Assess Today & Plan for Tomorrow

Assessing the Workforce

To develop the next generation of cybersecurity professionals, organizations first need to understand where their current capabilities lie, and then find a way to fill in the gaps and plan for their future workforce needs. In order to help the federal government’s efforts, DHS is partnering with the Federal CIO Council to conduct the IT Workforce Assessment for Cybersecurity ( ITWAC).

The Assessment is an anonymous online assessment collecting federal IT workforce characteristics and cybersecurity capabilities from federal employees with IT responsibilities regardless of occupational series. The assessment incorporates the National Cybersecurity Workforce Framework (the Framework) to facilitate the identification of the members of the IT workforce with cybersecurity responsibilities and determine their alignment with the knowledge, skills, and abilities of the Framework. The assessment will deploy in October 2012 for three weeks, and will survey approximately 30 to 50 thousand employees across federal agencies. The assessment will be distributed to all Federal employees with IT responsibilities, regardless of occupational series.

The results of this assessment can be used by interested federal organizations to identify their strengths and weaknesses within their cybersecurity workforce, and will provide a foundation upon which human capital organizations can build cybersecurity workforce management efforts. The inventory collected will ultimately provide data and information to agencies on the current characteristics and capabilities of the Federal cybersecurity workforce that can assist in workforce planning and reporting activities such as: E-Government Act mandates, OPM HCAAF guidelines, FISMA requirements, Clinger-Cohen Act mandates, EEO management directives, and GAO recommendations.

In addition, once the federal organizations baseline their strengths, they can then assess their workforce for gaps, and ultimately better plan for future needs.

Planning for Future Workforce Needs

Workforce planning is a systematic way for organizations to determine future human capital requirements (demand), identify current human capital capabilities (supply), and design and implement strategies to transition the current workforce to the desired future work state. Good workforce planning is designed in a repeatable and reliable fashion, highlighting risks and forecasting needs over time.

Effective workforce planning highlights potential risk areas associated with aligning the workforce to specific requirements. Applied correctly, workforce planning allows organizations to adjust resources to meet future workloads, patterns of work, and fundamental changes in how work is accomplished. A workforce planning approach must fit the needs of a specific organization and account for unique characteristics of the cybersecurity profession.

Leading practice workforce planning consists of three components:

• Process: Establishing an integrated and consistent means of diagnosing workforce needs and risks. This includes a defined model, data, and analytics.
• Strategy: Providing a direct line of sight between business and workforce requirements. This includes a shared vision, governance, and continuous monitoring or performance.
• Infrastructure: Supporting execution of an effective and repeatable workforce planning process. This includes a healthy workforce or people, collaboration across levels and enabling technology.

Additionally, cybersecurity workforce planning will require a shared vision and performance management.  A shared vision will provide a common language and taxonomy to define cybersecurity workload and workforce allowing agile response to emerging technology and new threats.  Performance management is also key to evaluating cybersecurity professionals’ demonstrable skills of specific technology-based specialties.  The National Cybersecurity Framework provides additional support to organizations in considering this critical aspect of cybersecurity workforce planning. To learn more about Workforce Planning, visit the Workforce Planning page.