Federal government cybersecurity employees say that more training and employer-paid security certifications would be the strongest lure for them to remain with the government—ahead of higher pay, more flexible working schedules and more support for remote work.
Those were among the results of a study by the Center for Cyber Safety and Education in partnership with the Booz-Allen consulting firm, based on an online survey of about 2,600 federal civilian, military and contractor personnel involved in cybersecurity. They held positions such as information assurance manager, security analyst and security engineer.
Their greatest desires for training were in the areas of cloud computing, information risk management, incident response, security engineering and threat intelligence.
The survey also found that 50 percent believed that federal agency information security has improved in the prior year, largely citing improved awareness, improved understanding of risk management and more effective security standards. Of those who believe it had stayed the same (36 percent) or gotten worse (4 percent) the most common issues were lack of qualified employees, inadequate funding and ineffective security standards; the other 10 percent expressed no opinion.
Shortages of qualified personnel, in turn, were blamed on difficulty in finding them and retaining them in a competitive market, and insufficient understanding of requirements for information security. But even given those challenges, nearly two-thirds said they expected an increase in information security professionals in their work unit in the next year, a third expected staffing to remain the same and only 4 percent predicted a decrease.