Skip to main content

Looking Ahead at the Cybersecurity Workforce at the Federal Aviation Administration (2021) / Chapter Skim
Currently Skimming:

3 Managing the Career/Employee Lifecycle for a Diverse Cybersecurity Workforce
Pages 25-54

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.


From page 25...
... This chapter and the next use this adapted ELC model to structure the discussion about building a diverse cybersecurity workforce that can support the FAA's needs in the 21st century. The chapter begins with an overview of the current cybersecurity workforce, which serves as a background for the subsequent discussion of specific practices and needs.
Read the entire page →
From page 26...
... 4. Development - The following stage of the employee lifecycle model is the employee development stage.
Read the entire page →
From page 27...
... . The National Initiative Cybersecurity Education (NICE)
Read the entire page →
From page 28...
... in the U.S. Department of Commerce.1 Given the global shortage of cybersecurity professionals, every federal agency will be continuing to compete for a relatively small number of cybersecurity professionals, and therefore a robust long-term strategy for ensuring a cybersecurity workforce will rely on growing the pool of available candidates and developing the required skills in the existing workforce.
Read the entire page →
From page 29...
... After reviewing key aspects of recruitment and selection, including cyber aptitude assessment, this chapter con­siders federal approaches to talent development and recruitment, as well as federal recruitment flexibilities. Key Aspects of Recruitment Recruitment is the first step in the selection process and is therefore essential in building a cybersecurity workforce.
Read the entire page →
From page 30...
... Finding 3-3: Organizational reputation and positioning is a critical component of recruitment and talent attraction efforts. An organization uses many tools in the recruitment process.
Read the entire page →
From page 31...
... Applicant screening tools, including questions targeted at specific jobs, are used to provide standardized methods for obtaining background and qualification information on potential candidates. Questions typically focus on work experience and education, including licensing when appropriate.
Read the entire page →
From page 32...
... . This section discusses several federal programs aimed at developing cybersecurity talent, as well as the guidance that helps federal agencies define their cybersecurity workforce.
Read the entire page →
From page 33...
... , shall continue a Federal cyber Scholarship-For-Service program to recruit and train the next generation of informa tion technology professionals, industrial control system security professionals, and security managers to meet the needs of the cybersecurity mission for Federal, State, local, and tribal governments; provide scholarships through qualified institutions of higher education, including community colleges; provide the scholarship recipients with summer internship opportunities; and, prioritize the employment placement of scholarship recipients in the Federal Government.11 For younger students, NIST also funded five pilot programs for the Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS) Cybersecurity Education and Workforce Development in 2016.
Read the entire page →
From page 34...
... Federal agencies also have the flexibility to request special pay rates for highdemand positions and offer other incentives such as loan repayment assistance for federally insured student loans. Finding 3-4: To aid in the recruitment process federal agencies are able "To recruit and retain personnel with the critical skills needed to accomplish their missions, federal agencies can offer incentives, such as recruitment, relocation, and retention incentive payments; student loan repayments; annual leave enhancements; and scholarships" (Marinos, 2017)
Read the entire page →
From page 35...
... The National Academies' 2018 report Assessing and Responding to the Computer Science Undergraduate Enrollments points to some ways to build/foster effective partnerships between academia and industry. For example, partnerships between K–12 curriculum specialists are also important to support early and persistent cybersecurity education to expand pathways to cybersecurity professions.
Read the entire page →
From page 36...
... Creating a specialized SFS program for the FAA may not be necessary, but reviewing best practices of other federal agencies in securing cybersecurity talent will be important. Immersive experiences in cybersecurity do not have to take on the traditional design of summer internships.
Read the entire page →
From page 37...
... . By partnering with the Cybersecurity Talent Initiative, current federal partners such as the Federal Bureau of Investigation and the Department of Homeland Security can simultaneously meet their cybersecurity workforce needs and improve diversity in the workplace (Kempinski and Cunningham, 2020)
Read the entire page →
From page 38...
... Employers should actively engage in awareness and recruitment activities year-round to ensure that their organization is visible and trusted to potential candidates. During the committee presentations, we heard from representatives of the Department of Education and United States Coast Guard on how they recruit and the tools they employ to hire a diverse cybersecurity workforce.
Read the entire page →
From page 39...
... Traditional approaches to training as well as emergent trends, such as serious games and simulations of varying levels of fidelity, can provide levels of customization for employee needs. Key activities in this stage of the cycle include reskilling and training, educational conferences, certification, performance management, and organizational culture.
