Supporting national security strategy by building the cyber workforce
By Susan Fallon
Last year, more than 100 million businesses and individuals were affected by cyber fraud or theft; as a result, U.S. human resource executives are laser-focused on hiring cybersecurity professionals. According to a recent survey, of those organizations hiring additional IT staff in 2015, 43 percent plan to hire IT security professionals – the highest percentage of all types of IT skills. At the same time, 28 percent of organizations say they have a “problematic shortage” of IT security skills – the highest problematic shortage of all types of IT skills.
Nowhere is this shortage more pronounced than within the federal government, whose job it is to protect our national security. Many agencies are now scrambling to address this growing workforce threat. The U.S. Cyber Command plans to recruit about 6,000 “cyber warriors” to help defend against threats to U.S. computer networks. CIA Director John Brennan recently proposed a major expansion of the agency’s cyber-espionage capabilities to stay ahead of the exploding use of smart phones, social media and other technology being used by today’s increasingly sophisticated cyber criminals. And just weeks ago, the White House announced the creation of the Cyber Threat Intelligence Integration Center, a new agency modelled after the National Counterterrorism Center that will fuse and analyze cyber intelligence from across the national security community.
These initiatives are critically important, but they will only be successful if the government can build the right workforce. Research has shown that the shortage of cybersecurity professionals is a significant threat to national security. The top cyber specialists, who are qualified to do data forensics, write code or conduct red-teaming are the most difficult, but also most essential to find. To secure this talent, federal agencies must reconsider how they cultivate, engage and recruit this specialized group of professionals.
A first step in cultivating this group of cyber pros is education and training. The National Initiative for Cybersecurity Careers and Studies (NICCS) serves as a great example of how an agency can foster awareness, provide training and develop rewarding specialized IT career paths. Created by the Department of Homeland Security, NICCS delivers training modules and events for federal IT professionals to expand their skill sets and network with other cyber specialists. In an effort to help these individuals safely and legally hone their craft, NICCS also provides access to cyber competitions, where participants can apply offensive and defensive maneuvers in a competitive environment.
These cyber laboratories offer students highly realistic experience that would otherwise be difficult to simulate, and NICCS is not alone in its promotion of competitions. The U.S. Cyber Challenge (USCC), whose mission is to significantly reduce the shortage in today’s cyber workforce by building a talent pipeline, holds on-campus competitions for high school, college and post-graduate students. Created in 2010, USCC aims to find 10,000 of America’s most talented IT specialists, and each year thousands of new applicants apply for spots in one of four training camps.
Training and education are most valuable when they can be leveraged in one’s career. With this in mind, USCC is adding an important next step to its model. CyberCompEx.org will serve as an online community of cyber experts that agency hiring managers can tap to fill mission-critical positions. The site will also act as a central, secure archive for resumes and interactions between experts and prospective federal employers.
Engagement and Recruitment
Even with organizations like the NICCS and USCC helping to educate and train new cyber talent, federal agencies are particularly challenged when it comes to engaging and recruiting IT security experts. These individuals are highly sought after across both the public and private sectors, and they are usually well-employed. While they are less likely to be actively responding to federal job postings, it doesn’t mean these professionals are not open to new employment opportunities, especially with a national security mission. In order to identify and attract these cyber pros, the national security community needs to consider a more proactive approach.
Today’s top tech talent distributes enormous amounts of professional activity and intellectual capital online. That is where recruiters need to focus their time, whether it’s engaging with candidates on popular social sites or evaluating expertise based on existing thought leadership. Additionally, sophisticated applicant search technologies, which already power private sector hiring initiatives, can help federal recruiters quickly analyze high volumes of online data to uncover the best cyber talent for current and future requirements – making recruiting efforts more targeted and prioritized.
The Path Forward
Arming our national security community with top cyber security talent is critical to strengthening and protecting our nation. Federal human capital leaders can ensure they have the right cyber talent by providing the education and training resources that current and future cyber professionals need and proactively engaging and recruiting cyber professionals where they spend their time online. Attracting the best of the cyber talent pool will help the national security community evolve into one of the most prestigious places to work for this group of highly skilled professionals.
Susan Fallon is vice president for Global Strategy and Business Development, Monster Government Solutions.