Outsource Archives

Federal cybersecurity workers might not be far from being able to access top-notch training directly from their computer desktops.

Robert Hollingsworth, director of the security engineering and computer security training division at the State Department's Bureau of Diplomatic Security Training Center, told Wired Workplace on Thursday that State and the Homeland Security Department have begun training federal cyber pros using virtual worlds, where each user has an avatar and is walked through different cyber scenarios.

The virtual worlds courses are part of the Federal Cybersecurity Training Event, or FedCTE, a joint program between State and DHS. The program started in 2008, after the Obama administration's Comprehensive National Cybersecurity Initiative identified a need for addressing cybersecurity training and education within the federal workforce. FedCTE courses also were developed using the specific cybersecurity roles identified by the National Initiative on Cybersecurity Education, Hollingsworth said.

Thus far, the virtual worlds program has trained more than 243 students from 68 agencies on cybersecurity topics like cyber protection, response and mitigation, Hollingsworth said. "The demand is going through the roof," he said. "It's a way for these remote programs to address these cybersecurity areas and be continually modified as vulnerabilities are discovered and new security practices are identified. Even previously trained people can address new concerns in a timely fashion."

Still, Hollingsworth noted that one challenge for government is simply defining the roles, requirements and job tasks needed for federal cybersecurity work. But a goal of the virtual training is to help overcome that hurdle, he added. "We're finding there are a lot of roles and responsibilities that may be unique to a department, and we can go in and customize those portions and touch those individual job descriptions and tweak it," he said. "That would be too hard to do in a real classroom every time, but it's not too hard to adjust these virtual modules."

Going forward, Hollingsworth said the program will continue to expand to include more cybersecurity workers, particularly as it gets more popular through word of mouth. "It's in the ground floor now, but we feel it's going to be mainstreamed and that this form of training will become more of a normal activity for federal security workers," he said. "It will be on their desktops at some point and they can train as needed. It's another tool in their toolbox."

Federal budget cuts are causing many agencies to scrap large traditional office spaces for open workstations, telework, and "office hoteling," where employees reserve desks as they need them. Federal Times reports that Bart Bush, the assistant commissioner for the Office of Client Solutions at the General Services Administration, is leading an effort to reduce GSA's real estate footprint -- potentially saving millions of dollars in leasing. The effort includes cutting the square footage of office space from 29,120 to 14,065 for about 170 employees.

The new hoteling concept means employees won't have their own desks, but rather will be required to reserve workstations when they plan to be in the office. The trend will mean scrapping the nameplates mounted on feds' doors in favor of emphasizing mobile technology, Bush told Federal Times. "Some agencies might promote more telework, or create more open spaces or rely more heavily on technology," he said.

Is your agency making changes to reduce its real estate footprint, in part by emphasizing hoteling, telework and mobile technology? What are your thoughts on the changes?

We are now in the third week of the new year, and tech hiring managers already are pretty clear on what types of professionals they are looking to hire in 2012. This month's edition of the Dice report indicates that tech developers dominate the most pressing hiring needs for the second straight year.

According to a survey of nearly 1,200 tech-focused hiring managers and recruiters by Dice, Java developers are the top priority for hiring in 2012. Software developers also are in strong demand, as such positions are posted on Dice in 44 out of 50 states.

Also in strong demand are mobile developers, .NET developers, project managers and Web developers. New to this year's list are systems and network engineers/administrators, Dice found.

"The tech recruiting market is active and hiring managers have defined the priorities to start 2012," the report states. "The only certainty is that companies will find ways to build value within their business and tech professionals will have a headlining role."

How do your skills stack up for 2012?

Federal pay in 2011 grew at its slowest pace in one decade, in part due to a partial pay freeze. But overall, federal IT workers are still faring better than their counterparts in the private sector, most of whom have seen flat salaries over the past two years.

A recent analysis by USA Today found that federal pay rose an average of 1.3 percent for fiscal 2011, according to newly released federal data. The wages of private sector workers rose 1.2 percent during that period, the same rate as state and local government pay growth, the analysis found.

The federal pay numbers are the first full budget-year results since President Obama froze across-the-board automatic pay increases for federal workers in 2011 and 2012. Federal employees are still eligible for other pay increases, however, such as those for longevity, performance and promotions.

Average pay for federal IT workers rose more than the overall average for federal workers, USA Today found. For example, computer engineers saw an increase of 3.7 percent in fiscal 2011, with the average pay rate coming in at $102,912. Computer clerks and assistants saw an average increase of 1.7 percent, with average salaries coming in at $39,173, the analysis found.

USA Today also found that federal workers made an average of $75,296 last year, plus $28,323 in medical, pension and other benefits. That figure is about 60 percent more than the average private sector wage, though many experts argue that the difference is a result of higher levels of education and professional jobs in the federal workforce.

Still, even comparing USA Today's analysis of federal IT workers with the most recent IT salary survey by Dice.com, federal IT pros still come out on top. For example, Dice's 2010-2011 annual salary survey found that private sector technology salaries increased by an average of only 0.7 percent, to $79,384 last year.

