recommended reading

Senate Defense Bill Mulls Bonuses for Cyber Pros

Steven T Howes/

Current and aspiring Defense Department personnel with cyber skills could see a boost in pay under a Senate 2015 defense policy bill that lawmakers detailed on Friday.

Defense is up against the private sector’s lucrative salaries as it endeavors to boost cyber mission forces. Pentagon Secretary Chuck Hagel recently said these forces, expected to include 1,800 personnel by year's end, should number 6,000 professionals in 2016. 

The Senate Armed Services Committee on Thursday approved a measure that directs each military service to determine “whether recruiting, retention, and assignment of service members with cyber skills requires bonuses or special and incentive pays,” according to the new details. The services would have to report their decisions to Congress by Jan. 31, 2015.

The policy bill, called the National Defense Authorization Act, also directs the services to consider if the cyber battleground warrants new career fields. The question is whether to create names for officer and enlisted specialties that are separate from the existing "communications, signals, and intelligence" specialties.

A more general provision acknowledges that the Pentagon’s civilian cyber pros deserve better salaries too. It states the Senate feels that “enhanced personnel authorities" are needed for “hiring, compensating and promoting civilian personnel” who support Cyber Command. The command supervises military cyber strikes and defensive operations departmentwide.

Under the bill, the military also would evaluate whether to institute a new job rotation program for Defense’s civilian cyber workforce.

The program would assign or detail the department’s civilian cyber personnel to other military components or to civilian positions in the cyber mission forces. The Defense secretary would have to issue a report on whether such rotations "would enhance the professional development and career progression of the civilian employees." 

It is unknown when the full Senate will vote on the legislation.  The House version of the defense bill, approved on Thursday, does not include any of these personnel provisions. The two chambers will have to reconcile differences and then produce a final version. 

Civilian agencies are at an even greater financial disadvantage in competing with industry to hire scarce cyber talent.

A different Senate committee on Wednesday passed legislation that would empower the Homeland Security Department to pay DHS cyber hires as much as Pentagon information security pros.

(Image via Steven T Howes/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.