Reorg report details plan, timeline for cyber workforce and IT improvements

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Trump administration plans to tackle the federal shortage of cybersecurity professionals with a new hiring system, a reservist program and by reskilling current federal employees while improving the pipeline for new cyber talent.

The Office of Management and Budget and the Homeland Security Department intend to finish cataloging the entire federal cyber workforce, identify gaps, and implement these and other initiatives within the next two years.

Advertisement

DHS is currently in the process of developing a “Cyber Talent Management System” (CTMS) for hiring cybersecurity professionals. It would exempt DHS from certain Title 5 restrictions and requirements regarding hiring and compensation. Designed for agility, it would also speed up the hiring process and allow for a more flexible, performance-based compensation.

Filling the gaps

This new system would allow federal agencies to fill gaps in the cybersecurity workforce more easily. DHS and OMB, along with the Office of Personnel Management, will have finished identifying those gaps and developing a plan to deal with them by the end of 2019.

“By the first quarter of [fiscal] 2019, all [Chief Financial Officers] Act agencies, in coordination with DHS and OMB, will develop a list of critical vacancies across their organizations,” the report said. “By the end of FY 2019, all CFO and non-CFO Act agencies will have a prioritized list of critical vacancies. OMB and DHS will analyze these lists and work with OPM to develop a whole-of-government approach to identifying or recruiting new employees or reskilling existing employees in FY 2019.”

Once the CTMS has been implemented, OMB will work with DHS to communicate regulatory notices to the rest of the government and standardize cybersecurity training.

Reskilling and recruitment

Part of that standardization will also include reskilling current federal employees. OMB, DHS and OPM will create aptitude and skill assessments to identify candidates for this training. OMB and DHS are supposed to develop a work plan by the first quarter of FY 2019 to accomplish this.

OMB is also evaluating numerous agency-specific plans and programs to improve recruitment of fresh cybersecurity talent such as:

  • the National Science Foundation’s CyberCorps
  • DHS’ Cybersecurity Education and Training Assistance Program
  • the Army’s Cyber Center of Excellence

But the administration is looking beyond just hiring and training. It also wants to improve the cyber workforce’s ability to respond to cyber incidents. It wants to give these positions more mobility, allowing them to jump from one position to another and even between agencies. That will also make it easier for agencies to achieve a surge capacity to deal with major events. OMB is supposed to have a work plan for this as well by the end of FY 2018.

Reservist program

Part of that surge capacity could be filled by a cyber reservist program, the report said. OMB, DHS and the Defense Department will evaluate cybersecurity gaps and the ability to rapidly mobilize talent to fill them. This would be coordinated with other reserve cyber programs, such as the National Guard Cybersecurity Services. This reserve program could also, in the event of a major incident, be extended to non-federal critical infrastructure.

It all depends on OPM’s ability to work with human capital employees in all the agencies to categorize and catalogue the entire federal workforce according to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework by this fall.

The administration hopes that this whole-of-government approach will end duplication, disaggregation and internal competition for talent. An obstacle to this, the administration said, was the fact that individual agencies all have their own approaches to building their cyber workforces.

Other IT initiatives

The administration also intends to eliminate paper records by 2022 by putting an end to their acceptance at the National Archives and Records Administration (NARA). Agencies spend billions of dollars every year on the staff, support contracts and facilities to maintain paper records, according to Thursday’s report.

The administration said that NARA will issue guidance to federal agencies, according to the Federal Records Act.

This is part of the administration’s plan to transition to digital government. Aside from solely electronic records management, officials want to increase and improve online services, which they say makes it easier for customers to apply for and receive services.

The report holds up U.S. Citizenship and Immigration Services as an example of how this can work. The agency has spent the last few years automating many of its services, including the green card and naturalization applications, as well as the process for Freedom of Information Act requests. This not only resulted in greater transparency and higher customer satisfaction, but also helped reduce the amount of paper records it has to deal with.

Another such example is the Social Security Administration, which has increasingly relied on online forms. The report said the agency expects that by 2019, half of retirement forms will be submitted online.

Online services aren’t the only way the administration intends to address customer service. OMB will be working with the U.S. Digital Service and the General Services Administration’s 18F to identify subsets of the government’s customers — such as veterans, students and retirees — and map their experiences with the federal government.

This would provide two benefits. First, it will allow OMB to identify areas of stovepiping and duplication that frustrate customers and create inefficiencies, and work on a plan to streamline interactions for each subset of federal customer. Second, it will allow USDS and 18F to evaluate and prioritize IT modernization projects on a much larger scale.