Skip to main content
close search
site logo
Dive Brief

Federal agencies lack insight into cybersecurity workforce needs

Published June 18, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter

Dive Brief:

  • There is a weak supply of cybersecurity experts across federal agencies, according the Government Accountability Office's (GAO) report on agencies' cybersecurity workforce. Agencies are struggling to define what existing talent they have and what specific roles they need in the future. The level of uncertainty creates an "increased risk" for cybersecurity, according to the report.

  • The Office of Personnel Management asked agencies for cybersecurity coding procedures, which establish the details and identity of each role. Twenty-three agencies were able to establish the codes but nine did so nearly year after the deadline. OPM was looking to identify positions that are vacant or struggling in cybersecurity.

  • Some agencies failed to submit workforce assessments to OPM, including the number of employees without professional certifications and and mitigation for "gaps," according to the report. The Departments of Homeland Security, Housing and Urban Development and the Small Business Administration were the three agencies that did not submit their assessments.

Dive Insight:

OPM is responsible for assessing the state of the federal government's cybersecurity workforce and yet the agency missed its deadline by about five months. The delay was in part because OPM didn't work with the National Institute of Standards and Technology (NIST) to lock down a draft of the NICE Cybersecurity Workforce Framework.

The framework was written by NIST, the Department of Defense and DHS in November 2016, and its intentions were to aid federal agencies in better understanding the extent and need of job vacancies.

Government Accountability Office
 

It includes categorization for someone to perform test and evaluation, systems development, language analysis, digital forensics and legal advice and advocacy. This way agencies can more strategically fill roles rather than just aimlessly looking for broader cyber talent.

DHS failed to submit its workforce audit because its Office of the Chief Human Capital Officer lacked the ability to secure "consolidated reports on employee certifications from all DHS components," according to the report. 

The DHS and DOD may be the most important agencies when it comes to national cybersecurity. It was the DHS that issued a demand for all federal agencies to cease the use of Kaspersky software to protect critical data and infrastructures from potential Russian actors.

Many of the government's protocols in securing best IT practices and management should be done in the private sector. Conducting an inventory of the talent within an organization's IT and security departments could help showcase the level of skills or where there are needs for improvements.

Recommended Reading

Filed Under: Leadership

Editors' picks

Company Announcements

View all | Post a press release
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
Unanet Acquires GovPro AI to Enable Customers to Win More Business
From Unanet
November 22, 2024
Revenera Monetization Monitor 2025: Product Usage Insights Drive Better Roadmaps
From Revenera
November 25, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Editors' picks
Latest in Leadership
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell