Government hunts for elusive cyber skills
Cyber pros are in high demand and are hard to locate
Of all the pieces needed for government to adequately address all the cybersecurity challenges that face it, the one that continues at the top of the list is the supply of skills and people who can fight the battle in the trenches. There just aren’t enough of them.
In a report it compiled in late 2011, federal market watcher Deltek said the government expects a 20 percent increase in its national cybersecurity labor pool by 2015 from 2010 levels, to around 32,400 people. But to keep up with the global growth rate of IT professionals, it would need to add 61,000 more by then.
“The growth in the government security workforce is much slower than what’s needed,” said John Slye, a senior principal research analyst at Deltek. “At some point, it will reach critical mass, maybe in a couple of years, but right now they are far behind the demand curve.”
Part of the reason is the constraints on agency budgets, he said, but they’ll eventually have to invest in this area. In the meantime, agencies will have to rely heavily on the contract workforce even while there are pressures on agencies to reduce the number of contractors in government.
There are signs that government is finally committing to solve the problem. The Defense Department, for example, has been running a cyber boot camp for several years as a way of recruiting talent from colleges and high schools.
In March 2012, DOD also published final rules for its Information Assurance Scholarship Program, which pays for everything a student needs to get a cybersecurity college degree in return for a timed commitment to the military or the DOD civilian service.
The Department of Homeland Security and the National Security Agency have also joined to establish national centers of excellence at a number of universities to support development of students at schools with information assurance education and research programs.
NSA separately launched the National Centers of Academic Excellence in Cyber Operations program in May as an attempt to identify institutions that offer “a deeply technical, interdisciplinary curriculum centered on fields such as computer science, computer engineering and electrical engineering.”
Although many U.S. colleges and universities offer courses or promote projects in cybersecurity, NSA said, the new program will help integrate academic disciplines with a focus on developing core, specialized skills that are fundamental to both cyber offense and defense, such as data collection, exploitation and response.
And at the beginning of June, DHS said it was setting up a cybersecurity workforce task force to look into what strategies are needed to expand DHS’ involvement in such things as cybersecurity competitions and university programs, as well as how to work with other government agencies to develop a more agile cyber workforce for the federal government.
Another of the task force’s goals is to develop good career paths for people already in DHS and other agencies who want to focus on cybersecurity issues. That’s something it’s already started to pursue, testing the waters with things such as a pilot program launched in March 2012 with the Naval Postgraduate School in Monterey, Calif., through which a select group of employees can earn a master of science degree in cyber systems and operations via distance learning.
That and more is necessary for what DHS Secretary Janet Napolitano has called an urgent need to build a “world-class cybersecurity team [and] a strong, dependable pipeline for the future.”