Summary

A rapid shift towards remote work and reliance on cloud-based infrastructures have drastically expanded the attack surface of our digital ecosystem. This increasingly connected ecosystem has seen a 238 percent uptick in cyber-attacks since COVID-19, further highlighting the need to enhance, support, and strengthen federal cyber talent defenses.

“Recruiting and retaining the most skilled individuals with high-demand cyber expertise is a top priority for both OIT and industry leaders alike,” says Department of Veteran Affairs Chief Information Officer, Kurt DelBene. “There is a growing need for a highly skilled technology workforce and talent pipeline to support widespread digital transformation throughout the federal government.”

With cyber talent in short supply and an aging federal workforce, agencies across the government are under pressure to re-strategize, reenergize, and promote themselves as key players in the cyber talent space.

The Federal Cyber Workforce Management and Coordinating Working Group (Working Group) published the State of the Federal Cyber Workforce Report as a call to action, outlining the coordinated, collaborative approach that must be taken to overcome common workforce challenges and promote the federal government as a premier employer of cyber talent.

Multi-year Strategy and Implementation Plan

The Working Group conducted an environmental scan with workforce practitioners, HR specialists, and cyber professionals across its 24 federal departments and agencies, to determine how and why current federal policies, processes, and infrastructure were serving as roadblocks to recruit, develop, and retain cyber talent. From their study, the Working Group identified the following five shared challenges:

  1. Cyber Workforce Policy and Classification: Current workforce policies, classification standards, and qualification requirements are insufficient in supporting the highly specialized nature of cyber work or the rate at which the cyber talent ecosystem evolves.
  2. Cyber Workforce Data: Disjointed approaches for collecting, analyzing, and reporting cyber workforce data makes it increasingly difficult to project the health and maturity of the federal  cyber workforce, forecast near and long-term needs related to carrying out mission critical functions, and develop data-driven human capital strategies.
  3. Entry-Level Talent: Statutory regulations, a lack of entry-level positions, and too few alternative entryways into cyber civil service contribute to a widening gap at the front end of the federal cyber talent pipeline.
  4. Current Cyber Talent: A lack of upskilling opportunities, articulated and widely accepted career paths, and role-specific professional development tools prevent current practitioners from acquiring and honing portable skillsets needed to progress in their disciplines or mobilize into roles of emerging and critical need.
  5. Recruitment and Retention: Wide disparities in pay, cumbersome recruitment and retention flexibilities, and a lack of employee-centric, cohort styled onboarding programs undermine the value proposition for joining cyber civil service.

The Working Group led multiple ideation sessions to translate the above challenges into visions, goals, and high priority actions spread across the following four workforce domains:

Actions and their corresponding solution sets were developed as components of a multi-year strategy and implementation plan, with solutions for each workforce domain across three phases, as well as separate, Tri-Chair led actions. Paramount to addressing the challenges faced across the federal landscape is the implementation of specific recommendations to strategic policy and lawmakers – namely, a unified national cyber workforce strategy, dedicated resources, and cyber-specific personnel policies.

Solutions for Human Resources

VISION: To establish a cadre of expert cyber-HR practitioners to equip the HR community, hiring managers, and cyber leaders with the knowledge and resources needed to integrate the NICE Framework into workforce management practices.

GOAL: Promote understanding and application of the NICE Framework to enhance the management and development of the federal cyber workforce.

  • Phase 1 – Standardize the training and education of the HR community, hiring managers, and cyber leaders in applying the NICE Framework to workforce management practices
  • Phase 2 – Demystify the definition and scope of the cyber workforce to streamline position description (PD) development and its work role-to-position accuracy
  • Phase 3 – Promote CyberCareers.gov as the central hub for federal cyber career resources

Solutions for Workforce Data

VISION: To develop an interactive, federal-wide cyber workforce dashboard to enable federal agencies and leaders to deploy data-driven recruitment, development, retention, and workforce planning policies and strategies.

GOAL: Transform cyber workforce reporting and data analytics through standardization of metrics and data management.

  • Phase 1 – Redefine federal cyber workforce reporting requirements to improve data quality and integrity
  • Phase 2 – Streamline and centralize the collection, analysis, and accessibility of baseline workforce metrics
  • Phase 3 – Establish mechanisms to capture current and future cyber workforce needs and inform workforce policies and strategies

Solutions for Workforce Development

VISION: To launch a federal cyber academy to centralize training and development for current and future practitioners, aligned to cyber qualification requirements.

GOAL: Modernize cyber career development programs, tools, and resources to improve mobility and skill portability across the federal government.

  • Phase 1 – Streamline skill set development through alignment of career resources to the NICE Framework
  • Phase 2 – Create career guidance mechanisms to facilitate employee development and progression
  • Phase 3 – Develop skills assessment tools to assess capabilities and gauge proficiency

Solutions for Recruitment and Retention

VISION: To establish an end-to-end recruitment and onboarding program to cultivate employee engagement early on and promote growth of a cyber career within the federal government.

GOAL: Position the Federal Government as a competitive employer for incoming and future cyber professionals.

  • Phase 1 – Enhance the candidate screening process with skills proficiency evaluation tools
  • Phase 2 – Create a “candidate first” hiring and onboarding process through curated, cohort-based experiences at the onset of the recruitment stage
  • Phase 3 – Promote awareness of cyber employment opportunities within the federal government and increase diversity through targeted recruitment strategies

Recommendations for Policymakers

Goal: Address the need for 1) a National Cyber Workforce Strategy, 2) dedicated resources, and 3) cyber-specific policies and flexibilities to achieve the desired state of the federal cyber workforce.

  1. The Office of the National Cyber Director (ONCD) should create and implement a National Cyber Strategy to address the needs of the federal cyber workforce. ONCD, supported by the Working Group, can help unify efforts and support the health and welfare of the cyber workforce.
  2. The Office of the National Cyber Director (ONCD), agency Chief Financial Officers, and The Chief Financial Officers Council should designate funds to drive initiatives housed within the National Cyber Strategy; policymakers should introduce or support legislation dedicating funding and resources to supporting cyber workforce classification, analytics and reporting, and training.
  3. The Office of Personnel Management (OPM) should update classification, qualification, and assessment policies to meet cyber workforce needs; federal policymakers should introduce or support legislation to support cyber-specific hiring, pay, and promotion flexibilities.

We invite you to share this content. Choose your platform.