Security Challenges in 2013 Will Continue Demand for IT Security
Published: December 30, 2013
With the ink barely dry on a budget deal to fund the government for the remaining three fiscal quarters of FY 2014, all signs continue to point to fiscal constraint. But given the number, diversity, and high-profile nature of several cybersecurity events of the past year, one area of federal growth for the foreseeable future, especially in staffing, is for cybersecurity.
Nextgov recently published a list of their ten worst security hacks of 2013, which ranged from government networks and media organizations to personal credit card information. The variety and international nature of many of these attacks underscores that the battlefield of today and the future continues to reside in cyberspace. And the Department of Defense’s U.S. Cyber Command and its branch components are working to staff-up with uniformed personnel and others to meet the challenge.
The Army has around 500 cyber-staff and is building a new command center at Fort Meade, Md., to house 1,500, leading a worldwide cyber-corps of 21,000 soldiers and civilians. By 2017, the Air Force will add more than 1,000 uniformed cyber-forces to its 6,000 experts now working at Air Force Space Command.
The Navy had 800 cybersecurity staffers in 2013 and will reach nearly 1,000 by 2017, working toward a mix of 80% uniformed sailors and 20% civilian employees and contractors. The Marines currently have 300 uniformed personnel, civilians, and contractors at work and plan to increase that number to just under 1,000 by 2017.
By contrast, the Department of Homeland Security — which is charged with protecting the federal civilian .gov domain — can’t seem to hire quickly enough, as proven by some recent legislation. The latest proposed amendment to the Homeland Security Act of 2002 would require the DHS Secretary to regularly assess the readiness and capacity of the agency’s cyber workforce to meet its cybersecurity mission and develop a comprehensive workforce strategy to enhance readiness, capacity, training, recruitment and retention of the cyber workforce, including a five-year recruitment plan and 10-year projection of workforce needs.
Homeland Security’s challenges in recruiting and retaining cybersecurity personnel are not breaking news. Even with multiple agency efforts to improve recruitment and retention, the Government Accountability Office reported this year that over 20% of cybersecurity positions are vacant at the National Protection and Programs Directorate, the primary DHS cyber-division.
Agencies beyond Homeland Security have also continued to supplement their internal workforces with contracted personnel. Office of Management and Budget reports show that up to 90% of federal IT security spending is on personnel costs, so the focus on beefing up the cyber ranks does raise the issue of cost.
However, given that the lack of an experienced and skilled cybersecurity workforce continues to put agencies at risk -- as well as demand for an improved national cybersecurity posture -- cyber spending will likely continue to buck the budget belt-tightening trend.