As they face questions about whether they’ll be able to fill crucial jobs, particularly in cybersecurity, a group of state and local chief information officers said last week they’re hopeful the sense of civic duty helps them land new talent.
The CIOs’ workforce worries, which were highlighted in two nationwide surveys earlier this month, dominated a discussion between four state IT leaders and two local officials — all of whom shared their own difficulties in recruiting and keeping employees — last Thursday at the Michigan Cyber Summit. According to the surveys, published by the National Association of State CIOs, both chief information officers and chief information security officers said they’re approaching a “crisis” for staffing public-sector IT and cybersecurity.
But both surveys found that the call to public service still holds appeal, especially to younger workers hitting the beginning or primes of their careers. That’s led to some CIOs, like Ohio’s Katrina Flory, seeing an opportunity.
“We’re pushing the ‘Team Ohio’ idea,” Flory said during the panel discussion at the conference in Novi, Michigan.
Flory said she’s accompanied other state agencies, like the Ohio Department of Health, to recruitment fairs where candidates were sometimes unfamiliar with job openings at Flory’s office within the Department of Administrative Service. But Columbus can be a tough labor market for any government agency. The state faces competition from several major employers, including Nationwide Insurance, JPMorgan Chase and the Ohio State University.
It’s a familiar challenge to state and local IT leaders.
“The biggest challenge is financial,” Detroit CIO Art Thompson said during the panel. “No matter what I have it’s not going to be enough. I can’t really compete with the private sector.”
Expanded internship and apprenticeship programs have helped CIOs find people for entry-level roles. Indiana CIO Tracy Barnes pointed to a two-year-old program open to students and current workers in non-technical fields, including, he said, commercial drivers, retail employees and restaurant waitstaff.
But even solid training programs can run into another bugbear of IT leaders: Degree requirements and stuffy job descriptions that turn away potential applicants. “I have a great internship program, but my entry-level security job requires years of experience, so it’s a non-starter,” said West Virginia CIO Josh Spence.
Spence said he’s developing new programs that don’t require previous experience and trying to pull back on educational prerequisites for jobs with his agency, particularly if people have worked for the state previously.
“You have institutional knowledge that allows you to hit the ground running,”
Maintaining good relationships with current employees is also crucial, the CIOs said. Flory said she meets monthly with leaders of Ohio state workers’ union. She told StateScoop those meetings are good for “communication and change management,” such as when the state rolled out multi-factor authentication for all employees or streamlined minimum qualifications for new hires.
“They’ve got the ear of their membership,” she said.
But few CIOs have control over their respective states’ hiring practices, with many states’ human-resources practices handled at an enterprise level. Barnes said he’s been able to bring on an IT-minded HR director. And Michigan CIO Laura Clark said she’s working with the state’s Civil Service Commission to study salaries, modernize job titles and get rid of hoary requirements — like words typed per minute.
“That doesn’t tell people we’re trying to recruit that we are moving toward more modern technology,” Clark said on stage. “Classifications in civil service mean something for pay scale, but it doesn’t mean anything to the market we’re trying to appeal to.”
Clark said she recently secured an additional $3.1 million to hire 19 additional employees. But she said IT and cyber staffing needs to look not just at a state’s current portfolio, but what technologies it’ll be using in the future.
“We don’t just want to use those positions to fill holes,” she said during the panel. “How does RPA or AI help us progress forward, and what are the skill sets we need for those workloads? And do we have that on our cyber staff team?”
Connecting with the mission
Still, the public-service appeal may hold the most sway, Clark and others at the Michigan event said.
“People don’t cover to federal government or state and local government for money,” Cybersecurity and Infrastructure Security Agency Director Jen Easterly said in an interview. “People come for the the sense of mission.”
Easterly, whose agency last year rolled out a new talent-management plan that allows it to offer salaries competitive with cyber positions in the private sector, said “we have to have much greater flexibility” in how government hires, with a priority placed more on “attitude and aptitude” than on academic credentials.
She also credited Clark with “building a culture where people feel like they’re making a real impact and they’re valued and empowered.”
New employees, especially younger ones, “need to connect with the mission,” Clark told StateScoop.
“We are a strong leader in cyber,” she said. “We do cutting edge technologies and have a lot of opportunities. There are few positions where you actually impact 10 million residents.”