How Federal Agencies Can Fulfill the Next Steps of the FCWAA

On 25 January 2019, the longest U.S. government shutdown in history came to an end. It’s unclear exactly what impact this closure had on the government’s digital security. A SecurityScorecard report found that the shutdown coincided with a rise of expired SSL certificates protecting .gov domains, thereby producing a slight dip in overall network security ratings. But that same publication also found increases in endpoint security and patching cadence, possibly because many workstations were shut down and because essential employees had time to implement overdue software patches.

The long-term digital security damage caused by shutdown is even more uncertain. As reported by Fedeal Computer Week, House Homeland Security Committee chairman Bennie Thompson (D-Miss.) said it’s likely that the Department of Homeland Security (DHS) and Congress “will be dealing with the consequences of [the shutdown] for months — or even years — to come.” These effects could include difficulties of hiring personnel for federal digital security positions.

Margot Conrad, director of federal workforce programs at the Partnership for Public Service, is well aware of those potential challenges. As she told Nextgov:

If you’re a highly qualified person in the tech field or the cyber field, you’ve got a lot of employers out there that are looking to scoop you up. I do think agencies are really going to be hurting now in terms of recruiting the next generation of talent that [they] desperately need.

These hiring difficulties are a problem for two reasons. First, federal agencies will potentially have a harder time to attract talent, which will translate into a poorer digital security posture overall. Second, their efforts to fulfill the Federal Cybersecurity Workforce Assessment Act (FCWAA) could prove to be more challenging, as they’ll now need to account for even greater numbers of vacant positions (Read more...)