How Government Workforce Policies and Programs Support the Most Vulnerable

With nearly three million people in the federal workforce, the government has to be prepared to support employees with a wide variety of needs. With a workforce that resembles the population as a whole, the policies that the government puts in place can be used as an example for private sector companies as well as for organizations supporting our nation's more vulnerable populations.

The following three programs illustrate the ways the government is supporting its workforce and citizens when they are in vulnerable situations. Continue reading

Creating an Inventory of Tech and People for More Secure Systems

Moving to a zero-trust model for cybersecurity is dependent on understanding who and what needs access to your network. While simple to say, it is not as simple to do. Government agencies are currently focused on ensuring they have the full picture of what is on the network and who they need to support securing those assets.

Defining the Ecosystem

As agencies progress on their zero-trust journey, understanding every piece that touches networks becomes critical. These touchpoints often extend beyond traditional technology solutions. The growth of Internet of Things (IoT) devices introduces operational technology into the IT architecture.

Edge computing devices being used by field staff, sensors, and cameras all provide valuable data and efficiency, but they also provide an entry point for bad actors. Because of this, the Office of Management and Budget has tasked agencies with creating an IoT Inventory by the end of fiscal 2024. The memo details the breadth of devices to be inventoried, including building maintenance systems, environmental sensors, specialized equipment in hospitals and laboratories, and more. With this inventory in place, agencies will be able to take advantage of a new working group on the CISO Council, which will define IoT and OT security best practices.

New Approach = New Talent

With cybersecurity permeating every aspect of government operations - from traditional IT to the operational systems mentioned above - we need to take a look at how we train the federal workforce. With a recognized cybersecurity skills gap, new efforts are underway to grow a workforce trained and able to take on cybersecurity challenges.

  • The Federal Cybersecurity Workforce Expansion Act has been introduced to grow the federal cybersecurity workforce through the creation of several programs including a focus on providing cybersecurity training to veterans.
  • Keeping cyber talent in government is just as critical as training new talent. The Office of Personnel Management has created the cyber rotational program to allow federal employees to move to details at other agencies, providing the opportunity for growth within the federal government.
  • The National Geospatial-Intelligence Agency is building its cyber ranks with the next generation. It created a program to hire high school students as interns and give them top-secret security clearances to work on mission-critical work.

GovEvents and GovWhitePapers have a host of resources that detail how agencies can get a handle on the things they need to secure and the people they need to do that work.

  • Identify, Evaluate & Prioritize Industrial Cyber Risk (January 10, 2024; webcast) - Industrial control system (ICS) security represents one of the more challenging areas for security professionals. It's often a legacy system that wasn't designed with security in mind and, because it's different from traditional IT assets, it has very different security requirements. And no surprise--such systems are increasingly targeted by sophisticated cyberattackers, including ransomware gangs and nation-state actors. Learn how to harden OT assets against cyber-threats, identify critical endpoint vulnerabilities and risks, enable rapid recovery, and more.
  • Bridging the Cybersecurity Talent Gap in Government (January 11, 2024; webcast) - Navigating the unique challenges of the government and public sector demands a specialized approach to cybersecurity talent. This session will unveil groundbreaking methods, from upskilling your current team to leveraging a pre-vetted cybersecurity talent pool. It will also explore government-funded cybersecurity training programs to enhance your workforce.
  • Federal News Network's Industry Exchange Cyber (January 22, 2024; webcast) - Gain a perspective on cybersecurity issues critical to government: intelligence, endpoint management and remediation, identity security, cybersecurity asset management, and security orchestration and response.
  • CyberSmart 2024: Cybersecurity Faces a Rapidly Changing Landscape (January 25, 2024; Reston, VA) - Just as agencies are implementing zero-trust architecture to help with this wave, other IT developments are threatening to upend cybersecurity even more. Artificial intelligence is being incorporated into software, even as elected officials and regulatory agencies are trying to develop new rules of the road for its use. At the same time, historically offline operations technology is beginning to be integrated with IT systems, opening up the OT to attacks that previously weren't feasible.
  • Cybersecurity (white paper) - The increasing use of communication technologies relying on complex data, technology, communication, and interconnectivity has expanded attack surfaces and increased the potential risk of malicious exploitation. The Department of Homeland Security Science & Technology's Cybersecurity Program leverages multidisciplinary expertise to research, analyze, and develop cutting-edge cybersecurity technologies and capabilities to improve the protection and resilience of our national critical infrastructure and federal and state departments and agencies.
  • Accelerate Cybersecurity Mandate Compliance (white paper) - In the push to comply with a multitude of cybersecurity mandates, federal agencies are faced with challenges of cost, complexity, and delays to achieve full compliance. Failure to fully implement the requirements of these mandates, however, is not an option when critical infrastructure, public services, and national security are at risk from an ever-expanding threat landscape.
  • Building the Cybersecurity Workforce Pipeline (white paper) - This report analyzes the National Centers of Academic Excellence in Cyber (NCAE-C), a consortium of institutions designated as centers of excellence by the National Security Agency, to determine how NCAE-C designated institutions fare compared to other schools in graduating students with cyber-related degrees and credentials.

