The talent shortage in both public and private sector cyber roles is well known, but it remains a difficult problem to address. Some statistics put the shortage at over 750,000 people in the United States alone. This impacts entities of all sizes—from the Department of Defense filling critical cybersecurity roles to local nonprofits—and presents both cybersecurity and national security risks.

The White House released the National Cyber Workforce and Education Strategy (NCWES) on July 31, which is the latest piece of the National Cybersecurity Strategy Implementation Plan. The R Street Institute was honored to provide thoughts and ideas during the drafting phase. While there is still work to do in the short and long-term, the NCWES identifies initiatives to help address our cyber workforce challenges.

The NCWES is split into four pillars: 1) Equip Every American with Foundational Cyber Skills; 2) Transform Cyber Education; 3) Expand and Enhance the National Cyber Workforce; and 4) Strengthen the Federal Cyber Workforce. There is a lot to expand on, but a few items and themes are worth highlighting and providing initial reactions on.

Multiple themes of the NCWES align with efforts of R Street’s cyber team, which has a history of engaging on the cyber workforce through its #MakingSpace and CyberBase initiatives. Launched in 2021, #MakingSpace aims to increase speaker and expert diversity at participating events. The coalition is committed to elevating diverse ideas and individuals, and enhancing scholarship within the cybersecurity space. CyberBase is a curated, interactive list of Black cybersecurity experts that is open to recruiters, policymakers, influencers, reporters and key decision-makers. The CyberBase blog series was our latest effort, which highlighted topics like filling the cyber skills gap, cybersecurity volunteering and resources for making a career change to cybersecurity. The team also regularly speaks on the cyber workforce and support the work of other organizations like The Consortium of Cybersecurity Clinics.

Looking ahead, the Office of the National Cyber Director is responsible for the implementation of this strategy, including refining roles, responsibilities, metrics and timelines. It is clear that multiple federal agencies, industry, civil society, educators and all Americans have a part to play.

Get the latest cybersecurity policy in your inbox. Sign up for R Street’s newsletter today.

More Cybersecurity Policy