White House seeks whole of society approach, immigration reform to boost cyber workforce

The Biden administration's strategy for boosting the cybersecurity workforce looks to government, private sector and non-profits.
Then-acting National Cyber Director Kemba Walden, right, with Megan Stifel, chief strategy officer for the Institute for Security and Technology, at event on ransomware in Washington in May 2023. (Photo courtesy of the Institute for Security and Technology)

The Biden administration’s strategy for building the U.S. cybersecurity workforce calls for government, industry and civil-society groups to collaborate in increasing the number of cybersecurity workers and also urges an overhaul of the U.S. immigration system.

To address a dire shortage of cybersecurity workers, Monday’s strategy document takes a broad approach in overhauling the cybersecurity workforce. “The national cyber director’s office can only really task federal departments and agencies, because realistically we need all of society. We need them to be feel supported and heard and seen as we approach these ecosystem models,” Acting National Cyber Director Kemba Walden told CyberScoop.

The National Cyber Workforce and Education Strategy strategy focuses on four major pillars: equipping every American with cyber skills, transforming cyber education, expanding and enhancing the national cyber workforce and strengthening the federal cyber workforce. The strategy relies heavily on non-governmental and private sector entities to provide funding, internship and apprenticeship programs to increase the number of workers with cybersecurity skills.

The strategy also calls on Congress to enact “meaningful immigration reform” to expand the workforce and retain foreign-born cyber workers that have been trained in the U.S. “People are the center of cyber. We need to be able to think through how we train, how we retain, how we recruit talent,” Walden told CyberScoop. “Immigration reform is a part of that process.”


While the exact number of open cybersecurity jobs is unclear, the strategy cites figures from (ISC)², a nonprofit association of certified cyber workers, estimating that there are more than 400,000 unfilled jobs in the cybersecurity industry.

That shortfall represents both a risk to national security and an economic opportunity, Biden administration officials argue. Monday’s strategy document is “as much an economic plan as it is a cyber plan,” Camille Stewart Gloster, deputy national cyber director of technology and ecosystem security, said during a press briefing. By emphasizing diversity, equity and inclusion, the administration hopes to reach sufficiently large numbers of workers to “address the challenges at scale,” Gloster said.

Speaking at a Washington event marking the release of the strategy, Walden compared the current economic transformation being wrought by digital technologies to the industrial revolution. Just as the industrial revolution brought economic gains to minorities, migrants and low-wage laborers, the administration sees the digital revolution as a chance to spread wealth.

“With this expansion of the industrial workforce came the great American middle class,” Walden said. “We did it before in the industrial industrial age, and we are doing it now in this digital age.”

Rob Shriver, the deputy director of the U.S. Office of Personnel Management, said on Monday that his office is “exploring ways to realign many of the tech, cyber, AI and data roles” to eliminate “the need for previous work experience or a degree if you can demonstrate that you’ve got the skills to do the job.”


“Not only does this expand the talent pool for agencies to pull from, but it also removes barriers that once held qualified people back from public service,” Shriver said.

The release of the strategy document was accompanied by a long-list of grant-making activities by federal government agencies and private sector and non-profit groups.

The National Science Foundation announced $24 million in grants for cyber education at universities. The Department of Labor announced $65 million in grant programs to 45 states and territories for the development of cybersecurity apprenticeship programs. The National Institute of Standards and Technology said it would spend $3.6 million to fund cybersecurity workforce and education projects.

The advocacy group Black Tech Street announced a collaboration with Microsoft aiming to create more than 1,000 jobs for Black cyber professionals in the Greenwood neighborhood in Tulsa, Oklahoma. The Center for Cyber Technology Innovation will provide up to 200 small water utilities with basic cybersecurity training. The philanthropist Craig Newmark said he would double his existing cybersecurity-focused grants to $100 million.

Google said it would spend $20 million to fund cybersecurity education, and CrowdStrike said it would fill more than 300 internship positions.


The strategy also includes guidance sheets for government employees and employers, educators and workers about how to access resources and information.

The White House is seeking to change more than just employment numbers. The strategy makes the case that basic cyber skills are becoming an increasingly vital part of the everyday lives of Americans as society becomes more interconnected. The strategy calls out “foundational cyber skills” that should be instilled into the general public which include, including digital literacy, computational literacy and digital resilience.

Latest Podcasts