A proposed new program for rotation of cybersecurity employees among agencies would be a step toward creating a government-wide cadre of people with those skills, according to a Senate report.

A bill (S-406) now ready for a full Senate vote would allow temporary details of cyber workers to other agencies with the goal of helping address needs and building the skills of the employees. The report noted that cybersecurity has been on GAO’s high-risk list since 2003 and the subject of numerous reports since, highlighting problems including recruiting and retention difficulties and a fragmented approach that sometimes leads to agencies competing against each other for employees.


A 2015 law required agencies to catalog their cyber workforces, identify positions with the greatest shortages and craft plans to address them. Further, the administration’s government reorganization plan calls for the establishment of a unified cybersecurity federal workforce across the government. “This bill would complement” those initiatives, the report says.

Agencies would decide which positions are suitable for such rotations, which normally would last six months but could be extended, and after which the employee would have to remain at the original agency for at least as long a time.