You wouldn't consider someone an information technology expert who had never heard of the Internet. Yet the job descriptions for some of the federal government's cybersecurity jobs haven't been updated since 1988 - before the Internet transformed how we think about technology. Staying abreast of changing times and technologies is essential in many fields, but in the realm of cybersecurity it is a necessity.
So a recent report by the Partnership for Public Service, a group that promotes government service, and consultant Booz Allen Hamilton that the federal government is having trouble finding and attracting a talented cyber-security workforce is worrisome. Among other findings, the survey noted that only 40 percent of hiring managers were satisfied or very satisfied with the number of qualified applicants for information security positions and that 77 percent were dissatisfied with the time it took to hire someone.
The source of this problem is twofold: a broken federal hiring process that makes it difficult for agencies to attract and retain the talent they need, and a nationwide deficit of people who possess necessary information technology skills.
Finding the right people poses a challenge. Since many cybersecurity employees must be U.S. citizens to obtain security clearance, the paucity of Americans with expertise in math, science and computer technology poses a risk. Scholarship for Service programs run by the Department of Homeland Security, the Office of Personnel Management and the National Science Foundation have helped to create a pipeline of talent, providing tuition payment for students who agree to spend time working in federal information security after graduation. But there are not enough of them.
The scholarship programs must be beefed up, and more American students should be encouraged to develop proficiency in math, science and technology. Meanwhile, the government needs to do its part by fixing a hiring system that often scares away qualified candidates. The problem of cyberattacks is an immediate one, and it won't go away. We need a cyberworkforce capable of addressing it.