The House on Tuesday passed legislation that would finance the payroll tax holiday partly through extending the two-year federal pay freeze through 2013 and increasing the amount government workers contribute to their pensions. But what impact could such measures have on the federal IT workforce going forward? According to a new survey by Dice, it could mean bad news for recruiting and retaining federal IT professionals, many of whom could face much brighter prospects in the private sector.

Of nearly 1,200 IT-focused hiring managers and recruiters surveyed by Dice, 65 percent said their companies or clients are looking to add technology professionals in the first half of 2012, with 27 percent looking to expand their staffs by more than 20 percent.

Many companies are using pay incentives to lure tech workers. Forty-two percent of hiring managers and recruiters predicted that salaries for new hires would grow in the coming year. This marks a slight drop from 47 percent in May 2011, but is still nearly a dozen percentage points higher than the results of any hiring survey since June 2008, Dice found. Still, like federal workers, IT pros in the private sector also are facing flat salaries, with 44 percent of respondents indicating that salaries are the same as last year.

Nearly half (48 percent) of respondents said that the time to fill open tech jobs has grown longer than the year before, with 57 percent of that group saying the hiring delays are due to a shortage of qualified tech talent, while 31 percent said the economy was slowing hiring efforts. Tech professionals with six to 10 years of experience are most in demand by companies, followed by those with two to five years in IT, Dice found.

But despite the sluggish economy, the risk of layoffs at private companies is low, the survey found. For corporate hiring managers who recruit for their own needs, just 16 percent said that layoffs are likely in the first six months of 2012. Many hiring managers (38 percent) are concerned that voluntary departures will increase in 2012, compared to 43 percent who were concerned about attrition in mid-2011, the survey found.

Does the possibility of better prospects in the private sector, particularly in light of a potential federal pay freeze extension, make you want to jump ship on your federal IT job?

The Homeland Security Department earlier this week released a blueprint for managing and protecting the nation against cybersecurity threats. Not surprisingly, one aspect of the strategy includes investing in the cybersecurity workforce.

The plan -- the Blueprint for a Secure Cyber Future -- was released Dec. 12 and aims to better protect critical information infrastructure and build a stronger cyber ecosystem for the future. More specifically, the blueprint includes efforts to provide specialized and continuing security training to cybersecurity professionals, including training that allows them to design, build and operate IT systems that are "fundamentally secure and resilient."

The blueprint also includes efforts to create a "common body of knowledge" for cybersecurity workers, particularly through increased classroom-based and immersive learning environments as well as through rotational assignments of personnel between the public and private sectors. The plan also focuses on the development and use of capability and skills maturity models, which describe the general and technical skills necessary at various levels for cybersecurity work.

DHS also plans to build up both the public and private cybersecurity workforce as part of the plan, in part by helping to develop a rigorous cybersecurity and software assurance curriculum through the National Initiative for Cybersecurity Education. The agency also emphasizes incentives like scholarships, grants, subsidies and tax incentives for cybersecurity workers as part of the plan.

Finally, the blueprint focuses on improving recruitment and retention of cyber workers through faster hiring, challenging assignments, structured career paths and employee satisfaction surveys.

"The increasing volume and sophistication of cyber exploitation demands heightened situational awareness, secure implementation of technology, coordinated incident response, demonstrated resilience in critical functions and a professionalized cybersecurity workforce that is dynamically managed," the blueprint states.

It looks like the long-anticipated tidal wave of retirements is finally starting to sweep the federal government. Federal Times reports that retirement applications have risen sharply -- by 24 percent -- over the first 10 months of 2011, according to Office of Personnel Management statistics.

The total number of retirements has topped 92,000 this year, and if that rate continues, nearly 104,700 federal employees are projected to retire in 2011. That means the government could see its highest level of retirements since at least 2001, Federal Times reports. According to OPM, retirements over the past decade have fluctuated between 75,000 and 95,000 annually, aside from 2006, when more than 103,000 employees retired.

Federal News Radio also reports that retirements are not the only problems plaguing agencies. Regular attrition, particularly due to the two-year federal pay freeze, agency buyouts and early-out retirements, are also causing a "brain drain" for agencies, said John Palguta, vice president for policy at the Partnership for Public Service.

So what are agencies to do? Palguta urges federal managers to prepare through workforce planning, assessing budgets and communicating with employees. "When your boat is riding low in the water, you don't need a tsunami to be swamped," Palguta told Federal News Radio. "You just need an unexpected swell that comes over the gun rails."

Meanwhile, OPM has issued guidance to agencies on how they can temporarily rehire retirees without affecting their pension benefits and without seeking OPM approval.

Have retirements and attrition impacted your agency over the past year?

Younger workers increasingly are demanding a mobile work environment, including the possibility of using their own personal smartphones and computers for work use. But many organizations are not prepared for such changes, a new survey by Citrix suggests.

The survey of more than 1,100 senior executives and IT managers in the United States and across the world found that 35 percent of businesses are under greater pressure than five years ago to adopt more flexible work practices that promote better work-life balance for employees.

