Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Key federal cybersecurity positions go unfilled due to bad planning, says GAO

The eight federal agencies surveyed by the GAO had trouble determining the size of their cybersecurity workforce and defining common workforce roles, responsibilities, and compensation.

“Agencies reported challenges in filling highly technical positions, challenges due to the length and complexity of the federal hiring process, and discrepancies in compensation across agencies. Although most agencies used some form of incentives to support their cybersecurity workforce, none of the eight agencies had metrics to measure the effectiveness of these incentives”, the GAO found.

The government watchdog also criticized the agencies for wide variations in cybersecurity workforce training and development programs. The Departments of Commerce and Defense, for example, require cybersecurity personnel to obtain certifications and fulfill continuing education requirements, while other agencies have informal and ad hoc approaches to training, the report said.

“The Office of Management and Budget and DHS [Department of Homeland Security] have identified several agencies to be service centers for government-wide cybersecurity training, but none of the service centers or DHS currently evaluates the training for duplicative content, effectiveness, or extent of use by federal agencies”, the report noted.

The GAO is recommending that agencies address government-wide cybersecurity workforce challenges through better planning, coordination, and evaluation of government-wide activities.

What’s Hot on Infosecurity Magazine?