DOD sees decrease in civilian cyber workforce shortage amid efforts to beef up talent pipeline
Over the last year, the Defense Department has reduced its civilian cyber vacancy rate to 16 percent, a decrease of 4.8 percent from last year, according to an official.
Those efforts are part of the execution of the DOD’s cyber workforce strategy and implementation plan. In a global fight to attract and keep cyber professionals, the Pentagon was facing a shortfall of 24 percent, and it’s been looking to take bold action to change the tide.
Officials have said the efforts undertaken since the strategy was unveiled in March 2023 and the implementation plan was released in August 2023, have been working, but more effort is needed.
“I think we actually have shown in the last year through all of our initiatives that we’ve actually made progress. One of our number one metrics is the vacancy rates. We have definitely done much better in that,” Mark Gorak, principal director for resources and analysis within the Office of the Chief Information Officer, told reporters during a call Thursday. “We still have a long way to go. We’re still short … 16 percent vacancy rate with military and civilian. We estimate that’s about 28,000 shortage in the department. We still a long way to go to get to our closure here, but we’re getting better. I think that’s one of some of the key metrics of success of this program.”
Gorak said the civilian vacancy rate was double what officials initially anticipated. To get where it is today, DOD had to hire an additional 14,000 civilians. It also turned over 6,000 civilians.
Gorak painted those numbers as “a good news story for the nation” because those experts are turned over to support other efforts such as in industry or elsewhere in the federal government. He has said in the past that the Pentagon has to think differently about members of the workforce transferring out. No longer should it be frowned upon for personnel to cycle out of the department to go work for a contractor that could be supporting the DOD or national security missions. Those personnel are all essentially on the same team, and the key will be to maintain relationships with those cyber professionals and companies to facilitate greater transfer of skills.
To that end, DOD has increased the utilization of talent exchange programs over the last year with industry — including seven new partners — and other federal organizations.
Gorak has also noted previously that the strategy would be adaptable, agile, flexible and responsive over its five-year lifecycle, allowing the department to pivot if certain aspects aren’t working given the cyber field is so dynamic and difficult to predict into the future.
While the team hasn’t added or eliminated any of the original initiatives yet given they don’t have all the results over the last year, they have made some alterations and changed the focus of some.
One objective is the establishment of a dedicated fund the cyber workforce, which was a goal for fiscal 2024. Upon closer analysis, Gorak said officials need more support on that effort and it won’t happen until fiscal 2027.
He described the fund as one of the more challenging initiatives to achieve, noting similar efforts have been undertaken by the department in other areas previously.
Primarily, the fund will help foster internship programs or detailees in placing them to roles and paying for training in certain skill sets where there are shortfalls.
“I can use some of this fund to actually have a two-year internship program where they have two years to bring them in, test them out, train them, develop them, and then have that flexibility and that timeline to then hire as authorizations become open,” Gorak said. “The second part is on development. We really want to streamline through our qualification those gaps and identify those readiness gaps and then be able to fill those with a centrally managed fund. If part of the segment of the workforce isn’t qualified in a certain skill, then this fund would actually pay for that centralized training so that we can make sure that our readiness is increased.”
Looking ahead, Gorak highlighted two of five goals for the next year. The first is transitioning the qualification program standards at the basic, intermediate and advanced levels for each of the work roles within the force, beginning with the cybersecurity workforce. Officials want to code those roles in order to create readiness metrics, to get a better handle on not only how many people they have and need, but what their level of training and qualification is to do the job.
The second is focused on getting to skills-based assessments, partnering with the Office of Personnel Management and the Office of Management and Budget to develop a working group to make it happen.
Other priorities for fiscal 2025 include increasing the use of apprenticeship programs, enhancing cyber workforce incentives and pay flexibilities, and maturing the Cyber Academic Engagement Office, according to a fact sheet.
