Growing a Stronger Federal Cyber Workforce

Today, the U.S. government suffers from a significant shortage in its cyber workforce. Currently more than one in three public-sector cyber jobs sits open. Filling these roles has been a persistent and intractable problem over the past decade, in large part due to a lack of coordination and leadership. The Commission produced a number of policy recommendations to address this challenge and, in this white paper, hopes to further strengthen those recommendations and reemphasize the criticality of the cyber workforce challenge. The fundamental purpose of this paper is to outline the elements required for a coherent strategy that enables substantive and coordinated investment in cyber workforce development and calls for a sustained investment in that strategy.

This paper lays out five elements to guide development of a federal cyber workforce strategy:

• 1. Organize: Federal departments and agencies must have flexible tools for organizing and managing their workforce that can adapt to each organization’s individual mission while also providing coherence across the entirety of the federal government. To appropriately organize the federal cyber workforce, the CSC recommends properly identifying and utilizing cyber-specific occupational classifications to allow more tailored workforce policies, building a federal cyber service to provide clear and agile hiring authorities and other personnel management tools, and establishing coordination structures to provide clear leadership for federal workforce development efforts.

  2. Recruit: Federal leaders must focus on the programs that make public service an attractive prospect to talented individuals. In many ways, the federal government’s greatest tool for recruitment is the mission and unique learning opportunities inherent in federal work. To capitalize on these advantages, the government should invest in existing programs such as CyberCorps: Scholarship for Service and the Centers of Academic Excellence, while also working to mitigate recruitment barriers that stem from the personnel security clearance process.

  3. Develop: The federal government, like all cyber employers, cannot expect every new employee to have hands-on experience, a four-year degree, and a list of industry certifications. Rather, the federal government will be stronger if it draws from a broad array of educational backgrounds and creates opportunities for employees to gain knowledge and experience as they work. This effort will call for many innovative approaches, among which the Commission particularly recommends apprenticeship programs and upskilling opportunities to support cyber employee development.

  4. Retain: Federal leaders should take a nuanced view of retention, recognizing that enabling talent to move flexibly between the public and private sectors enables a stronger cyber workforce overall. However, federal employers can take steps to encourage their employees to increase the time they spend in public service. Improving pay flexibility is a major consideration, but continuing the development of career pathways and providing interesting career development opportunities like rotational and exchange programs also can be critical. Of particular note, federal employers can increase retention of underrepresented groups through the removal of inequities and barriers to advancement in the workplace.

  5. Stimulate growth: The federal government cannot simply recruit a larger share of the existing national talent pool. Rather, leaders must take steps to grow the talent pool itself in order to increase the numbers of those available for federal jobs. To promote growth of the talent pool nationwide, the federal government must first coordinate government efforts working toward this goal. Executive branch and congressional leaders should also invest in measures to promote diversity across the national workforce and incentivize research to provide a greater empirical understanding of cyber workforce dynamics. Finally, federal leaders must work to increase the military cyber workforce, which has a significant impact on the national cyber workforce because it serves as both a source and an employer of cyber talent.