The entire Federal government is feeling the pains of cyber workforce shortages.
But the Department of Homeland Security (DHS), which is tasked with protecting national security without the cool factor of the FBI and National Security Agency (NSA), hurts more than most, according to testimony at a House Homeland Security Committee hearing on Sept. 7.
“Within the Federal government, we need to promote recruitment and retention programs, particularly at DHS, which has lagged behind other cyber-focused Federal agencies like NSA and FBI,“ said Rep. Cedric Richmond, D-La. “For some time now, experts have predicted that the demand for cybersecurity professionals was quickly outpacing our supply. Recent estimates suggest that the deficit is growing instead of shrinking, and may reach 1.8 million by 2022.”
According to Frederick R. Chang, executive director of the Darwin Deason Institute for Cyber Security at Southern Methodist University, DHS and other agencies should adopt the practices of large tech companies: using past cyber students to recruit their younger classmates and hiring big names that will pique recent graduates’ interest.
“If DHS, for example, were able to recruit a really big-name cyber professional that would be a little bit of a magnet for some other students,” said Chang.
Michael Papay, vice president and CISO at Northrop Grumman, said that the government should work to improve its process of getting employees in the door, as arduous hiring processes might turn away prospective cyber workers and members of industry wishing to help.
“We need to figure out ways to improve the clearance process to ensure that both the Federal government and the contractors have the cleared employees to do all the critical national security work that is required,” said Papay, who also advocated for increased information sharing within government and with industry to fill the gaps.
Witnesses also advocated for the continuation and expansion of programs that reach out to students through camps or scholarships.
“The NSA, DHS Centers of Academic Excellence, the DoD [Department of Defense], NSF [National Science Foundation] Cyber Scholarship programs have been good and useful programs and have helped to jump-start and bolster university cyber programs around the country,” said Chang.
“We should expand programs that are working today, such as the NSF CyberCorps [Scholarship] for Service program, which manages to retain an impressive 80 percent of its graduates as workers for the Federal government,” agreed Scott Montgomery, vice president and chief technical strategist at McAfee. “We should also consider expanding its program to focus on community colleges.”
However, according to Richmond, DHS’s cyber problem also stems from a lack of adequate leadership within the department.
“We know that the Federal government and DHS in particular is struggling to compete with the private sector for cyber talent,” said Richmond. “What’s more, this administration has failed to fill even the most critical senior-level cybersecurity posts, asking agencies like DHS’s National Programs Protection Directorate to carry out broad, complex cybersecurity missions without a permanent undersecretary. This lack of leadership makes us vulnerable.”
“America will remain the world superpower only so long as it remains the world cybersecurity superpower,” said Rep. John Ratcliffe, R-Texas.