Can Government Compete for Cybersecurity and Digital Services Talent?

With recent hacking of federal government computers on a massive scale, it is apparent federal agencies are struggling to compete for talent in Cybersecurity and Digital Services. Is government going to be able to compete for this talent pool?

Federal agencies are struggling to compete for talent in Cybersecurity and Digital Services. The Office of Personnel Management’s recent move to offer a short-term excepted service hiring authority for digital services experts indicates OPM recognizes the need, but does not go far enough to address the government’s growing inability to compete for talent in critical cybersecurity and digital services careers.

Why does government not compete effectively? Can we address the problems? Or is government never going to be able to compete?

I believe the fundamental problem is that government competes for high-tech talent the same way it competes for everything else. We have done little to recognize and deal with the demands of a talent pool that is highly mobile, in demand, and constantly evolving. Competing for that kind of talent with a federal personnel system that is still rooted in the 1950s would be laughable if the potential consequences were not so significant. It is no laughing matter.

OPM’s decision to grant short-term excepted service hiring authority for digital services is a welcome move, but inadequate to meet the government’s long-term talent needs. In this case, OPM gave authority to make appointments in one-year increments, not to exceed September 30, 2017. The appointments must be for one of a list of Smarter IT Delivery Initiative programs.

In addition to the recent OPM initiative, some Departments and Agencies have excepted service authority for some or all of their cybersecurity positions. That piecemeal approach is part of the problem. I had discussions about this issue with OPM, members of Congress, GAO and OMB in 2009 when I Chief Human Capital Officer at the Department of Homeland Security. There is virtually no one who would argue that cybersecurity jobs are easy to fill. There is no one who would argue the government does not have a critical need for such talent. And there is certainly no one who would argue that the government is the employer of choice for most cyber professionals. After 6 years, where are we? Marginally better off than we were, but certainly not on the way to having this problem solved.

The issue is complicated by the nature of the cybersecurity and digital services occupations. Problem number 1 is that neither is a single occupation. In DHS alone, we identified almost 20 different job series that made up the cybersecurity workforce. The same is happening with the digital services workforce. Rather than a single occupation, we have collections of jobs that fit into one of the hundreds of job series that are included in the General Schedule. If we want to fix this problem, we have to recognize that force-fitting jobs into an outmoded classification system is not going to work. When I have raised this issue in the past, defenders of the status quo say we should not “Balkanize” the civil service by solving problems one agency or occupation at a time. So what have we done? We have different approaches for different agencies, for different occupations, and even for different line items in the budget. The only difference in the approach we are taking now is that the Balkanization is happening with no clear end in mind. How is that good for anyone?

If we want to begin addressing this problem, we do not have to wait for Congress to act. There are several steps that can be taken without the need for Congressional action.

  • Immediately move all cybersecurity and digital services jobs into the excepted service. Doing so will allow a streamlined hiring process that is not a talent barrier. Although some highly desirable jobs have difficulty competing on the pay front, for the most part the big barrier is the government’s hiring process. It is simply not suitable for these occupations and repels much of the available talent.
  • Develop a new job group for all such positions. Trying to force-fit these positions into the existing General Schedule presents another barrier, both to hiring and to moving people around once they are in government.
  • Within the group, establish job series for key types of occupations. A small number of series that address the major types of occupations would simplify classification, hiring and ongoing talent management.
  • Issue dramatically simplified job classification guidance for the new occupations. The current job classification process is a mess. We do not need hundreds of series with classification standards that become obsolete by the time they are published. It is bad enough for work that does not change rapidly. It is unacceptable for dynamic occupations like these, where the technology is constantly changing.
  • Establish a government-wide steering group of cybersecurity, digital services and human capital professionals to work with OMB and OPM on issues related to these critical occupations. One problem with many excepted service jobs is that they are administered differently by every agency. Because these are positions most agencies have, the overall structure should be governed by a steering group that ensures a reasonable degree of consistency, but allows agency-specific rules where needed. Having some degree of consistency would make moving among agencies easier and might help the government retain the talent longer. The steering group should strive to develop a process that can reduce the time from initial contact to job offer to days, rather than the weeks or months it now takes. Using a steering group to drive the process should also make it possible to make progress much more rapidly. It currently takes OPM 2 to 3 years to write a classification standard.
  • Develop more modern screening methods for applicants. The current questionnaire process produces a lot of useless questionnaires that turn off applicants and produce poor results for agencies. Better assessments, including approaches such as serious games that evaluate an applicant’s problem-solving abilities, would improve the process and not be such a deterrent to applying for a Federal job.

We have been talking about these problems for far too long. While we have debated what to do and made, at best, baby steps toward a solution, the private sector has focused on recruiting cybersecurity and digital services talent. The government is not only not the employer of choice for these folks, it is not even a consideration for many of them. That has to change and change soon.

This column was originally published on Jeff Neal's blog, ChiefHRO.com, and has been reposted here with permission from the author. Visit ChiefHRO.com to read more of Jeff's articles regarding federal human resources and other current events along with his insights on reforming the HR system.

About the Author

Jeff Neal is author of the blog ChiefHRO.com and was previously the chief human capital officer at the Homeland Security Department and the chief human resources officer at the Defense Logistics Agency.