But overall, use of personal devices in the workplace poses a challenge for most organizations. For example, 62 percent of businesses surveyed said they have no controls in place to manage these devices, and 45 percent of IT managers said they are unaware of all the devices being used, raising questions about security and privacy, the survey found.

Still, 25 percent of companies already support the use of smartphones, tablets and other devices in the workplace. Many of those organizations are seeing productivity gains of up to 36 percent as a result of employees using both personal and business devices, Citrix found.

Earlier this year, former federal CIO Vivek Kundra spoke about a future where federal employees could forgo a work phone and laptop and do all of their work using their personal technology.

Is your agency seeing greater demands for mobile work, and do personal devices pose a challenge for your IT managers?

While several federal agencies have or are working to address cybersecurity workforce planning, all face challenges in defining cybersecurity work and filling highly technical positions, according to a new report by the Government Accountability Office.

The report, issued Tuesday, found that five of eight agencies, including the Defense and Homeland Security departments, have established plans or other activities addressing cybersecurity workforce planning. Yet all of the agencies reviewed by GAO faced challenges in determining the size of their cyber workforce due to variations in how work is defined and the lack of an occupational series for cybersecurity.

For example, all agencies had defined the roles and responsibilities necessary for cybersecurity work, but such roles did not always align with the guidelines issued by the federal Chief Information Officers Council and the National Institute of Standards and Technology, GAO found.

Agencies also reported difficulty in filling highly technical positions, challenges with the length and complexity of the federal hiring process and discrepancies in compensation across agencies. In addition, some agencies used incentives to recruit and retain cyber workers, but none of them had metrics in place to measure the effectiveness of those incentives, GAO found.

GAO also noted differences in training and development requirements and programs at various agencies. Cyber workers at the Defense and Commerce departments, for example, are required to obtain certifications and fulfill continuing education requirements, GAO noted, but other agencies use an informal or ad hoc approach to identifying required training.

The Obama administration in 2010 launched a nationwide cybersecurity education program designed to bolster cyber awareness, education and training. The program -- the National Initiative for Cybersecurity Education -- aims to improve the cyber talent pipeline and the recruitment, retention and training of government and private sector cyber professionals. Earlier this month, the administration released a draft cybersecurity workforce framework that is available for public comment.

But GAO noted that the NICE program lacks plans defining tasks and milestones to achieve its objectives, a clear list of agency activities that are part of the initiative and a means to measure the progress of each activity. And while many agencies like NIST, DHS and the Office of Personnel Management, have taken steps to define skills, competencies and responsibilities required for federal cybersecurity work, most of those efforts overlap and there are no plans in place to promote the use of these efforts by individual agencies, GAO found.

In addition, the government's Scholarship for Service program, run by the National Science Foundation, is a useful source of new federal cyber talent, but the program lacks data on whether participants remain in the government long-term, GAO noted.

GAO recommended that agencies better collaborate on cyber workforce planning efforts and develop governmentwide strategies for tracking and defining cybersecurity work, implementing training standards and measuring progress.

"Threats to federal information technology infrastructure and systems continue to grow in number and sophistication," the report states. "The ability to make federal IT infrastructure and systems security depends on the knowledge, skills and abilities of the federal and contractor workforce that implements and maintains these systems."

Overall federal employee satisfaction has declined slightly since 2010, and satisfaction levels continue to trail behind the private sector, according to the new Best Places to Work in the Federal Government rankings by the nonprofit Partnership for Public Service.

The results showed a governmentwide employee satisfaction score of 64 out of 100 for 2011, representing a 1.5 percent decrease from 2010, but still 5.7 percent higher than 2003 when the rankings were first published. Federal employees' satisfaction levels continue to lag behind the private sector, which had a satisfaction index score of 70 out of 100 this year, a slight drop from 70.6 in 2010, the study found.

The "results show a decline in employee satisfaction compared to 2010, but not as big a drop as one might have expected given the difficult economic and political climate that has led to a federal pay freeze, the possibility of reduced worker benefits, threats of government shutdowns and the certainty of significant agency budget reductions," the report states.

Of the 33 large agencies, the Federal Deposit Insurance Corporation took the top spot, moving up two slots from 2010. The FDIC unseated the Nuclear Regulatory Commission, which ranked second this year after holding the top spot three times in a row, and the Government Accountability Office ranked third. The Smithsonian Institution and NASA rounded out the top five.

Among small agencies, the Surface Transportation Board ranked first for the third survey in a row, and reached the all-time high Best Places to Work employee satisfaction score of 91.1 out of 100.

The National Archives and Records Administration was the lowest-rated large agency for the second straight year, while the departments of Housing and Urban Development and Homeland Security also received low scores. The Office of the U.S. Trade Representative and the Federal Election Commission were ranked at the bottom among small agencies.

Meanwhile, the survey found that leadership continues to be the key driver of employee satisfaction, meaning many agencies can turn their scores around by focusing on effective leadership. Other key factors influencing satisfaction were a belief by employees that their skills were well-suited to their agency's mission and a satisfaction with pay.

"The rise in employee satisfaction at some agencies suggests that a determined focus on good management can have a positive impact in the workplace even in tough times," the report states.