Stopping the Cybersecurity Brain Drain Calls for Outside the Box Thinking

valterZ/Shutterstock.com

Here are some non-traditional ways to fill those vacant positions.

The president’s new National Cyber Strategy calls for the development of a “superior cybersecurity workforce.” That might be easier said than done.

Historically, finding, nurturing and keeping skilled cybersecurity talent has been a significant challenge for government agencies. The government is often hamstrung by strict budgetary considerations and legacy technologies, and often cannot pay as well as the private sector.

There’s also the issue of supply and demand. A report by the Commerce and Homeland Security departments noted that there were an estimated 299,000 active openings for cybersecurity-related jobs as of August 2017. Unfortunately, there aren’t enough well-trained professionals to fill those positions.

The government is taking steps to address these challenges. The National Cyber Strategy offers specific recommendations for attracting and keeping top-tier cybersecurity talent, including providing greater financial compensation to better compete with the private sector. Meanwhile, the Office of Personnel Management has released guidance to help agencies identify their own cybersecurity skills gaps and steps they can take to fill those gaps.

But while these initiatives are welcome and necessary, more outside the box thinking is needed if the government is to compete for the best talent. Here are a few non-traditional ideas that could help agencies augment the efforts already underway to attract, hire and keep a stable of trained, skilled and happy cybersecurity professionals.

Create a Cybersecurity “National Guard”

The government has always been an attractive destination for students seeking financial aid or job skills, and the public sector has a well-earned reputation for training. That reputation could be used to create a cybersecurity National Guard. In exchange for a year or more of cybersecurity training, students would commit to the equivalent number of years of government cybersecurity work.

This initiative would solve some immediate challenges. It would provide government agencies with a homegrown workforce specifically trained to address cybersecurity threats against the U.S. It would also give agencies time to nurture and grow this workforce, thereby providing the government with more opportunity to keep employees from jumping ship to the private sector.

Retrain Professionals to Become Cybersecurity Experts

We hear a lot about workers being retrained in IT, but there is a great opportunity for the government to focus their efforts specifically on cybersecurity. There are many people across the country working in fields that are negatively impacted from globalization or making less than minimum wage willing to learn a new skill in a higher paying field, especially if the government is willing to invest in them. According to the Bureau of Labor Statistics, there are more than 80 million U.S. workers age 16 and older being paid hourly rates. The federal government could look at them and other lower income earners as a giant cybersecurity talent pool.

Location is less relevant than one might expect, since the only thing the workers would need is an internet connection and a willingness to learn. The government can look well beyond the Beltway for its next generation of cybersecurity talent and develop a skilled lineup of experts across America.

Automate Mundane Cybersecurity Tasks

No top of the line cybersecurity expert wants to spend their days just keeping the lights on. They want to feel a sense of purpose and proactively contribute to their agencies’ missions. Further, someone working on a sleep-inducing task is more likely to make mistakes, thereby exposing their organization to even greater risk.

Automated security systems can relieve workers of time-consuming and tedious tasks and increase employee productivity. They’ll spend less time patching systems and chasing down alerts and more time working truly making a difference by creating impactful security strategies and policies.

Remember: Transforming an agency’s culture and work environment is just as important as transforming its technology—perhaps even more so when it comes to attracting and keeping talent.

Centralize Cybersecurity Under One Agency

Under the National Cyber Strategy, Homeland Security will be responsible for overseeing “the development, management, and deployment of cybersecurity personnel across Federal departments and agencies with the exception of the DOD and IC.” This is significant, as it moves the government away from having each agency be responsible for its own cybersecurity workers.

But the government should consider centralizing all cybersecurity efforts under one roof, not just personnel management. Consider that the Housing and Urban Development Department needs a solid cybersecurity strategy, too, but that’s never going to be HUD’s central mission. Someone needs to take responsibility for HUD’s security programs—preferably an agency that is focused on and well-versed in cybersecurity. That could be Homeland Security, or it could be another organization. Placing the responsibility under one roof will help the government focus on training, hiring and keeping the best people as opposed to the most people to fill needs at every agency.

These ideas signify the type of creative thinking the government will need to attract and retain top-tier employees in a world that’s woefully short of cybersecurity talent. ISACA predicts a global shortage of two million cybersecurity experts by 2019. The private sector will be fighting for whoever is out there. The government needs to pull out all the stops to have a chance in that fight.

Eric Trexler is vice president of global governments and critical infrastructure at Forcepoint.

NEXT STORY: Software Development Is Dead

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.