Cybersecurity Archives

Federal cybersecurity workers might not be far from being able to access top-notch training directly from their computer desktops.

Robert Hollingsworth, director of the security engineering and computer security training division at the State Department's Bureau of Diplomatic Security Training Center, told Wired Workplace on Thursday that State and the Homeland Security Department have begun training federal cyber pros using virtual worlds, where each user has an avatar and is walked through different cyber scenarios.

The virtual worlds courses are part of the Federal Cybersecurity Training Event, or FedCTE, a joint program between State and DHS. The program started in 2008, after the Obama administration's Comprehensive National Cybersecurity Initiative identified a need for addressing cybersecurity training and education within the federal workforce. FedCTE courses also were developed using the specific cybersecurity roles identified by the National Initiative on Cybersecurity Education, Hollingsworth said.

Thus far, the virtual worlds program has trained more than 243 students from 68 agencies on cybersecurity topics like cyber protection, response and mitigation, Hollingsworth said. "The demand is going through the roof," he said. "It's a way for these remote programs to address these cybersecurity areas and be continually modified as vulnerabilities are discovered and new security practices are identified. Even previously trained people can address new concerns in a timely fashion."

Still, Hollingsworth noted that one challenge for government is simply defining the roles, requirements and job tasks needed for federal cybersecurity work. But a goal of the virtual training is to help overcome that hurdle, he added. "We're finding there are a lot of roles and responsibilities that may be unique to a department, and we can go in and customize those portions and touch those individual job descriptions and tweak it," he said. "That would be too hard to do in a real classroom every time, but it's not too hard to adjust these virtual modules."

Going forward, Hollingsworth said the program will continue to expand to include more cybersecurity workers, particularly as it gets more popular through word of mouth. "It's in the ground floor now, but we feel it's going to be mainstreamed and that this form of training will become more of a normal activity for federal security workers," he said. "It will be on their desktops at some point and they can train as needed. It's another tool in their toolbox."

Another minor snowstorm is expected to hit the Washington, D.C., area this evening. The Office of Personnel Management has authorized feds to take unscheduled leave or unscheduled telework in order to get off the roads early and avoid potential traffic delays.

This adds to the conversation about federal telework and whether agencies are better prepared this year to enable continuity of operations through weather disruptions thanks to the 2010 Telework Enhancement Act. I wrote last week that while many agencies are embracing telework as a result of the 2010 law, some are having difficulty determining what roles and jobs can be completed while working remotely, while other agencies are challenged by quantifying telework's return on investment.

Tom Simmons, vice president for federal systems at Citrix, told Wired Workplace that while agencies are certainly making progress, many are challenged by the fact that the 2010 mandate came with no funding. "One of the big challenges for agencies to implement telework is 'how do I pay for it?' " he said. "How do I support the infrastructure for remote work in time of planned telework? Or how do I support unplanned telework?"

The cultural issues are still there as well, though not the same degree as they used to be, Simmons added. "As folks are being asked to do more away from the office, those kinds of things are being refined," he said. "There's a new generation of workers coming into the government workforce who are brought up working from anywhere, and they're demanding that kind of work style in their work environment. All of that has a positive impact on the adoption of telework."

What are your plans for today? Must you take unscheduled leave to get an early start against the traffic, or do you have the option to telework? Has the 2010 telework law made this possible?

Federal agencies are going to face steep competition when it comes to recruiting and retaining information technology and other in-demand workers, as only 3 percent of college students in such fields say they intend to work for the federal government following graduation.

The Partnership for Public Service analysis of the 2011 National Association of Colleges and Employers student survey found that federal agencies will encounter tough competition going forward in filling jobs that require skills in science, technology, engineering and math (STEM) fields. Of the 6,868 STEM majors surveyed, 36.7 percent said they plan to enter the private sector, 33.9 percent said they plan to go to graduate school, while only 3 percent said they intend to work for the federal government. The remainder plan to go to non-profits, teach or pursue other endeavors, the study found.

Overall, just 6 percent of all college students surveyed said they plan to work in government at the state, local or federal level, the lowest number expressing an interest in public service since NACE first asked the question in 2008. More specifically, only 2.3 percent of all respondents indicated that they plan to work for the federal government following graduation.

"While the overall portrait suggests that the federal government faces a tough road attracting the top college graduates, it presents an opportunity for managers to better understand students' expectations and desires, and illustrated the need to accentuate the desirable aspects of public service in their recruitment initiatives," the Partnership report states.

Students also were asked what they wanted most in a first job. The opportunity for personal growth was the number one attribute, followed by job security, good benefits, a high starting salary and improving the community. For STEM majors, however, high starting salaries were one of their highest priorities, with 30.5 percent expecting to make more than $60,000 per year.

"Starting salaries for new federal employees with undergraduate degrees frequently are not competitive with many private sector employers," the report states, noting that students can generally anticipate making between $34,075 and $42,209 in the Washington, D.C., area and slightly more or less in other parts of the country depending on local labor costs.

