CGI Federal Director Stacy Dawn contributed to this article.
According to a Cyber Seek dashboard published in 2022, there are currently over 700,000 cybersecurity vacancies in the United States. While this is good news for skilled cybersecurity professionals, it can be bad news for federal agencies, which often struggle to compete with large companies in attracting and retaining cyber talent.
The United States is a connected ecosystem of data, systems and technology that is under constant threat of intentional and unintentional disruptions to service. It requires specific cybersecurity training to detect, prevent or mitigate the risks associated with these threats.
Key actions that we can take to identify talent and train professionals to be part of the cybersecurity front lines include:
Mentor individuals with potential. Qualified candidates are not born, they are made. Once you have identified individual candidates, find mentors for them—from the ranks of leadership, subject matter experts or peers. Not only will you sharpen your already-identified talent, you might discover others.
Mentoring can begin as early as primary and intermediate school, with clubs and courses, which provide opportunities for the students to engage professionals within the community. CGI has multiple programs that support online and in-person opportunities to support students and adults with training and skills in coding and technology. STEM programs are more accessible today than ever, and organizations—including ours—are targeting underserved communities for STEM programs.
Identify non-traditional candidates. Look for capability rather than experience. Active-duty military members, military spouses and military retirees are prime candidates for security training and jobs. People who are leaving shrinking industries such as manufacturing are ripe for retraining opportunities.
CGI has implemented hiring programs that identify candidates with core skills and aptitude. We place them in accelerated boot-camp training that gain the skills and capabilities to fill organizational gaps, particularly in the area of cybersecurity. Rather than trying to find scarce professionals and competing to hire them, we create them ourselves.
Remember retention. Attracting talent and keeping it are different matters. Surveys, such as an informal poll of 50 participants at the Huntsville Cyber Summit, reveal that opportunities for growth and corporate social responsibility are more often cited than pay as reasons employees stay with an organization. Take generational differences into account—motivations for working and what we value evolves over the course of a career.
Create pipelines early. It is never too soon to engage students in security and technology learning. STEM and STEAM are becoming more relevant in elementary and middle school education, leading to the beginnings of a career path in high school and college. Underserved communities benefit from early introduction to technology and skill building. STEM programs, like robotics, coding, and web design introduce students to core technology concepts with hands-on learning activities.
Shortage? More like short-sighted
For well over a century, changes in dominant industries, technologies and demographics have rippled out into a constant state of flux for the workforce. The latest drive to bring more people into cybersecurity is just a recent manifestation of that dynamic.
Organizations have options to look beyond and redefine the parameters of education, certifications and experience that have typically defined cybersecurity professionals. Solving the skills gap in the federal government may depend on doing just that.