Bill Would Require Agencies to Keep Track of ‘Critical’ Cyber Workforce Shortages

Sen. Rob Portman, R-Ohio

Sen. Rob Portman, R-Ohio AP Photo

The Federal Cybersecurity Workforce Assessment Act would require agencies to use a cyber-jobs framework developed by the National Initiative for Cybersecurity Education.

A new bipartisan Senate bill aims to accelerate the federal government’s recruitment of cybersecurity experts by mandating the use of a previously voluntary classification system to identify “critical” shortages in the ranks of the federal government’s cyber workforce.

The Federal Cybersecurity Workforce Assessment Act, introduced by Sens. Michael Bennet, D-Colo., and Rob Portman, R-Ohio, earlier this month, would require agencies to use a cyber-jobs framework developed by the National Initiative for Cybersecurity Education to tally up their slate of cyber workers and report annually on workforce gaps.

Introduced Aug. 6, the bill tasks the Office of Personnel Management and the Office of the Director of National Intelligence with implementing the new classification system and identifying all civilian cyber jobs in the federal government. Officials at the Defense Department would be tasked with undertaking a similar count of military cyber employees.

The bill would also require agency heads to report to OPM annually on shortages of cyber experts deemed “critical,” which would help speed the stagnant federal hiring process.

Efforts to compile a full roster of government cyber employees have long been hindered by the lack of a single job category or description that encompasses all cyber work.

The Obama administration began trying to get a better picture better of the government’s cyber workforce in 2013, directing agencies to begin collecting and recoding federal job descriptions to match one of the broad categories of cyber skills and specialties spelled out in the NICE framework. The framework was developed by the National Institute of Standards and Technology and the Department of Homeland Security.

A “preliminary analysis” of the agency-supplied data completed in January indicated federal cyber workers hail from more than 100 different job categories across government. Still, the full data set is not public and the time frame for crunching all the data isn’t until 2016.

It's no secret the federal government has struggled to recruit and maintain a top-flight cyber workforce.

In April, the nonprofit Partnership for Public Service issued a report on the matter laying the blame, in part, on the arcane federal hiring process, rigid pay scales that don’t keep up with the private sector and the lack of a governmentwide “master strategy” for dealing with the problem.

The Bennet-Portman bill has been referred to the Senate Homeland Security and Governmental Affairs Committee.