Meanwhile, most students are worried about the impact the tough economy will have on their job search. A majority of students (67 percent) worry about finding a job after graduation, and just over half (53 percent) believe the troubled economy will affect their job search.

Next month marks Telework Exchange's annual Telework Week event, and many agencies are planning to use the event to test their business continuity plans.

Cindy Auten, general manager of Telework Exchange, told Wired Workplace on Friday that more than 9,000 federal employees have pledged to telework during the annual Telework Week, which runs March 5-9.

"Agencies are really getting behind this program to test their business continuity and really understand why it's important to do drills using Telework Week to get more people involved," Auten said. "And I think that this will be a good test for agencies to see how prepared they are without having the next Snowmageddon."

Last year, the Telework Week program had nearly 40,000 pledges, with more than 86 percent of those pledges coming from federal workers. Those workers collectively saved $2.7 million in commuting costs and saved employees an average two hours from their commutes for each day teleworked, according to Telework Exchange estimates.

Auten said a report on the results of this year's Telework Week would be released at the organization's town hall meeting in May. "It will be interesting to compare year over year and see how well agencies have done and how prepared they were," she said. "I think we will see some really good movement between the two years."

Still, Auten said one major challenge for agencies going forward -- particularly for those agencies that recently kicked off their telework programs as a result of the 2010 Telework Enhancement Act -- is quantifying telework's return on investment. Some agencies like the Veterans Affairs and Homeland Security departments -- which were called out in a recent letter to Office of Personnel Management Director John Berry for having high numbers of positions deemed ineligible for telework - may have a difficult time beginning to track and provide accurate data, she said.

"Capturing the data is really important and not just necessarily whose teleworking and the frequency but also how telework is coming back to meet the agency mission," Auten said. "Agencies have to quantify the savings, and developing that telework ROI model is going to be very critical."

Going forward, Auten said a major trend for 2012 will be a move to enterprisewide tech solutions for both teleworkers and non-teleworkers, which is part of Federal CIO Steven Van Roekel's new mobility strategy to make agencies more agile and flexible. "The goal is for one enterprisewide solution that can enable the mobile workforce," she said. "So if you use collaborative tools for teleworkers, the people in the office are using the same tools."

Have you made your pledge for this year's Telework Week? If not, click here.

Federal employees, retirees and their families will soon be able to securely access their personal health data from the websites of their health plans, thanks to the rollout of new Blue Button technology, the Office of Personnel Management announced Wednesday.

While most federal health plans already offer some form of personal health records to their members, the new Blue Button technology will allow federal patients to have complete control over their health information and enable them to share the data with their health care providers, caregivers and other people they trust.

"Adding Blue Button will make these records more readable, more accessible and more useful to patients and families," OPM Director John Berry said in a statement. "This easy access to lab results, medication and problem lists, allergies, appointment data and wellness reminders makes care both easier and better."

Blue Button technology allows patients to see, download and keep their personal health data by clicking the blue button on a secure Internet site. The files are delivered in text files that can be downloaded, read, stored and printed on any computer without special software.

Blue Button technology already has been adopted by some 500,000 veterans, service members and Center for Medicaid and Medicare Services in just 14 months.

"Blue button empowers hundreds of thousands of patients with their own data," said federal Chief Technology Officer Aneesh Chopra in a statement. "We want federal employees, their families and the general public to benefit from easy access to Blue Button downloads as it rapidly scales to become a routine service in the care delivery system."

A report issued by OPM in September found that 97 percent of all federal health carriers were offering some form of personal health records to their members. In addition, about three-quarters of federal health plan carriers already include medical claims or health record information in those personal health records, the report found.

OPM asked federal health insurance carriers in a Dec. 19 letter to research the Blue Button functionality and supply OPM with documentation on a strategy to implement the technology by March 15.

For more information on the Blue Button, click here.

Training and investing in the IT workforce is among the top priorities for federal chief information officers in the coming year, particularly as the potential for a federal hiring freeze could prevent IT leaders from bringing on critical IT skills.

A new survey of 24 federal CIOs and deputy CIOs by Federal News Radio found that 40 percent of CIOs place IT workforce and training issues as one of their top five priorities for 2012. Cybersecurity, cloud computing and mobile computing ranked as the top priorities among CIOs for the coming year.

When asked what was their greatest concern about the impact of potential budget cuts on their agency, twenty-five percent said they were concerned that a hiring freeze would prevent them from bringing on critical IT people.

Still, most CIOs indicated they were not sure whether they would use the new tech fellows program to bring on staff. Thirty-three percent said they plan to use the tech fellows program, which appoints technology students expected to complete a master's or doctoral-level degree to two-year fellowships at federal agencies, while 50 percent said they did not know of their plans to use the program.

Telework implementation also was ranked as a priority for the coming year, though not nearly as highly as most other IT issues. Only 19.1 percent of CIOs ranked telework as one of their top five priorities for 2012.

Meanwhile, most CIOs believe they have a seat at the table for influencing mission-critical decisions at their agencies. More than two-thirds of respondents said their agency's senior decision makers value their input, while 80 percent said agency leaders understand the value of IT in meeting the mission.

