recommended reading

These Perks Could Entice Hackers to Work for CYBERCOM. But does HR Know About Them?

scyther5/Shutterstock.com

Lawmakers have approved some sweet pay packages in hopes of enticing hackers to join the ranks of the U.S. military. But congressional researchers say human resources staff are unaware of the new incentives.

Now, the Senate Armed Services Committee is considering additional legislation to mandate that HR employees staffing the 6,200-person force be instructed on how to make a deal.

In November, Obama signed a 2016 defense authorization bill providing, among other things, "additional compensation, incentives and allowances" to fill Cyber Command job openings related to cyber operations and spots elsewhere in the military that support the entity. In addition to permitting pay flexibility, the law fast-tracks hiring.

The “Cyber Command Employment Personnel Training Act,” introduced earlier this month by Sen. Mike Rounds, R-S.D., aims to ensure employees involved in hiring cyber talent know the enticements they can extend to compete with companies dangling six-figure salaries in front of young candidates, an aide for the senator told Nextgov in an interview.  

For a year, Pentagon officials have said the CYBERCOM workforce is half full. The command had aimed to operate 133 "Cyber Mission Force Teams" at initial operating capacity across the branches by this year. The goal has been to reach full operational capacity by 2018.

One set of teams assaults adversary networks. Most of the others protect U.S. military data systems and others, when directed by the president, will quash cyberattacks headed for the states.

Rounds crafted the legislation after learning of cyber workforce issues from staff at the Congressional Research Service, a legislative branch agency sometimes called Congress' brain.

The laws on CYBERCOM recruitment and retention "do not include provisions to require human resources staff to receive training on the availability, structure and operation of cybersecurity hiring and pay flexibilities," research agency analysts Kathryn A. Francis and Wendy Ginsberg said in a Jan. 8 report. "Training might allow staff to better understand when and how to use the flexibilities."

The measure to require cyber HR education, introduced Feb. 2, is expected to be inserted into the Senate Armed Services Committee version of the 2017 defense bill, said the aide for Rounds, whose constituents include students at the National Security Agency-accredited Dakota State University center of academic excellence.

The cyber personnel inducements were modeled after those long extended to Pentagon intelligence staff and are similar to perks Congress offered in 2014 to Department of Homeland Security cyber pros, according to an explanatory report accompanying the existing legislation.

Enhanced compensation packages in the military currently include, for example, cash bonuses based on performance and relocation incentives.

It is unclear what kinds of incentives HR personnel currently are offering information security specialists or if the CYBERCOM workforce has surpassed the midway point.

When contacted by Nextgov, a Defense spokeswoman declined to answer specific questions but pointed to remarks made by Defense Secretary Ash Carter at the Harvard Institute of Politics, where he said one allure of military service he would like to promote is the flexibility of the entire career trajectory.

"I want people who can come in and out," said Carter, a former Harvard Kennedy School professor. "Likewise, for our people who are in, I want them to have the opportunity to go out and get an education, or to serve in a company for a time, to see what the rest of the world is like. Because the government is important, but it can be isolating. And so, you want to get out and see how the rest of the world is doing things. That'll refresh our organization, that'll enliven our organization."

The Pentagon’s fiscal 2016 budget sought $500 million for CYBERCOM military personnel. Next year's CYBERCOM-specific funding proposal has not been released publicly yet. The top line figure for 2017 Pentagon cybersecurity spending is $7 billion.

An internal watchdog has suggested resource constraints are hampering the buildup of hacker troops.

DOD's Office of the Inspector General has published multiple classified audits on the Cyber Mission Force Teams. The title of one of the audits dated Nov. 24 is "Cyber Mission Force Teams Need Resources to Perform Missions."

Prior to that, the office published a title dated April 30, "U.S. Cyber Command and Military Services Need to Reassess Processes for fielding Cyber Mission Force Teams."

On Tuesday, The New York Times revealed the Obama administration scuttled a plan to use the cyberstrike force in Iran. CYBERCOM would have executed an attack to help disable parts of Iran's power grid, air defenses and communications systems, had a multilateral nuclear deal not been reached last summer, according to the Times.

(Image via /Shutterstock.com)

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.