The alarming escalation in cyberthreats, especially over the last year, has seen a consequential rise in demand for skilled security personnel. Jobs in cybersecurity are now all the rage across the globe. However, the rise in demand has a downside for government agencies looking to hire skilled personnel. Thanks to President Donald Trump's recent decision to freeze new hires, the prospect of attracting and retaining cybersecurity personnel has become even more difficult for government organisations.
Officials are concerned about maintaining the security of government networks and computers, which are now feared to be more vulnerable than before. Government computers and networks, which often run on outdated software, are generally a constant target for independent and state-sponsored hackers. Although major breaches are rare, they can be calamitous in nature when they occur. The first line of defence against such cyberattacks are security personnel, who are now considered to be an invaluable part of any organisation, but may likely balk at working for the government.
"Cybersecurity professionals are in extremely high demand, which means that the government is competing with the private sector, who is paying a premium for this talent," Dan Jacobs, the cybersecurity programme coordinator at the Government Services Administration, told Vocativ.
"It's hard enough already to retain talent. This will make it that much harder," one unnamed IT staffer at an unspecified federal agency, who was not authorised to speak on behalf of her department, said.
According to Ann Dunkin, who until recently served as the chief information officer at the Environmental Protection Agency (EPA), Trump's hiring freeze is likely to make it harder to recruit tech professionals. Dunkin, like many others, resigned her post at President Trump's request on 20 January.
"There are some very critical security contracts in process at EPA right now, so that is deeply scary," Dunkin said. "The federal government is trying very, very hard, and has been making some really great progress" in hiring tech personnel, she said. "And then you basically put the brakes on it, and potentially people start going backwards."
The hiring freeze is sure to a create problems in retaining those already offered positions as well. Hiring cybersecurity experts can be a time consuming process, given the time it takes to complete background checks, issue security clearances and so forth. It reportedly takes around nine months to a year for prospective employees between a successful interview and starting work.
"You often find people who say 'yes I want to serve my country,'" Dunkin said. However it is not uncommon for people to find another job while they wait to start. "There is a job market, they're looking, they find something else. They graduated from college and they need to be employed," she added.
Pay - government vs corporate sector
According to the US Bureau of Labor Statistics, computer and information systems managers earned an average of $131,600 (£104,918) in 2015. However, according to the Office of Personnel Management, federal IT employees, including those in the CIA and NSA received an average salary of around $99,527 (£79,336), as of September 2016.
According to cybersecurity firm Rendition Infosec founder Jake Williams, who worked for the DoD looking for security vulnerabilities, it was not uncommon to see talented people move to greener pastures.
"The thinning of the herd unfortunately happens at the top of the skill divide. At the bottom of it are the folks who can't hang, who know they don't have the skills. They end up staying on," he said.
Williams said he has already recruited two employees from the DoD to start working for his firm. "I have several more I am actively targeting right now, and I suspect if you talk to me in a year I'll have hired another six or seven," he said. "As a citizen, I'm concerned. As a business owner, I couldn't be happier."
"I hope [the new administration] quickly understands how vulnerable everyone is, and how important it is to keep our guard up. I suspect folks who are calling the shots will see that," said one recent senior cybersecurity official of a major federal agency, who requested their name and department remain unnamed. "If they don't, it's gonna be hell to pay," the official said.