It is no secret that Silicon Valley and Washington have dramatically different workplace cultures and attitudes toward risk and technology. In the valley, savvy entrepreneurs look to disrupt the status quo. Meanwhile in Washington, many of our elected representatives and government personnel are stuck decades in the digital past, forced to use equipment that would be better housed in a museum. This divide inhibits the country’s ability to respond effectively to long-standing problems such as vulnerable critical infrastructure and to adapt in light of new threats such as election interference operations and loss of advanced intelligence capabilities. Washington needs to boost its technical chops and find new ways to recruit private-sector talent.
To this end, Congress should take steps to support new workforce models that facilitate cross-pollination of talent between private-sector technologists and government agencies. In a recent white paper for the Center for Long-Term Cybersecurity at UC Berkeley, one of us has put forth a proposal for a "Cyber Workforce Incubator," which would recruit America’s most talented technologists to one- or two-year fellowships in Silicon Valley. This initiative would enable U.S. government agencies—in particular, the Department of Defense, the National Security Agency, the Federal Bureau of Investigation and the Central Intelligence Agency—to maximize use of private-sector talent to solve some of their toughest technological innovation challenges.
Government agencies have a tough time recruiting top talent. Even before U.S. Cyber Command’s recent elevation—which is likely to foster many new job openings—the director of the NSA, Adm. Mike Rogers, said that Cyber Command was “hard-pressed” to find qualified candidates for its teams.
In addition to the problems posed by bureaucracy and comparatively low pay, federal employees must also grapple with an information technology and infrastructure budget that is still locked up in the operation and maintenance of aging legacy systems. For example, agencies still use Windows 3.1 and IBM mainframes from the 1970s, and national security systems remain reliant on floppy disks. While some programs such as 18F (an office within the General Services Administration) and the United States Digital Service have found ways to be innovative, much of the federal government is still stuck in the past.
Further, technologists working at a start-up or a large company like Google might have significant reservations about going into civil service. For starters, they would have to move across the country, sacrifice social and professional networks, and give up the dynamic workplace culture that was at least part of the original attraction to the technology sector. Even more problematic, extended public service actually risks dulling their expertise and marketability because it’s extremely hard to keep up with the latest technology once inside government—and even harder when working inside a secure government building.
The creation of a federally funded Cyber Workforce Incubator, incorporated as a not-for-profit 501(c)(3), could help mitigate these problems by offering the best of both the private and public sectors. As a West Coast-based, nongovernmental entity, it could help build a workplace environment and culture that attracts top technologists while allowing them to stay rooted in their social and professional networks. Designed for unclassified and classified work, such an incubator would use cutting-edge solutions drawn from the private sector to deploy tiger teams to address mission-critical government technology challenges.
Initially the incubator would recruit a class of one- or two-year fellows, based on DARPA’s innovation model. Over time, its “graduates” would form a large talent pool for complementary government technology efforts, such as In-Q-Tel, DIUx and TechCongress. These participants would build valuable experience working with government-specific challenges. This would allow the U.S. defense and intelligence communities to leverage the expertise and know-how of technologists who are not (and may never want to be) federal employees or contractors.
Congress should first enact legislation to clear the way for initial program funding, part of which could also come from private foundations and partnerships with major tech companies. Then it should empower the Department of Defense or other agencies to staff up a pilot, encourage relevant agencies to participate, and authorize an expedited clearance process in order to facilitate the program’s rotational system.
The incubator has a number of valuable near-term uses: It could help implement the Trump administration’s efforts to secure and make more efficient the use of IT across the federal government; tackle the growing threat of coordinated or state-sponsored cyberattacks; and create a deeper bench to respond to major cyber events, such as the massive data breach at Equifax that compromised the information of as many as 143 million Americans. Once in place, the incubator would also offer long-term strategic benefits to the U.S. government, while helping to make all Americans safer and more secure.