excellence in Cybersecurity. The centers – which have been described as the gold standard in cybersecurity education – collaborate with academic institutions to promote cyber competency development among student populations.
Rep. Andrew Garbarino, R-N.Y., who chairs the House Homeland Security subcommittee on cybersecurity and infrastructure protection, previously introduced an amendment to the National Defense Authorization Act that would have codified the NSA cybersecurity program into law.
The amendment failed to make it into the defense bill, but Garbarino said Wednesday he was “now exploring other pathways” to enhance and expand federal support for cybersecurity education and workforce development programs.