It was announced earlier this month that President Biden is poised to sign a new cyber rotational workforce bill into law. According to the bill, H.R. 3599, certain federal employees would be able to work at other participating agencies in cyber workforce roles.
As we discussed in our recent article, “How is Washington Addressing the Cyber Security Workforce Shortage?” there are currently a half-million cyber security job openings nationally (public and private sector combined). With cyber-attacks on the rise, and the continual reliance on internet and cloud-based technologies, the need for a well-trained and abundant cyber workforce is now.
One of the measures being taken is the concept of a cyber rotational workforce within government agencies. The idea is that during this time of an undermanned cyber workforce, allowing cyber professionals to rotate between agencies will offer greater use of specialized skillsets agencies need but don't currently have in sufficient quantities.
The benefit to rotating cyber workers would be exposure, training, and experience in areas outside of their current role. This experience would then lend itself to better advancement opportunities and growth within the industry.
Next Steps and New Challenges
This bill is a huge step in the right direction, and will theoretically lend specialization and skilled labor to agencies in need. Like most new endeavors, though, practicality is still a question.
As we discussed in our article mentioned above, there isn’t a good data collection and measurement system in place government-wide. Compliance directives like DoDD 8140.02 exist but without a released manual and sporadic data collection it will be extremely difficult for agencies to determine who within their organizations would be ideal candidates to rotate as part of this new program.
Additionally, questions around budgeting and funding of rotating personnel are still uncertain. If, for example, a pen tester from agency A wants to rotate to agency B, their supervisor needs to approve the request and pay their salary to move to a different organization. While great in theory, there are still a lot of legitimate questions around the implementation.
A cyber rotational workforce makes sense when full transparency of the scope and skillsets of the whole workforce exists government-wide.
The CyberSTAR Advantage
If it were used across all agencies, CyberSTAR would be able to paint an accurate picture of the cyber workforce and their qualifications by the individual. Not only could it showcase whether an agency was adhering to existing directive DoD 8570, but it would also act as a primer for DoDD 8140.02. and allow for greater ease in rotating individuals between agencies.
The U.S. Army trusts the CyberSTAR platform to manage its cyber workforce with over 1 million active users.
CyberSTAR is the trusted source for cyber expertise management. It is the most effective automated expertise management system available to the DoD, other government agencies, and corporate customers.
CyberSTAR helps streamline processes and maintain current credentials for your cyber workforce by:
- Ensuring proper training and certification (including DoDD 8570, DoDD 8140, NIST NICE, and other commercial standards)
- Matching personnel and roles to contractual or regulatory requirements
- Continuous compliance and on-demand reporting
- Reducing the cost and complexity of identifying skill gaps and upskilling opportunities
CyberSTAR is the one source of truth for all your cyber compliance, readiness, and expertise management. Schedule a demo below and learn more about how CyberSTAR can help your agency get compliant and ready for DoDD 8140.02, or download our new white paper and learn how a cyber workforce management system can help ease the transition to DoDD 8140.02 (DCWF).