White House releases federal cybersecurity workforce strategy
July 12, 2016
The White House announced new measures Tuesday to strengthen the federal cybersecurity workforce, including policies that will help agencies retain, as well as recruit, highly skilled information security professionals.
The federal government's four-part cyber workforce strategy aims to create a path for cybersecurity professionals to take a "tour of duty" in the public sector over their career arc, according to a blog post attributed to Office of Management and Budget Director Shaun Donovan, Office of Personnel Management acting Director Beth Cobert, Special Assistant to the President and Cybersecurity Coordinator Michael Daniel, and U.S. Chief Information Officer Tony Scott.
Over the coming months, the White House plans to partner with agencies to streamline hiring practices to quickly bring in new talent, as well as create a "cybersecurity cadre" within the Presidential Management Fellows program to attract top cybersecurity talent from the private sector.
Additionally, OPM will build cybersecurity career paths for current information security professional working in government, including badging and credentialing programs, rotational assignments, and efforts to make current cyber employees subject matter experts in their field.
The strategy also will lean on the National Institute of Standards and Technology's National Initiative for Cybersecurity Education with plans to hire 3,500 more IT security professionals before the year ends. According the blog post, the government has hired 3,000 people for cybersecurity jobs in the first half of the current fiscal year.
The strategy comes as part of the Obama administration's Cybersecurity National Action Plan, which among other things, calls for $62 million in the 2017 budget to expand cybersecurity education across the country. That money would fund competitive scholarships or full tuition for students through the CyberCorps®: Scholarship for Service program or grants to to hire or retain professors, adopt a cybersecurity core curriculum and strengthen overall cybersecurity education programs.
"We must recognize that these changes will take time to implement, and the workforce strategy’s long-term success will depend on the attention, innovation, and resources from all levels of government," the blog post reads. "The initiatives discussed in this Strategy represent a meaningful first step toward engaging Federal and non-Federal stakeholders and provide the resources necessary to establish, strengthen, and grow a pipeline of cybersecurity talent well into the future."
Federal agencies have been clamoring for more security professionals among their ranks. In one such instance, IRS commissioner John Koskinen asked Congress earlier this year reinstate streamlined critical pay, a provision that authorizes the agency to hire up to 40 individuals at any one time into positions it deems vital to the agency in an administrative, technical or professional field. The IRS had been using that authority to hire IT security professionals, but the provision expired in 2013.
"Every day, federal departments and agencies face sophisticated and persistent cyber threats that pose strategic, economic, and security challenges to our nation. Addressing these cyber threats has required a bold reassessment of the way we approach security in the digital age and a significant investment in critical security tools and our cybersecurity workforce," the blog post reads. "While we have made significant progress, we must do more."