DHS must improve cybersecurity professional recruitment, career path
The Homeland Security Department must make far-reaching improvements to its recruitment and retention of cybersecurity professionals, a department-commissioned task force says.
In a report (.pdf) released earlier this month, the Homeland Security Advisory Council's task force on cyberskills says DHS needs at least 600 civil servants with technical cybersecurity skills capable of handling mission-critical tasks. In the near term, DHS should utilize direct hire authority to bring them on board, the task force says.
One reason among many for the lack of civil servant cybersecurity technical experts cited in the report is that the department has used contractors "for many of the 'cool' hands-on jobs" such as penetration testing and reverse engineering.
"This is an urgent problem," the task force says. In the longer term, DHS could make itself a more enticing place to work for cybersecurity professionals by emphasizing the coolness of its jobs, it adds.
Other recommendations are to "radically expand the pipeline" of job candidates by establishing partnerships with community colleges. Specifically, DHS should establish 10 pilot programs modeled on military education programs. Four-year degrees or graduate degrees may be of value in preparing people for cybersecurity jobs, the report says, but currently about a quarter of active cybersecurity professionals lack any college degree and many of the people performing advanced cybersecurity tasks simply learned their skills on the job.
Standards for the community college programs will have to be high, the task force says, and deliver practical, hands-on training.
Within the department, DHS will have to develop clearer career paths with opportunities for upward development and promulgate authoritative definitions of mission-critical tasks. "In other words, the concept of 'careers, not jobs.'"
In addition, the task force recommends that DHS establish a "CyberReserve" of professionals it could call on "if and when the nation needs them."
Members of the reserve would come from departmental alumni and other experts outside of governments. The concept of a reserve force needs additional fleshing out, the report says, recommending that DHS establish a new working group to examine questions such as under what circumstances the reserve would be activated, how call-up would work, and how to address conflict of interest in reservists.
- download the report, "Cyberskills Task Force Report Fall 2012" (.pdf)
Napolitano announces DHS cyber workforce development effort
NICE releases cybersecurity workforce taxonomy
Federal agencies struggle to define their cybersecurity workforce, finds GAO