The federal government’s biggest challenge in defending its civilian, military and intelligence networks from hackers isn’t technology, it’s people.
And nearing the 100-day mark of the Trump presidency, the new administration’s cybersecurity policies may be hindering the government’s cyber posture rather than helping it, according to research from Virginia-based data and analytics firm Govini.
The Govini report suggests the new administration’s focus on reducing the federal workforce exacerbates the federal government’s existing shortage of qualified cybersecurity talent. President Trump’s hiring freeze, which puzzled some cyber experts, has ended but top White House officials have said most agencies will see reductions in overall workforce sizes.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
“The biggest gap is human capital,” said Arun Sankaran, managing director at Govini, in an interview with Nextgov. “It’s interesting that you have a hiring freeze and a desire to reduce headcount, but I think the premium cyber talent [the government] wants won’t grow organically in government. You have to rely on contractors.”
Even agencies with sought-after cyber positions like the National Security Agency struggle to fill openings.
Support services—the category through which agencies pay for cybersecurity contractors—make up “the largest cyber spending category across federal agencies,” or 56 percent of all cybersecurity spending, according to Govini.
In 2016, the federal government spent more than $8 billion on cybersecurity. While the new administration’s skinny budget is light on exact cybersecurity spending figures, it boosts the budgets of the both the largest cyber spender (the Defense Department) by $50 billion and the largest civilian cyber agency (the Department of Homeland Security) by $2.8 billion.
In other words, defense and cybersecurity contractors could be relied upon more than ever to protect federal networks, making it a very secure market.
“The immediate challenge is the shortage of skilled cyber experts in Federal government which means that support services in cybersecurity will remain secure despite the current rhetoric,” the report stated.
That is welcome news to both IT firms and defense contractors that often compete against each other for contracts. Defense integrators like Northrop Grumman and General Dynamics and traditional IT firms like HP and IBM share a common link, Govini said, and it is that they “primarily offer services to augment government cybersecurity personnel.”
“Cyber is one of those areas where growth is going to be pervasive,” Sankaran said.