March 11, 2025
Subscribe and listen anytime on Apple Podcasts, Spotify, or anytime at FedGovToday.com.
In the rapidly evolving world of cybersecurity, the U.S. federal government faces an urgent challenge: retaining the skilled 
professionals it has worked hard to recruit. Ken Bible, former Chief Information Security Officer (CISO) at the Department of Homeland Security (DHS), recently joined Francis to discuss the risks and opportunities facing the cyber workforce. From hiring strategies to zero trust frameworks, Bible provided critical insights into the shifting federal cybersecurity landscape—and the risks that come with potential workforce reductions.
The Cyber Talent Management System: A Double-Edged Sword?
One of the major topics Bible addressed was the Cyber Talent Management System (CTMS), an initiative designed to modernize how DHS recruits and retains cybersecurity professionals. The goal of CTMS was to attract talent by allowing more flexible hiring processes, but it also introduced an extended probationary period, which now leaves many employees vulnerable to layoffs.
According to Bible, as of June 2024, nearly 200 employees in DHS’s Office of the Chief Information Officer (CIO) were hired under CTMS. While this hiring approach has been successful in attracting talent, its probationary policies mean that these employees could be let go more easily. This concern has grown more pressing in light of workforce reductions across federal agencies.
Bible noted that agencies like CISA and FEMA have already seen attrition among cyber employees due to these policies, raising concerns about the government’s ability to retain critical expertise. In the highly competitive Washington, D.C. cybersecurity job market, where private-sector salaries often outmatch government pay, losing skilled cyber professionals could be a significant blow to national security efforts.
Building a Cyber Workforce for the Future
Bible key argues that the federal government needs to rethink how it defines cybersecurity talent. The old model of requiring five years of experience for entry-level positions is outdated and impractical. Instead, Bible emphasized the importance of hiring individuals with strong aptitude and potential, rather than focusing strictly on prior work experience.
He pointed to DHS’s strategy of bringing in young professionals or those new to the cybersecurity field and training them on operational technology, industrial control systems, and the Internet of Things—areas of cybersecurity that are becoming increasingly critical. With evolving threats, particularly from foreign cyber adversaries, Bible argued that the next generation of cyber talent must be adaptable and ready to confront new challenges, such as securing artificial intelligence-driven systems.
Zero Trust and Emerging Cyber Threats
Bible also discussed the broader cybersecurity landscape, including the growing importance of zero trust frameworks. As cyber threats become more sophisticated, federal agencies are implementing zero trust security models to reduce the risk of unauthorized access and breaches.
In addition to discussing workforce concerns, Bible touched on recent cyber threats like Volt Typhoon and Silk Typhoon, which highlight the vulnerabilities in U.S. telecommunications infrastructure. The rise of these persistent threats reinforces the need for government agencies to continue developing cyber resilience strategies.
Bible emphasized that federal cybersecurity professionals need to stay ahead of emerging threats and that their value isn’t just in maintaining existing systems, but also in understanding and mitigating future risks. He urged government leaders to recognize the contributions of cybersecurity teams and ensure that workforce reductions do not compromise national security.
The Human Side of Workforce Reductions
Beyond the technical aspects, Bible also spoke about the human impact of potential layoffs. Drawing from his own experience of being caught in a Reduction in Force in 1994, he advised employees to separate their self-worth from their job status. His key message to cybersecurity professionals facing uncertainty was clear: your skills are valuable no matter where you go.
He warned against the perception that private-sector cybersecurity jobs are inherently more prestigious or valuable than government positions. Instead, he encouraged federal cybersecurity professionals to focus on the mission they serve—protecting national security through their expertise and dedication.
Please fill out the requested information below