ACT-IAC Cybersecurity Innovation Initiative Search Ideas

Talented students, particularly many female and minority students are unaware of the career opportunities available to them in cybersecurity. The government and CISO/CIO partner organizations can help colleges and universities grow the talent pool for qualified cybersecurity professionals by creating and publicizing internship opportunities for students. Presently most internships in cybersecurity recruit junior and... more »

A document describing Best Practices for Attracting, Finding, Hiring and Retaining Cybersecurity Talent is attached

The first step in tackling the cybersecurity talent search is in develop a better understanding of the competencies required for effective, and proactive, cyberdefense and intrusion response. With the rapid change in technologies and tactics for exploitation and intrusion, defining the required talent is a tall order. As such, new approaches for rapid creation, expansion or tailoring of job series will be needed so... more »

For a number of years the government has been looking for CIO with a business background and not a technical background. This has placed a number of government CIO into jobs that they have the business background to understand the business process of the organization, however many do not have the background or understanding of the technical knowledge and skills needed to address problems, concerns and issues related... more »

I like the idea of cybersecurity interns next summer , but I couldn't figure out how to comment on it. I think the government needs to realize that there are big bucks to be made in the private sector if you are really good at this, and so they can't expect people to stay in Government. The Government should be prepared to depend on private sector contractors, who can do this work well. However, experience in other... more »

Spur renewed interest in both education and training channels that increase STEM talent in the U.S. Motivation originates from both increased funding and availability of relevant coursework and from concerted marketing to create an ethos and national goal equivalent to the objective of landing a man on the moon.

• To acquire and retain top caliber cybersecurity talent, pay structures must be established that are aligned to market pay, and specifically to information/computer security. Given the wide range of pay for the broad levels of talent in the market, multiple, tiered pay structures could be created that would be competitively responsive to the range of pay, defined by the talent (i.e. skills, education and performance),... more »

• To acquire and retain top caliber cybersecurity talent, pay structures must be established that are aligned to market pay, and specifically to information/computer security. Given the wide range of pay for the broad levels of talent in the market, multiple, tiered pay structures could be created that would be competitively responsive to the range of pay, defined by the talent (i.e. skills, education and performance),... more »

• Federal agencies, especially those with a more clearly evident information/computer security (cybersecurity) mission should identify and prioritize those areas that are of the greatest criticality, relative to cybersecurity talent – and substantive and affirmative investments should occur in those areas, even if detrimental to other lower priority areas.

• More aggressively leverage non-traditional channels for cybersecurity candidates (military, technical schools, associate degree programs, high school, etc.), where candidates can still be shown to meet job relevant requirements, as non-traditional education sources continue to rise in prominence/predominance now, and in the future.

Actively and selectively manage the availability of training opportunities which correlate to new and/or increased levels of required skills in cybersecurity, even if detrimental to other lower priority areas.

Information/computer security (cybersecurity) services for which the United States Government (USG) contracts out for services, and which represent an enduring, long-term function, should be assessed for whether greater cost-effectiveness and capability would be better realized if the USG were to assume the performance of that function.

Organizations can use assessments measuring the knowledge, skills, abilities, and personal characteristics required for successful performance in cybersecurity jobs, to ensure they hire qualified job candidates; make job placement decisions based on a candidate’s interest in the job and their ability to perform on the job, and/or provide trainings that address a candidate’s specific developmental needs

Getting the highest return on investments in superior talent will require investing in creating and sustaining superior working conditions to ensure the best use of that talent. Accordingly, the creation of the work environment that allow government to optimally organize and manage the cybersecurity work and the talent that will perform that work, requires that government develop a taxonomy of cybersecurity functions... more »

Additional assistance can be provided through outreach initiatives that generate interest in this career field far before individuals are ready to seek employment. Providing training and certification in cyber tools and sponsoring cyber competitions, in addition to cyber ‘camps’ for students at the middle and high school level, are great ways to engage youth in this discipline and can connect the dots between success... more »