CISA plans to hire Chief People Officer to boost cyber workforce

WASHINGTON, DC - APRIL 28: Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly testifies before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022 in Washington, DC. Easterly testifies on the fiscal year 2023 budget request for CISA.

WASHINGTON, DC - APRIL 28: Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly testifies before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022 in Washington, DC. Easterly testifies on the fiscal year 2023 budget request for CISA. (Photo by Kevin Dietsch/Getty Images)

Agency advisors are set to vote on a host of draft recommendations which include reviewing the security clearance process for inefficiency.

The Cybersecurity and Infrastructure Security Agency is searching for an official to ensure its recruitment efforts reflect its operational priorities and coordinate with the private sector and other agencies to address the infamous shortage of cyber personnel across the country.

“Move urgently to hire a Chief People Officer responsible for working with the director and senior leadership to advance a unified approach to talent acquisition,” CISA’s Cybersecurity Advisory Committee, or CSAC, wrote in draft recommendations, adding, “The CSAC strongly supports CISA’s current plans to do this.”

The committee is set to vote on the draft recommendations and present them to CISA Director Jen Easterly during their quarterly meeting Wednesday. The agency on Friday shared the draft recommendations with registered attendees, emphasizing they won’t be final until after the vote.

“CISA requires a comprehensive review of its current workforce and talent needs to ensure that it is properly aligned with the agency’s strategic goals and future growth,” the advisors wrote. “The review should include assessment of CISA’s policies and processes to support hiring for those needs while better competing with the private sector.”

The advisors recommend CISA prioritize workforce development for cybersecurity, a challenge that has perpetually dogged policy makers. The estimated shortage of cybersecurity professionals in the U.S. has doubled from 300,000 to 600,000 in recent years, with 39,000 of those vacancies plaguing the public sector, according to data from Cyberseek and the National Institute of Standards and Technology

CISA has touted new abilities under a Cyber Talent Management System, but a recent report on the issue from the Foundation for the Defense of Democracies, which houses a nonprofit offshoot of the congressionally mandated Cyberspace Solarium Commission, recommended the government empower the Office of Personnel Management to more centrally tackle the problem.

CISA advisors said the agency should “review hiring goals on a regular basis with senior agency leadership, under the guidance of the Chief People Officer and Chief Human Capital Officer, to ensure they remain aligned with the agency’s strategy and needs and are properly directed and budgeted to be competitive with private sector employers.”

Other draft recommendations for the meeting Wednesday include developing a more systematic approach. CISA should collect and analyze data on candidates to create benchmarks and monitor progress, setting a goal of “90 days from offer to onboarding for cybersecurity candidates,” for example. The process within CISA currently takes an average of 198 days, the advisors noted.  

The advisors also took aim at what they said sounds like an overwrought process for granting security clearances. 

“Conduct a thorough review of the interagency security clearing process to identify paths to streamline and speed up this critical path for CISA candidates,” wrote the advisors who were assigned to address the workforce challenge. “The subcommittee heard consistently that the current, unpredictable suitability process is unnecessarily cumbersome and time-consuming, which is a significant obstacle to hiring.” 

Another subcommittee assigned to advise CISA on technical issues also saw opportunities to boost the workforce while improving the vulnerability disclosure process.

“Develop incentives and access to information to aid security researchers who will submit vulnerabilities affecting critical systems,” read the draft recommendations, with advisors suggesting the pool of potential security researchers could grow through work visa sponsorships and training opportunities, including internships and networking exposure. 

This article was published first on GovExec, a FederalSoup partner site. 

NEXT STORY: DHS is making ‘significant reforms’ to the employee discipline process

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.