For more on the government's path to zero trust, explore the resources available on GovEvents and GovWhitePapers.

The Next Generation of Government

While the feared "silver tsunami" of retirements never really transpired, the government workforce is worryingly aging. More than 70% of the federal workforce is age 40 or older. In the general workforce, only 54% are 40 or older. This skewed population is not only worrisome in terms of retirements interrupting continuity, but also introduces a huge risk in terms of diversity. Younger workers may lack experience, but they bring with them a perspective that is critical in designing services and solutions that meet the needs of citizens under 40. Younger workers may also have more up-to-date training in leading-edge technologies currently being deployed across government.

The public service call of government is a huge plus for younger workers who want a job where they can make a difference and find meaning. However, the outdated, lengthy hiring process and pay scales keep many from applying. These and other recognized barriers are being addressed across government to inject youth into the federal service workforce. Continue reading

How the Federal Government is Implementing Diversity, Equity, and Inclusion Practices

Diversity, equity, and inclusion are key focus areas of the Biden administration's President's Management Agenda (PMA). Additionally, the administration issued an executive order in June 2021 directing agencies across government to implement more diversity training, rethink the use of salary history as a basis for pay determinations, and supply gender non-conforming and nonbinary and transgender employees with credentials that reflect their current names, pictures and pronouns. Finally, in November 2021 the administration offered a strategic plan to help guide agencies in diversity efforts, asking for the submission of agency-specific Diversity, Equity, Inclusion, and Accessibility (DEIA) plans by March 2023.

Diversity Today

This focus is starting to show results. The Office of Personnel Management (OPM) released a first-ever report on the diversity of the federal workforce. It looked at hiring and retention across agencies and gave a snapshot of the administration's efforts to remove barriers for applicants from underrepresented communities. The report finds small but encouraging gains in racial diversity between 2017 and 2021 with Black employees rising from 18.15 percent to 18.19 percent of the federal workforce. Latinx made a much larger jump rising from 8.75 percent to 9.95 percent. Women's representation grew from 43.38 percent of the workforce in 2017 to 44.44 percent in 2021. Future reporting will look at nonbinary workers. Continue reading

More conferences fall victim to tight budgets

Originally posted by Eric Yoder on The Washington Post

Add two annual conferences on federal employee benefits to the list of meetings that have fallen victim to the current fiscal climate.

The Office of Personnel Management told agencies Wednesday that "based on the current budgetary situation facing Federal agencies," it is canceling its 2013 Benefits Conference, which last year was held in June, and its Fall Festival of Training, held last year in November. "Our survey of headquarters benefits officers indicated very few benefit officers will be able to attend this year," it said.

"We will work to develop alternative training opportunities such as webcasts during the rest of this year. While they will not be a complete, nor in some ways sufficient, substitute for the conference, they will allow us to continue providing training for benefits officers on critical issues," the message to agencies said.

The conferences are geared toward educating federal benefits officers about the details of employee benefits, improving their counseling skills and similar instruction.

The General Services Administration similarly recently canceled several conferences, also citing expected low attendance. Under guidance from the Office of Management Budget and internal policies, agencies are limiting spending on travel, training, conferences and similar expenses.

OPM said it plans to conduct a benefits training event in Pittsburgh next spring.