Boosting Cyber Skills

My colleague Jill Aitoro wrote on Friday about a forthcoming draft report that details ways to expand the qualified pool of job candidates for federal cybersecurity jobs. The report, to be released by the Commission on Cybersecurity for the 44th Presidency, will include a set of recommendations to ensure federal employees and contractors receive the ongoing training necessary to ensure computer networks and systems are protected.

Karen Evans, a member of the commission and former administrator of e-government and information technology at the Office of Management and Budget, said on Thursday that the report will recommend that the Obama administration define a core set of skills cybersecurity workers must possess and should extend training to include network operators and developers. The commission also will recommend that the government create a certifying body to develop standards to test cybersecurity skills and create career paths based upon those certifications.

Still, some critics argue that it's not the government's job to create certification requirements, noting that such requirements make it even more difficult to hire and retain talent.

Last July, the Partnership for Public Service released a report that revealed four challenges that threaten the quality of the federal cybersecurity workforce: a pipeline of new talent that is inadequate, fragmented governance and uncoordinated leadership that hinders the ability to meet federal cybersecurity workforce needs, complicated processes and rules that hamper recruitment and retention efforts, and a disconnect between front-line hiring managers and government's human resources specialists.

Is adding more training and certification requirements the key to recruiting, retaining and training up a new cadre of cybersecurity workers? Or would introducing such requirements simply add more red tape to the government's ability to recruit and retain cybersecurity skills, which already are in short supply?