Skip to content

Report Recommends Stronger Hiring, Development Practices for DHS Cyber Professionals

10/18/2012 -The Department of Homeland Security (DHS) needs to hire about 600 cyber security professionals with well-defined, mission critical skills, according to a task force commissioned by DHS to help the agency bolster its cyber defenses.

The agency should also work to develop a stronger pipeline of skilled cyber security professionals, develop ways to test workers’ skills on an ongoing basis, and also set up a reserve force of professionals who can assist the agency in times of need, according to the task force’sreport, released earlier this month.

To improve the pipeline, the agency should take steps including creating more innovative partnerships with community colleges, universities, organizers of cyber competitions, and other federal agencies, according to the report. Though DHS has frequently relied on contractors for many mission-critical tasks including penetration testing, reverse engineering, and security engineering,it should also hire more full-time staff.

DHS should also develop ways to stringently evaluate its cyber security professionals’ skills on an ongoing basis. “If these jobs are essential to protect the nation,” they should be evaluated in ways that are similar to tests used for professions such as pilots, physicians, and nuclear plant operators, according to the report. The department should also develop clearer career paths with opportunities for greater learning, development, and growth. "In other words, the concept of 'careers, not jobs.'" 

The report also recommends the creation of a reserve force of cyber professionals, including experts from inside and outside of the government. The task force recommends creating a pilot program, and then studying ways to make such a program more permanent.

The task force, called the Homeland Security Advisory Council Task Force on CyberSkills, was co-led by Alan Paller, director of research at the SANS Institute, a cyber security training organization; it was also led by Jeff Moss, founder of the well-known BlackHat and DefConcybersecurity conferences.