President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to draw the necessary talent.
Noting a “crisis when it comes to the nation’s cybersecurity” and referencing the recent SolarWinds breach in his American Rescue Plan, Biden proposes a $9 billion investment to “help the U.S. launch major new IT and cybersecurity shared services at the Cyber Security and Information Security Agency (CISA) and the General Services Administration and complete modernization projects at federal 18 agencies.”
The plan specifically pointed to $200 million filtering to the Information Technology Oversight and Reform fund to hire cybersecurity experts that support the federal chief information security officer and U.S. Digital Service, $300 million for technology transformation services at the GSA to push forward secure IT projects and $690 million for beefing up cybersecurity across federal civilian networks and piloting shared security and cloud computing services.
“The $200 million allocated for hiring experts to support the federal chief information security officer and U.S. Digital Service could definitely attract new talent into the public sector,” said Hank Schless, senior manager of security solutions at Lookout.
While there’s a revolving door of talent going between public and private sectors, private sector can often provide big salaries and benefits that exceed those offered by government agencies.
“Department of Homeland Security, specifically CISA, was one of the only groups that started differential pay to offset compensation, to make it possibly competitive,” said Joseph Neumann, director of offensive security at Coalfire. But “the revolving door will continue to go the other direction as private sector looks at and identifies real world experience more than any formal education. Once individuals get enough real world experience they quickly jump to contractor or private sector positions that are more lucrative and faster paced.”
Biden’s proposal gives federal cybersecurity hiring a boost, though the private sector likely will benefit as well. “Looking at it more broadly, the funding allocated to other agencies may be used to contract more with private sector companies,” said Schless. “This public-private partnership approach could be more efficient if these agencies want to get modern solutions in place with the oversight of experts, rather than trying to build the solutions themselves.”
Dirk Schrader, global vice president at New Net Technologies (NNT), said “seeing these initiatives included in relief plan is a good sign in itself and follows up on statements made earlier by the incoming team.” But he remains unsure whether the additional funding “is enough to have a better coverage of experienced staff in all the branches of the government.” He notes that the funds reserved for that task are roughly covering 2,000 employees ,plus the needed personal equipment for one, perhaps two years.
Work-life balance, remote work and office settings and perks also factor into the success or failure of public sector to attract talent. “Government work, a majority of the time, requires individuals to be in the office setting every day,” said Neumann. “Free snacks, better equipment, and nicer offices are a norm in the commercial world, versus the standard cube-land of government offices. People get tours of Google and Amazon offices and are wow’d.”
Nonetheless, the Biden-Harris plan “importantly calls for long-overdue and needed modernizations to federal information technology and cybersecurity,” said ITI President and CEO Jason Oxman in a statement. “These investments in technology infrastructure, tools, and workforce are essential to ensure recovery from the SolarWinds breach, and to deliver modern and secure citizen services and critical networks.”
Digital technology, he said, “will be an essential partner to ensuring that the U.S. is more resilient moving forward. We are committed to working with the Biden-Harris administration to promote these policies and aggressively advance U.S. economic recovery and growth.”
The post Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles appeared first on SC Media.