A new bill to grow the federal government’s cybersecurity workforce would create a pilot program to train veterans for careers in the field and establish an apprenticeship initiative at the Department of Homeland Services’ (DHS) cyber wing.
At first glance, cyber hiring in the U.S. federal government could lead some federal agencies to depend more on in-house cybersecurity talent rather than outsourced MSSP services. But take a closer look, and it's a safe bet the expanding U.S. federal cybersecurity workforce will continue to lean heavily on MSSPs amid rising cyber threats worldwide, MSSP Alert believes.
The Federal Cybersecurity Workforce Expansion Act aims to recruit and prepare veterans to defend the nation against cyber attacks and set up registered apprenticeships run through the Cybersecurity Infrastructure and Security Agency (CISA). Sens. Maggie Hassan (D-NH) and John Cornyn (R-TX) are sponsoring the measure. The training program for veterans would be housed at the Department of Veterans Affairs (VA).
“In order to bolster our cyber defenses and protect our critical infrastructure, we need to increase the number of cybersecurity professionals in the federal government,” Hassan said. “This bipartisan bill will also help address the workforce challenges in the veteran community by standing up a cyber-training program at the VA to help veterans secure good-paying, stable jobs, and I urge my colleagues to join me in supporting this legislation.” She called the nation’s cybersecurity infrastructure “woefully lacking.”
Cornyn said “harnessing the experience of our veterans and creating more opportunities for hands-on learning” would help ensure that the U.S. is better prepared to fight cyber attacks from the nation’s adversaries.
The federal government has struggled for some time to recruit and retain cyber talent with many agencies, particularly DHS, piecing together efforts to bolster their own cybersecurity workforces. For example, DHS and CISA are set to speed up the process to hire security pros, modernize qualified cybersecurity skills and compete with the private sector on salaries. DHS's fiscal year 2022 budget request calls for the agency to hire 150 cybersecurity professionals in fiscal year 2021 and an additional 150 in fiscal year 2022. And in May, DHS launched a 60-day hiring campaign to add to its cybersecurity employee roster.
The bill is not the first stab lawmakers have taken to boost the cyber workforce at government agencies. In June, Reps. Ro Khanna (D-CA) and Nancy Mace (R-SC) reintroduced the Federal Rotational Cyber Workforce Program within the Office of Personnel Management. Its key selling point is that it offers civilian employees opportunities to advance their careers, add to their professional experience and extend their networks. The job legislation could allow MSSPs to more rapidly build relationships with multiple government agencies each time a contact shifts from one agency to another. The bill previously passed the Senate in 2019 but failed to come up for a vote in the House.
According to a 2020 report by the The International Information System Security Certification Consortium (ISC)², which conducts training and certification programs, the global cybersecurity workforce talent gap has closed a bit year-over-year. The study revealed that the cybersecurity profession experienced substantial growth in its global ranks, increasing to 3.5 million individuals currently working in the field, an addition of 700,000 professionals or 25 percent more than last year. The research also indicates a corresponding decrease in the global workforce shortage, now down to 3.12 million from the 4.07 million shortage reported last year. Data suggests that employment in the field needs to grow by approximately 41 percent in the U.S. and 89 percent worldwide to fill the talent gap.