Last May, the Biden administration’s Executive Order (EO) 14028 on cybersecurity put the onus on agencies and contractors to strengthen their cyberdefenses to prevent cyber attacks against the federal government. While EO 14028 is not the first of its kind, technology executives believe that it stands out from previous cybersecurity EOs because it calls for specific timelines for agencies to implement defined data encryption and compliance standards. While this level of direction should set a clear path to improvement, a potential setback has emerged. Presently, cyber skills are the most sought-after skillset across all industries, and employer demand already exceeds workforce supply. According to Heather Lacroix, President of Chenega Technical Innovations (CTI), the federal workforce itself has seen a 3700% increase in its need for cyber talent.
Federal contractors like CTI are presently focused on the retention, recruitment, and development of cyber talent. Otherwise, with increased competition coming from the commercial sector, it will be difficult to keep up with the changing landscape of cybersecurity. The expectations set by EO 14028 place certification and compliance requirements on federal agencies that will flow down to contractors and subcontractors. “Across industries there are difficulties and challenges… not in knowing what the solutions are, but in ensuring that we can recruit, retain, and keep the staff that will be providing those solutions,” Lacroix said.
To support staff development, Lacroix emphasized the importance of embracing change management, particularly in upskilling long-term employees with specialized capabilities, such as the scientists or attorneys that comprise much of the federal workforce. “Cyber may not be on the forefront of their minds, but we are engaging them with strategic communications and applying new and modern ways to keep them current to what’s going on,” Lacroix said of CTI’s initiative to prepare and secure incumbent staff for cyber roles.
The GAO recently identified recruiting and hiring as an area of high risk in the federal market. There is increasing urgency for contractors to considering staffing when going after competitive bids. To this end, Lacroix is pursuing open discussions and transparency with agencies on how Chenega Technical Innovations is keeping its staff current, trained, and proactive, whether through investing in emerging technologies that appeal to cybersecurity professionals, or keeping pace with current workforce interests such as telework options and competitive pay scales. “One of the greatest things we can look at now… is that we are in a state of constant recruiting to ensure that we always have a bench of candidates,” Lacroix said. CTI’s efforts to augment and train its cyber talent pool puts it in a prime place to support improved federal cybersecurity.
The future of federal cybersecurity and the imperatives outlined in EA 14028 depend upon the federal government’s ability to work with a highly trained talent pool that is both and experienced and adaptable to change. As the federal government keeps internal teams focused on the missions, agencies will turn to contractors to meet the growing cybersecurity needs and requirements. Because of the competitive landscape in cyber talent recruitment, contractors with a strong plan to recruit and retain cyber talent are better prepared to offer these services.