Upskilling, Reskilling and Training as a Tool
Since hiring a contingent of cyber analysts isn’t an option, DOD must make the most of what it has. Thankfully, the Pentagon and its components have people who can quickly adapt to take on these added responsibilities.
Private sector recruiters have long hailed military members as valuable candidates for cybersecurity positions after they leave service, to the extent that many organizations have developed specific training programs to help veterans transition into cyber careers. Active-duty personnel, even those not currently working in cyber positions, possess those same traits — giving DOD a deep talent pool from which to pull.
One easy way to draw from the ranks is to mine for internal candidates within IT departments. I’ve heard time and again that the best source of cyber talent is internal candidates who know IT and already understand how the organization works.
Because each military branch has different processes and operations, transitioning someone in the IT department and reskilling them to do cyber work is a lot more efficient than looking for external candidates. You don’t need to integrate internal hires because they already understand the workflows and culture of their respective components.
DISCOVER: These are DOD’s and the IC’s top priorities for 2025.
Beyond that, broadening the skills of the current cyber workforce acts as another effective way to bolster DOD’s cyber posture. Upskilling tracks with the administration’s push for more efficient operations across government.
Giving cyber employees the ability to serve in rotations and gain on-the-job experience creates a stable of workers with diverse skill sets that can jump into just about any job when the situation calls for it. A side effect of upskilling is that it also helps with retention by showing you’re willing to invest in employees’ educations and keep them interested in their jobs.
Both solutions described above require training to be truly effective, but not all programs are equal. For DOD to take advantage of reskilling and upskilling, it must invest in performance-based training led by instructors who are active security practitioners and consistently aligned with the evolving threat landscape.
Real-world experience is essential because teachers can tailor lessons to address the newest cyberthreats and arm cyber workers with the skills to defend against those challenges. To that end, training programs should also include classes that put students in high-pressure situations that mirror what it will be like to identify and address cyberattacks in real time. That way, instructors can evaluate students on how they perform, rather than simply how good they are at taking a test.
UP NEXT: The Asus ROG Ally resolved a Navy training challenge.