There is a shortage of qualified security workers available across the public and private sectors, and there is now a movement afoot to boost the cyber talent level.
To that end the Trump administration took a step Thursday in its effort to recruit, reskill and develop cybersecurity talent across the federal government and private sector with a series of new interagency initiatives.
President Donald Trump signed a cybersecurity workforce executive order, which is designed to facilitate a more flexible, seamless flow of talent in and around federal agencies and the private sector.
The EO calls on the Department of Homeland Security to create a cybersecurity rotational assignment program within the federal workforce.
The DHS Secretary, along with the directors of the Office of Personnel Management and Office of Management and Budget, will design the new program, which will detail IT and cyber professionals from other agencies to the Department of Homeland Security, and vice versa.
The cyber rotational assignment program is non-reimbursable, according to the EO, but the Trump administration is exploring ways it can offer more lucrative pay and incentives to attract new talent to these positions.
Under their own authorities, the Defense Department and DHS have the ability to offer unique incentives to recruit and retain cybersecurity talent. DHS is also nearly finished with its own cybersecurity personnel system.
The National Institute of Standards and Technology’s (NIST) National Initiative for Cybersecurity Education (NICE) framework will define and serve as the basis for the skills requirements needed to participate in the rotational program.
The General Services Administration should incorporate the NICE framework into IT and cybersecurity contract language, according to the EO.
In addition, the cyber workforce EO tasks OPM, DHS and the Commerce Department to identify a list of possible cybersecurity aptitude tests for agencies to use in identifying employees who have the potential to participate in reskilling programs.
“It’s great to see that the current administration recognizes both the importance of cybersecurity and the shortage of qualified practitioners,” said Dan Tuchler, CMO at SecurityFirst. “Our customers, in both the private sector and in government, are challenged to meet ever increasing threats to data security, while on a constrained budget. They need workers with the right skills to combat these threats. This executive order emphasizes that the administration intends to take cyber threats seriously, to maintain national security.”
“This has been long overdue. The level of hacking against the U.S. has created an extraordinary threat to the national security targeting our businesses, infrastructure, stealing trade secrets, and meddling our election, challenging our democracy and freedom,” said Pravin Kothari, founder and chief executive of CipherCloud. “This is a defensive step in protecting America by addressing a key aspect of cybersecurity – workforce – with education and preparedness.
“It’s a step in the right direction, but more needs to be done, and will require major funding and continuous investment for 5 to 10 years that may span over multiple administrations before we can see results. While this Executive Order is a step in the right direction and further affirms the reality of cybersecurity as a widespread issue that touches every person and every industry, this just represents a down payment in the protection of our nation’s cyber infrastructure.”