Read the entire page →
From page 40...
... Extensive research in cybersecurity education (McGettrick et al., 2014; Schneider, 2013) has come to the same conclusion -- that how a practitioner thinks about problems, rather than the specific technical skills and knowledge, is the key component in the education of effective cybersecurity professionals.
Read the entire page →
From page 41...
... With the demand increasing for cybersecurity professionals, effective cybersecurity education is essential to have a qualified workforce. There are numerous formal and informal education efforts under way including professional certifications, college-level internships and scholarships, high school efforts, and earlier school efforts, all discussed below.
Read the entire page →
From page 42...
... . Increasing numbers of individuals consider themselves to be cybersecurity professionals based on their job roles and educational and work experience, and professionalization activities are occurring throughout government agencies and the private sector.
Read the entire page →
From page 43...
... Performance Management Performance management within organizations has evolved from older traditional approaches to performance appraisal (Pulakos et al., 2019)
Read the entire page →
From page 44...
... Finally, the strategic component helps upper and top management achieve business objectives and goals. An effective performance management system can help ensure there are no surprises to individuals in that they are continually informed of their performance and are provided feedback regarding their performance.
Read the entire page →
From page 45...
... Performance management is concerned with several essential elements, including describing the job effectively (via a job analysis) , ensuring criterion relevance without contamination and deficiency in job duties and responsibilities and the associated ratings by relevant sources (supervisor, peers, customers)
Read the entire page →
From page 46...
... Finding 3-17: The future FAA cyber workforce will need skills and competencies, certifications, credentials, qualifications, career entry points, and career development pathways to achieve and sustain the mission of the FAA. Workforce Strategies and Best Practices Like many organizations, the FAA is facing an increasing challenge of managing and expanding the set of skills required in its cybersecurity workforce.
Read the entire page →
From page 47...
... For example, recognizing that elements ranging from policy to technology keep information secure, curriculum designers might use the model to develop a business curriculum module that would emphasize management aspects of cybersecurity -- policy, compliance procedures, developing an organizational culture of security through awareness training. Coordination with Human Resources The above view runs counter to the view that many in the general public have that cybersecurity is purely a technical discipline.
Read the entire page →
From page 48...
... The committee also explored performance management strategies to cultivate cybersecurity competencies in the workforce. The section on talent development examined long-term initiatives that seek to support the growth of the cybersecurity workforce through the development of a hiring pipeline that involves cultivating cybersecurity talent in educational institutions.
Read the entire page →
From page 49...
... RECOMMENDATION 3-1: The Federal Aviation Administration should evaluate the use of existing and future internship programs as valuable tools to create a more diverse cybersecurity workforce. RECOMMENDATION 3-2: At the organizational level, promoting and marketing the agency as an attractive/­fulfilling/rewarding place for cybersecurity would facilitate recruiting.
Read the entire page →
From page 50...
... RECOMMENDATION 3-5: Reskilling the existing workforce can be an important component of devel oping the needed future cybersecurity workforce for the Federal Aviation Administration and over time worker reskilling should grow beyond technical skills to include managerial and operational skills. RECOMMENDATION 3-6: The Federal Aviation Administration should continue to use the National Initiative Cybersecurity Education tool to develop work roles that fit into a larger, well-designed orga nizational structure.
Read the entire page →
From page 51...
... 2006. Performance appraisal, performance management and improving individual perfor mance: A motivational framework.
Read the entire page →
From page 52...
... 2020. "Government Cyber Workforce Challenges." Presentation to Committee on Cybersecurity Workforce of the Federal Aviation Administration.
Read the entire page →
From page 53...
... ." Presentation to Committee on Cybersecurity Workforce of the Federal Aviation Administration. April 22, 2020.
Read the entire page →
From page 54...
... 2020. "Towards Gender Balance CyberSecurity Workforce." Presentation to Committee on Cybersecurity Workforce of the Federal Aviation Administration.
Read the entire page →

Key Terms

  • performance management
  • diverse cybersecurity
  • federal aviation
  • aviation administration
  • cybersecurity education

  • cybersecurity professionals
  • cybersecurity talent
  • employee lifecycle
  • sfs program
  • elc model

  • cyber workforce
  • workforce development
  • nice framework
  • serious games
  • organizational culture

  • cyber career
  • cyber security
  • job analysis
  • performance appraisal
  • talent development

  • recruitment process
  • technical skills
  • potential candidates
  • lifecycle model
  • cyber aptitude

  • job postings
  • awareness training
  • work roles
  • human resource
  • cybersecurity field


    • This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
    More information on Chapter Skim is available.