DON CIO Discusses Changing Requirements for the Cyber/IT Workforce
Published, February 17, 2012
The Department of the Navy Chief Information Officer spoke of the need to change requirements of the Department of Navy Cyber/IT workforce to stay competitive in the rapidly changing IT environment of today. During the DON IT Conference, Terry Halvorsen, DON CIO, spoke of his multidimensional approach to further professionalize the workforce through updating skill requirements, increasing coordination with DON business owners and revising laws to meet today's ever-changing virtual landscape.
As part of the effort, Halvorsen said he will work to align DON IT infrastructure, people, processes and policies to maximize the department's efficiency and effectiveness. The main end-goal is to have a Cyber/IT workforce that is agile, forward-looking and knowledgeable of industry trends, technology advances and new cyber threats.
To be successful, it will be necessary to build the depth of expertise and further professionalize the DON's Cyber/IT workforce. Halvorsen noted that this will require some investment both from the department and its employees. One mechanism to ensure the workforce stays on the cutting edge is to require professional certifications, from basic Microsoft certifications to more complex security- and cyber-related ones, to self-certifications that have been successfully used in avionics.
Halvorsen also said that the DON may require specific educational requirements for future jobs as current and relevant education is key to the organization's future success. "The cyber-workforce of today comes into the field with the same knowledge as someone who has been in the field for 30 years," he said. "It is a matter of experience." The addition of educational requirements will require collaboration with and engagement of DON legal, acquisition and personnel.
Another focus must be on the integration of security and operations, Halvorsen said. The IT workforce must understand that security must be embedded in every part of the DON's operational systems. As security and cyber threats grow in number and complexity, the DON must have a Cyber/IT workforce that can respond to those changes.
"How the workforce enables the DON to meet challenges the future holds will be a result of the best ideas and expertise that the civilians, military and contractors bring," Halvorsen said. "One way to do this is to increase flexibility while maintaining the cadre of bench strength that can react to emergencies and challenges." This can be accomplished by increasing DON focus on priority areas and establishing the mechanisms to retrain personnel quickly to acquire new skill sets, such as in the medical technology field, which has faced rapid change in the recent past.
Another challenge, Halvorsen said, is that department personnel expect the level of IT services to continue to improve. This expectation is often held by personnel who are not in IT-focused jobs so they do not understand all that is required to keep the networks running. These intensifying expectations come at a time when the DON is facing cuts of $2 billion to IT business systems.
Both in the DON and in industry, the Cyber/IT workforce must be able to clearly and easily communicate what they do to the non-technical personnel in order to maximize positive impacts and eliminate needless confusion. In addition to enhancing relationships with the IT community's customers, it will help convey resources or requirements needs concisely when leaders are making decisions on funding or program resourcing. The IT community must be able to do this, whether communicating via an email, a white paper or a PowerPoint presentation.
"IT has become a utility. It is expected to work. We -- the IT community -- make it look easy while in the background we are running around like crazy to make sure all the steps are working. We are bad at communicating what is required to keep things running," Halvorsen said. "We must be able to speak with personnel from different work streams to ensure we understand the interactions between IT support and different business processes. We need to be able to understand our customers' needs."
Another way to achieve savings and implement more efficient and effective systems is by understanding and leveraging related business processes in multiple parts of the department. "Changes in process must accompany IT changes to achieve savings. Rarely do IT changes alone save money," Halvorsen said.
This will require the Cyber/IT workforce and business owners to work together to better understand the process maps and integration points with IT systems in order to standardize them across the enterprise and, ultimately, save money. To support this, the Cyber/IT workforce must understand data structure, organization and standardization. Right now, further investigation is required to have a comprehensive view of all existing connections and to understand second- and third-order effects. As this process moves forward, Halvorsen noted that some systems need to change for the long-term benefit of the DON.
A final challenge the Cyber/IT workforce must contend with is the prevalence of antiquated laws that were not written for the online and networked world of today. "We are working in a virtual world and up to now, the laws have not been set up for a virtual world," Halvorsen said. "There are much better laws about audio, than video, and really none about cyber."
You may listen to the audio or download the transcript (below) of the entire session, which includes questions from the audience.