The evolution of the cyber attacker’s techniques, skills and tools has far exceeded the pace of the cyber defender’s. Throughout the public and private sector, from federal agencies to health insurance providers, emerging threats continue to wreak havoc on enterprise networks, applications and data. Incident response teams must move faster, but the tools they’ve been given to do the job aren’t fast enough in detecting,... more »
6. Solving the Talent Search
How can government tackle the cybersecurity talent search in a way that strengthens skills, experience, and knowledge both within government CISO/CIO and partner organizations and externally from contracted services?
Endorse existing ideas by voting for them. YOU MUST BE LOGGED ON TO VOTE.
1. Eliminate “paper tiger” credential requirements. Focus instead on competence.
a. Integrate experience with price; lowest price technically acceptable should not apply in this arena.
Most cybersecurity professionals love cutting-edge technology, casual work environments, and creative mindsets. These unique tendencies help them excel under the constantly changing cyber environment but sometimes their work preferences differentiate them from other workers in terms of (1) work environment (2) work preferences, and (3) career paths. Recruiting, developing, and retaining this unique workforce requires... more »
Demand for skilled professionals currently outweighs supply and the growing sophistication of cyber adversaries coupled with our progressively inter-networked enterprises will cause demand to continue to increase. Effective technology solutions are needed to protect infrastructure and automation can help humans to do what they do best: analyze, understand, anticipate and respond to security incidents. But technology is... more »
Create an elite CyberSec Reserve Corps that have passed necessary screening that can be used by government on challenging security projects. Do same for College grads; recruit them to be part of this group with return of visibility, rich career enhancing assignments, college loan repayment
Attract high and college grads with more aggressive recruiting that accepts more than USAJOBs applications; utilize on-line reach-out for potential candidates of interest, encourage games that attract students
Look for talent in other parts of the organization that could be used by cybersec shops w/o having to hire: risk management skills, analytical skills, cost/benefit analyses. Retool as needed for cyber roles
Provide cyber internships to develop and enhance cyber skills and interest in the government
response to Questions 6) How can government tackle the cybersecurity talent search in a way that strengthens skills, experience, and knowledge, both within government CISO/CIO and partner organizations and externally from contracted services?
Reports and articles keep surfacing on the issue of lacking cybersecurity talent in the federal government. Since 2010, little improvement has been seen regarding increased knowledge, skills, and abilities among the federal cybersecurity workforce. (Williams, 2015b).This can be attributed large to leadership failures across the agencies. Cybersecurity experts in the trenches, industrial organizational psychologists, and... more »
(Regular print are supported ITAPS recommendations in response to questions, flagged are expanded recommendations to more explicitly address questions, not directly addressed by ITAPS; participated in and collaborated with ITAPS OMB-OPM-NSC Task Force) How can government tackle the cybersecurity talent search in a way that strengthens skills, experience, and knowledge both within government CISO/CIO and partner organizations... more »
Given that such a small percentage of the US population is in technical fields, the majority of population is not even in the target group. It is important to consider more than just technical people or those who self opt in to the cyber field. Cyber is relevant to all jobs. However, the education and training aspect of cyber is not made relevant to other than cyber focused career fields. Those who work in a range of... more »
Additional assistance can be provided through outreach initiatives that generate interest in this career field far before individuals are ready to seek employment. Providing training and certification in cyber tools and sponsoring cyber competitions, in addition to cyber ‘camps’ for students at the middle and high school level, are great ways to engage youth in this discipline and can connect the dots between success... more »
Getting the highest return on investments in superior talent will require investing in creating and sustaining superior working conditions to ensure the best use of that talent. Accordingly, the creation of the work environment that allow government to optimally organize and manage the cybersecurity work and the talent that will perform that work, requires that government develop a taxonomy of cybersecurity functions... more »
Organizations can use assessments measuring the knowledge, skills, abilities, and personal characteristics required for successful performance in cybersecurity jobs, to ensure they hire qualified job candidates; make job placement decisions based on a candidate’s interest in the job and their ability to perform on the job, and/or provide trainings that address a candidate’s specific developmental needs