To close the cyber workforce gap, the Department of Homeland Security (DHS) seems to follow the advice of Robin Williams in The Dead Poet Society recognizing that “just when you think you know something, you have to look at it in a different way.” While the majority of the government views acquiring and maintaining cyber talent as a zero sum employment game between industry and government, DHS is taking a more comprehensive view of managing...
To close the cyber workforce gap, the Department of Homeland Security (DHS) seems to follow the advice of Robin Williams in The Dead Poet Society recognizing that “just when you think you know something, you have to look at it in a different way.” While the majority of the government views acquiring and maintaining cyber talent as a zero sum employment game between industry and government, DHS is taking a more comprehensive view of managing talent by recognizing and rectifying systemic self-sabotaging practices and self-imposed barriers to recruiting and retaining talent that plague all government agencies.
The National Cybersecurity and Communications Integration Center (NCCIC) within DHS recognizes that the cyber talent gap is a two-headed monster: recruitment and retention go hand-in-hand with talent development as the glue.
The NCCIC is working to improve the perception of being an ideal place to work where employees can develop their cyber skills. During the Washington Cyber Roundtable’s November event, the NCCIC shared how by creating and implementing a new talent management program they are succeeding in recruiting and retaining top cyber talent.
With the semi-frequent shutdowns and the recent announcement from President Donald Trump that federal employees may not receive a pay raise in 2019, it will be more challenging for government recruiters to attract top talent. However, by following NCCIC’s lead and modernizing existing practices other departments can also overcome these obstacles.
The government wide hiring processes that emphasize hiring from within an agency or filtering resumes through the USA Jobs algorithms are outdated practices that prevents skilled individuals from entering into vacant government job. Instead, the key to successful recruiting is to recognize early in the process that skillset is not the only component that matters, but also personality and work preferences.
Rather than casting a wide external net to recruit talent, a smarter approach is to accept that an individual with cyber skills is different. Within the government each agency and department has its own culture that may not be suitable for everyone. One size does not fit all—and what works in industry may not translate to government service. As a younger department, DHS is typically a better environment for cyber individuals with an entrepreneurial attitude who thrive in unstructured environments. This type of individual would be most likely unhappy working at a highly structured and traditional organization. Delivering this messaging during recruiting and focusing on the individuals in the workforce instead of the broader target group has led to success for NCCIC.
Ultimately, government agencies need to sell their culture during recruitment so the right people are attracted to the right jobs. Yes, it may be a more traditional job environment than at Amazon or Google, but that will appeal to the appropriate people.
To then manage and retain cyber individuals requires developing softs skills and maintaining technical skills. In the NCCIC, with the direct support of leadership, cyber teams are strengthened through the development of emotional connections and using humor through simple tactics such as stickers and memes. Technical abilities are futile if a team is incapable of communicating. By placing an emphasis on cultivating the soft skills of technically savvy cyber warriors teams are more successful in accomplishing the mission.
Because continuous training is essential to ensure employee satisfaction, productivity and retention, trainers need to report directly to the C-suite so financial needs are met and talent development is made a priority. Without this direct line of communication training time is the first line item cut when budgets are decreased. Overtime this erodes an organization’s culture and mission success.
Government leaders would be wise to follow the advice in Elaine Biech’s recently released book, ATD’s Guide to Talent Development: How to Launch, Leverage, and Lead your Organization’s Talent Development Effort, which is based on the concept that talent development professionals need to become trusted advisors to the C-suite for training to positively impact culture.
Beich, an industry leader in organization transformation, breaks the solution equation into two parts:
(2) Help managers, supervisors, and leaders be able to train and develop their people.
Beich makes a strong case for talent development professionals to coach managers, provide job aids, and demonstrate what techniques will work to help organizations mature and be successful.
When training is available, it should be thoughtful and up-to-date with industry innovations. Relying on a one-size fit all approach, unless it is strictly for distributing information, is insufficient.
According to Beich, “we are heading toward a time when content is personally curated and learning is individually customized and available on-demand to each employee.”
Effective training plans do not need to be a complex. Among other initiatives, the NCCIC is creating short, three-to-nine minute videos for the cyber workforce on culture. Content will answer questions based on the employees’ predetermined strengths and development areas. This modern approach to training is directly contributing to the organization’s culture, which is the main thread of successful recruitment and retention.
The most immediate way to fill the government’s cyber workforce gap is to train veterans and information technology professionals already working in the government through a modern and individualized approach. The key difference between an IT professional and a cybersecurity professional is their understanding of the adversary, what they are doing and why it is important. Many IT professionals are unaware they already execute cybersecurity work because they have not made the connection to their organization’s mission and goals. These individuals have the skills the government needs; they need only to adjust to the right mindset.
Efforts like increasing STEM education to close the cyber workforce gap in the long run should be continued, but will not yield results quickly enough to aid the government in protecting our nation from the adversaries of today.
To recruit and retain the cyber warriors the government needs leadership to expand focus and place greater emphasis on the underlying currents of culture and training. To use another quote from the Dead Poet Society– It’s time to “seize the day” and work with the resources available to decrease the cyber gap.
Barbara George is the executive director of the Washington Cyber Roundtable.
AI, cyber workforce at the top of House IT subcommittee priorities for 2019