Toda iniciativa es bienvenida y necesaria, peros se necesita más pensamiento «fuera de la caja» si los gobiernos quieren competir por los mejores talentos.
The president’s new National Cyber Strategy calls for the development of a “superior cybersecurity workforce.” That might be easier said than done.
Historically, finding, nurturing and keeping skilled cybersecurity talent has been a significant challenge for government agencies. The government is often hamstrung by strict budgetary considerations and legacy technologies, and often cannot pay as well as the private sector.
There’s also the issue of supply and demand. A report by the Commerce and Homeland Security departments noted that there were an estimated 299,000 active openings for cybersecurity-related jobs as of August 2017. Unfortunately, there aren’t enough well-trained professionals to fill those positions.
The government is taking steps to address these challenges. The National Cyber Strategyoffers specific recommendations for attracting and keeping top-tier cybersecurity talent, including providing greater financial compensation to better compete with the private sector. Meanwhile, the Office of Personnel Management has released guidance to help agencies identify their own cybersecurity skills gaps and steps they can take to fill those gaps.
But while these initiatives are welcome and necessary, more outside the box thinking is needed if the government is to compete for the best talent. Here are a few non-traditional ideas that could help agencies augment the efforts already underway to attract, hire and keep a stable of trained, skilled and happy cybersecurity professionals.
Create a Cybersecurity “National Guard”
The government has always been an attractive destination for students seeking financial aid or job skills, and the public sector has a well-earned reputation for training. That reputation could be used to create a cybersecurity National Guard. In exchange for a year or more of cybersecurity training, students would commit to the equivalent number of years of government cybersecurity work.
This initiative would solve some immediate challenges. It would provide government agencies with a homegrown workforce specifically trained to address cybersecurity threats against the U.S. It would also give agencies time to nurture and grow this workforce, thereby providing the government with more opportunity to keep employees from jumping ship to the private sector.
Retrain Professionals to Become Cybersecurity Experts
We hear a lot about workers being retrained in IT, but there is a great opportunity for the government to focus their efforts specifically on cybersecurity. There are many people across the country working in fields that are negatively impacted from globalization or making less than minimum wage willing to learn a new skill in a higher paying field, especially if the government is willing to invest in them. According to the Bureau of Labor Statistics, there are more than 80 million U.S. workers age 16 and older being paid hourly rates. The federal government could look at them and other lower income earners as a giant cybersecurity talent pool.
Location is less relevant than one might expect, since the only thing the workers would need is an internet connection and a willingness to learn. The government can look well beyond the Beltway for its next generation of cybersecurity talent and develop a skilled lineup of experts across America.
Automate Mundane Cybersecurity Tasks
No top of the line cybersecurity expert wants to spend their days just keeping the lights on. They want to feel a sense of purpose and proactively contribute to their agencies’ missions. Further, someone working on a sleep-inducing task is more likely to make mistakes, thereby exposing their organization to even greater risk.
Automated security systems can relieve workers of time-consuming and tedious tasks and increase employee productivity. They’ll spend less time patching systems and chasing down alerts and more time working truly making a difference by creating impactful security strategies and policies.
Fuente: https://www.nextgov.com
