Executive Summary

The National Science Foundation’s (NSF) CyberCorps scholarship-for-service (SFS) program is a direct cyber talent pipeline into the federal workforce that awards grants to institutions that then provide generous scholarships to students pursuing degrees in cyber and cyber-related fields of study. In exchange, students agree to work for the federal government for the same length of time as their award. Despite its longevity, there is minimal public research about the CyberCorps program.* Given recent calls for CyberCorps program expansion, this paper identifies trends found from interviews with principal investigators (PIs) from participating institutions in the CyberCorps program.* These insights may help policymakers, program decision-makers, and academic institutions to better assess how the program might expand, what factors might prevent expansion or greater participation, and ultimately how to increase the output of cyber talent into the federal workforce and beyond. Additionally, the findings and recommendations provide important observations that are relevant to the build-out of the proposed artificial intelligence (AI) federal SFS program.

This report helps to shed light on why institutions seek to be part of the program, what factors make an institution’s program successful, what fields of study student recipients are pursuing, and why programs might focus on graduate students over undergraduate students—all of which inform the changes PIs would like to see in the CyberCorps program. Suggested improvements include: (1) structuring the program to allow for more PhD candidates, (2) increasing inclusion of community and technical college talent, (3) considering other metrics for program evaluation besides achieving 100% recipient placement in the federal government, and (4) streamlining the grant-renewal process for successful institutions while also considering the rising costs of tuition and living. PIs offered recommendations to improve the onboarding and retention of CyberCorps graduates within the federal government. Recommendations include addressing security clearance wait times and other federal hiring uncertainties and increasing awareness of the CyberCorps program among hiring authorities across the government.

Recommendations

The following recommendations are based upon the assumption that the CyberCorps program’s primary goal is to place cyber talent into the federal workforce:

Adding more PhD candidates to the program should be based on the federal demand for all educational levels of cyber talent. Doctorates presently make up less than 2% of the federal cyber workforce. Without knowing the actual federal demand for this talent, supporting more PhD CyberCorps students might not necessarily be in the program’s best interest considering the limited number of undergraduate and graduate students already being produced. However, if there is a high federal demand for PhD cyber talent, then CyberCorps could be missing an important opportunity to funnel highly educated candidates into the federal workforce.

Individuals with an education level between high school and a bachelor’s degree, which we can assume is an associate’s degree or similar, make up a larger 16% of the federal cyber workforce. Despite this progress, community and technical college graduates might not be eligible for certain federal jobs despite demonstrating core competencies or technical skills. This is likely due to a predominant focus on four-year degrees as a minimum qualification, which limits the potential of community college talent.

The CyberCorps program and the federal government should prioritize reducing hiring uncertainties and increasing retention efforts for CyberCorps recipients. If CyberCorps recipients are willing and able to enter the federal workforce, the hiring process should not dissuade them from fulfilling their obligations when they could easily turn to the private sector. Ideally, and given the amount of federal dollars invested in each candidate, recipients should be able to begin their security clearance process prior to graduation and should have specific hiring preference outside of general cyber-related special hiring authorities.

The NSF should streamline the renewal process for successful programs and consider other metrics for program evaluation. PIs expressed frustration with the renewal process despite maintaining programs that meet NSF requirements, and would like to see the cost of living and tuition taken into consideration when granting or renewing an award. Additionally, there is a sense among PIs that grants focus too much on research as a metric for program evaluation. Not every institution has the capacity or purpose to produce high-quality or experimental applied cyber research, but this does not mean that the institution isn’t still producing much-needed cyber talent.

* The National Security Commission on Artificial Intelligence, the Cyber Solarium Commission 2.0, and the National Cyber Workforce and Education Strategy all recommend some form of CyberCorps program expansion or improvement.