We are now in the third week of the new year, and tech hiring managers already are pretty clear on what types of professionals they are looking to hire in 2012. This month's edition of the Dice report indicates that tech developers dominate the most pressing hiring needs for the second straight year.

According to a survey of nearly 1,200 tech-focused hiring managers and recruiters by Dice, Java developers are the top priority for hiring in 2012. Software developers also are in strong demand, as such positions are posted on Dice in 44 out of 50 states.

Also in strong demand are mobile developers, .NET developers, project managers and Web developers. New to this year's list are systems and network engineers/administrators, Dice found.

"The tech recruiting market is active and hiring managers have defined the priorities to start 2012," the report states. "The only certainty is that companies will find ways to build value within their business and tech professionals will have a headlining role."

How do your skills stack up for 2012?

A cybersecurity education nonprofit is expanding a program designed to help aspiring professionals to prepare for careers in cybersecurity and obtain special cyber certifications.

(ISC)2 announced Thursday the expansion of its Associate of (ISC)2 program, which allows aspiring information security professionals to sit for a credential exam to assess their knowledge and build a professional network while they're gaining the work experience required to become certified. The hope is to use the program to beef up the pipeline of qualified cyber professionals.

As a result of the expansion, the program now includes the Certified Secure Software Lifecycle Professional (CSSLP) and Certified Authorization Professional (CAP) credentials. Already available under the program is the Certified Information Systems Security Professional (CISSP) and the Systems Security Certified Practitioner credentials, (ISC)2 said.

Professionals in cybersecurity must have a certain number of years of experience in order to qualify for certification. The CSSLP, for example, requires four years of professional experience in the software lifecycle, while the CAP -- designed for professionals responsible for formalizing processes used to assess risk and establishing security requirements and documentation -- requires two years of specialized work experience.

The Associate program is available to all interested candidates, but it is also being touted for use by universities looking to support graduates transitioning into professional life. The program also is mapped with the National Initiative for Cybersecurity Education, or NICE, framework currently being established by the National Institute of Standards and Technology and other federal agencies.

"Our Cybersecurity Workforce Framework document lays a foundation for the various competences that comprise cybersecurity and provides certification companies and academic institutions a common starting point to map course work and certifications to a recognized set of cybersecurity skills," said NICE National Leader Dr. Ernest McDuffie.

"We appreciate the support that (ISC)2 and the certification community has demonstrated in terms of open dialog and several ongoing efforts where certifications and courses are being mapped to the NICE Cybersecurity Workforce Framework."

Nearly half of federal IT workers are using their personal mobile devices to perform work-related functions daily, according to a new survey.

The survey of 200 federal IT workers by marketing company Bluetext found that 45 percent of respondents are using mobile devices for work on a daily basis. Thirty-six percent of respondents indicated that they do not perform any work from their mobile devices, the study found.

Sixty-six percent of respondents also indicated that their non-IT agency colleagues are using mobile devices for work on a daily basis - suggesting a dramatic shift to a mobile government workforce, the survey found.

In addition, email applications ranked the most popular for employees performing work on their mobile devices. For example, among mobile device applications, 93 percent use email apps, 36 percent use project management tools, 20 percent use social media apps and 13 percent use VoIP apps, the study found.

Among social networking websites, Facebook was the most popular among respondents. Sixty-eight percent of federal IT workers said they use Facebook on their mobile device for work purposes, while 21 percent use Twitter, 16 percent use Google+ and 11 percent use LinkedIn, Bluetext found.

Federal pay in 2011 grew at its slowest pace in one decade, in part due to a partial pay freeze. But overall, federal IT workers are still faring better than their counterparts in the private sector, most of whom have seen flat salaries over the past two years.

A recent analysis by USA Today found that federal pay rose an average of 1.3 percent for fiscal 2011, according to newly released federal data. The wages of private sector workers rose 1.2 percent during that period, the same rate as state and local government pay growth, the analysis found.

The federal pay numbers are the first full budget-year results since President Obama froze across-the-board automatic pay increases for federal workers in 2011 and 2012. Federal employees are still eligible for other pay increases, however, such as those for longevity, performance and promotions.

Average pay for federal IT workers rose more than the overall average for federal workers, USA Today found. For example, computer engineers saw an increase of 3.7 percent in fiscal 2011, with the average pay rate coming in at $102,912. Computer clerks and assistants saw an average increase of 1.7 percent, with average salaries coming in at $39,173, the analysis found.

USA Today also found that federal workers made an average of $75,296 last year, plus $28,323 in medical, pension and other benefits. That figure is about 60 percent more than the average private sector wage, though many experts argue that the difference is a result of higher levels of education and professional jobs in the federal workforce.

Still, even comparing USA Today's analysis of federal IT workers with the most recent IT salary survey by Dice.com, federal IT pros still come out on top. For example, Dice's 2010-2011 annual salary survey found that private sector technology salaries increased by an average of only 0.7 percent, to $79,384 last year.