Survey: Federal CIOs Say Cyberattacks are on the Rise and They Can't Compete for Cyber Talent


But more than half of CIOs said it was difficult to compete for professionals with tech expertise, especially because of “limited compensation compared to the private sector."

Almost a third of chief information officers and other federal IT decision-makers say they've seen a significant increase in cyberattacks in the past year, a new survey shows.

About 28 percent of CIOs said they’ve seen a 51 to 100 percent increase in cyberattacks, according to a survey conducted by Professional Services Council trade group. The survey canvassed 67 CIOs. 

Though many CIOs reported increasing their cybersecurity spending, the growth wasn't proportional to the increased threat level, the report said. In fact, about 10 percent reported a decrease in cybersecurity spending, while 44 percent cited an increase of between 0 and 10 percent. 

More than half of CIOs said it was difficult to compete for jobseekers with tech expertise, especially because "[i]ssues about compensation caps...hinder government contractors’ ability to compete with the commercial cybersecurity market,"  the report stated. About 63 percent of CIOs said their agencies were “not at all” or “insufficiently” prepared for talent development needs, according to the survey.

"With constrained budgets, the majority of agencies face added pressure to hire from within, forcing employees to handle
increased workloads and unfamiliar tasks," the report said.

During a Tuesday panel discussing the findings, Commerce Department CIO Steve Cooper noted that there is a 25 percent vacancy rate in his office. Hiring millennials, he said, "is a major challenge." He said he believed the average age of the Commerce workforce is about 50 years old. 

The majority of CIOs surveyed -- 91 percent -- said they had adopted some type of "agile delivery techniques", especially because of that system's "emphasis on communication, demonstration, feedback, iteration and working software," the report stated. But only about 33 percent said agile was their "default methodology". 

Describing the hesitancy to adopt a more agile methodology, one respondent, unnamed in the survey report, said, "[w]e are concerned about innovation and moving into anything other than established business processes. Individuals fear failure and oversight organization (IG, Congress, GAO, etc.) repercussions.” 

About 84 percent of respondents said their data analytics systems were in the early stages of maturity — between 1 and 3 on a scale of 1 ("just started") to 5 ("very effective"), the report said. Forty-two percent said their organizations were in the second stage of maturity, while 32 percent were at the third.

Justice Department CIO Joe Klimavicz noted that the solution for IT problems isn't necessarily more legislation. (The Federal Information Technology Acquisition Reform Act, which Congress passed in December, aims to give federal CIOs more oversight of department and agency budgets.)

 “The CIO has the authorities right now to effectively manage these problems," Klimavicz said. The bigger challenge, he said, is "how do I go and take advantage of that service they've already got" in other agencies and departments.

(Image via Jirsak/