Arlington VA, Aug 2018 - DHS's National Cybersecurity and Communications Integration Center (NCCIC) serves as the hub for the federal government's cyber situational awareness, incident response, and management center for malicious cyber activity. Image: Cliff Owen/AP/Shutterstock

A White House order on strengthening cybersecurity nationwide in general includes a provision to create a rotational program to boost those skills in the federal workforce, the latest of many such initiatives.

The order instructs OPM and OMB to establish within three months a “rotational assignment program, which will serve as a mechanism for knowledge transfer and a development program for cybersecurity practitioners,” with provisions for training and mentoring.


Also, within six months OPM and other agencies are to “identify a list of cybersecurity aptitude assessments for agencies to use in identifying current employees with the potential to acquire cybersecurity skills for placement in reskilling programs to perform cybersecurity work.” Agencies are to incorporate those assessments into their personnel development programs.

The Senate recently passed a bill to create a similar rotational program and efforts have been under way for years to better define which federal positions involve cybersecurity skills and where there are shortages. The government meanwhile has increased its use of shortcut hiring procedures and incentive pay and has started a program of retraining employees to take on such roles.

In the order, agencies further were encouraged to use existing awards programs, and to create new ones if needed, to recognize employees for their achievements in cybersecurity. Also, a new “President’s Cup Cybersecurity Competition” is to be created for federal employees and military personnel “to identify, challenge, and reward the United States government’s best cybersecurity practitioners and teams across offensive and defensive cybersecurity disciplines.”

Among provisions not directly involving federal workers, the order meanwhile sets standards for agencies to assess the cyber capabilities of their contractors.