In navigating the growing shortage of IT and cybersecurity talent available in both the public and private sectors, the Trump administration has made clear its plan to fill a portion of the void by teaching current federal employees new skills.
As part of the President’s Management Agenda, the Office of Personnel Management, Office of Management and Budget, Department of Defense and other agencies have been tasked with developing a system to both identify employees with the aptitude for IT and cybersecurity jobs, and adopting automation technology that can assist the reskilling efforts.
Reskilling strategies and products that facilitate them already reside within the private sector. The more critical question is if they can be scaled to a workforce of more than 2 million civil servants focused on a diverse set of missions?
FedScoop spoke to a trio of experts who believe it’s possible and gave guidance for how they think the federal government can be successful in reskilling.
One popular strategy involves not a wholesale shift of employees to a new skill set but instead fostering greater communications and thought-sharing between groups with adjoining missions. It’s often called cross-training.
Joel Jacobs, MITRE CIO and chief security officer, said his company has been deploying cross-training for decades out of an organic need to capitalize on the proficiency of its federally funded research and development centers and the cybersecurity staff tasked with protecting them.
“There was a natural demand that flows between those two,” he said. “So in our own cyberdefense, going back to the 1980s, we started borrowing people from those who have information security backgrounds who work for our sponsors for our own defenses. It turns into a virtuous cycle, and the additional skills of those doing research could gain operational experience. Those doing our own operations could gain access to new ideas and capabilities that were part of direct work.”
To leverage the cross-training goals, Jacobs said MITRE deploys mechanisms like communities-of-interest around certain topics, technical exchange meetings and an intranet system that fosters communications between the operations and research sets to share ideas and new developments.
It fosters not only the collaboration of ideas but also provides both camps with new experience to augment their skills.
The strategy sounds somewhat similar to the DevSecOps philosophy pervading the IT acquisition space, in which teams of IT engineers, operations personnel, security specialists and often even procurement professionals collaborate to design the systems that will serve their enterprise.
Jacobs said he didn’t know if the cross-training strategy could scale up governmentwide because of the diffuse mission goals of federal agencies, but he said the strategy could be effective in stretching resources if it’s applied to adjoining components.
“Part of it is making sure they are investing training in ways that are effective at identifying talent, expanding its application and looking for opportunities to cross-train from related topics,” he said. “I think they have to be looking for adjacencies in talent, not strictly or narrowly prescribed versions of cyber engineers or exclusively-trained from a cyber curriculum.”
Automation cheat sheets
Another avenue the administration will likely pursue is to lean on new technologies to cut down the learning curve instead of having employees learn a new skill set from scratch.
Grant Wernick is looking to deploy such a technology in government right now. Wernick is the CEO and co-founder of Insight Engines, which leverages automation and artificial intelligence to crunch complex data through natural language queries.
As a result, employees new to IT and cyber roles don’t have to have the colloquial skills of a technical expert to access data fast, allowing them to spend more time on investigative processes.
“Now you can take people who are high school graduates or English majors, and if they want a career in cybersecurity, they can do it,” Wernick said. “We actually have stories in the federal government where midlevel analysts — the people who usually just stare at alerts — are actually finding stuff they would never have found because they are curious, they use our product and start digging in and looking around.”
OMB is currently examining areas where it can pilot automation as part of its reskilling efforts. And while Wernick said interest is growing in the public sector, the all-too-familiar hurdles of acquisition bureaucracy, agency culture and technology infrastructure have made widespread adoption of his product a challenge.
“I would say it’s growing in pockets,” he said. “Business-as-usual has been a process that has involved many steps sometimes, and we’re circumventing tons of steps. So that change makes it so new people coming in can really be part of it. But sometimes, it’s like, ‘Well, that’s not the way we did it before.’ So getting people who have been there a long time to refresh their view on things is something that we’ve been spending a lot of time on too.”
One of the best efforts for reshaping the workforce is outlining the vision of the enterprise.
OPM has discussed implementing direct-hire authority and compensation restructuring to entice more IT and cybersecurity talent to the federal government. However, Margot Conrad, director for federal workforce programs at the Partnership for Public Service, said agencies should analyze the skillsets they will need in the future and balance them against new technology capabilities.
“I think agencies need to be able to forecast for the future to actually be able to do the hiring that they need from the outside or reskill on the inside. As a starting point, I think that is a huge area that we emphasize,” she said. “Thinking about what are some of these new emerging technologies, what does that mean for the workforce itself and what the future needs are going to be and then trying to put together comprehensive strategies to address that.”
That could include a mix of legacy and reskilled employees but also contractors who may have knowledge bases in new solutions.
“I think you need a holistic approach here to workforce planning and succession management,” she said. “That would be critical to the success of any effort.”