Federal agencies consider awarding bonuses to cybersecurity personnel

By this point, it is well established that the federal government has a cybersecurity problem. Among the most prominent aspects of this issue is that agencies struggle to recruit and retain cybersecurity professionals. The private sector is often the more tempting option to these experts, offering higher pay and greater opportunity to innovate without the same level of bureaucratic restraints.

As FedTech Magazine reported, one strategy that some federal agencies are considering, and in some cases embracing, to combat this issue is the use of bonuses. By awarding bonuses, agencies hope to persuade more cybersecurity professionals to devote their talents to protecting federal networks.

State Department success
Speaking to the news source, Peter Gouldmann, director of information risk programs for the State Department's Office of Information Assurance, noted that the State Department has a much better track record than most agencies when it comes to holding onto cybersecurity talent. Competitive pay and bonuses have proven critical to this success, he explained.

"[W]hen we get good people, we can generally keep them," said Gouldmann, the news source reported. "That's because we employ a retention bonus program that a lot of agencies don't do."

Overcoming hurdles
However, as FedTech Magazine pointed out, all other agencies lack the authority to offer such salaries and bonuses. This may soon change, though, as the Senate Committee on Homeland Security and Governmental Affairs recently emphasized the need to adopt new strategies for recruiting cybersecurity experts. To this end, the committee proposed legislation, the DHS Cybersecurity Workforce Recruitment and Retention Act of 2014,  that would allow the Department of Homeland Security to set basic pay rates and provide additional compensation to personnel.

"Our government needs the best and brightest to combat 21st century threats," said Committee Chairman Sen. Tom Carper, the news source noted.

Yet this bill concerns only the DHS. Even if passed, other agencies will continue to struggle to secure their digital assets against evolving cyberthreats.

For example, the news source pointed to the Transportation and Security Administration. According to FedTech Magazine, this department allows employees to pursue professional certifications, thereby improving their cybersecurity credentials. However, Jill Vaughan, deputy CIO for the TSA, noted that financial limitations and other factors make it difficult for the department to keep employee morale high in regard to cybersecurity.