[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]








                  CLOSING THE TALENT GAP IN FEDERAL IT

=======================================================================

                                HEARING

                               BEFORE THE

                            SUBCOMMITTEE ON
                         INFORMATION TECHNOLOGY

                                 OF THE

                         COMMITTEE ON OVERSIGHT
                         AND GOVERNMENT REFORM
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED FOURTEENTH CONGRESS

                             SECOND SESSION

                               __________

                           SEPTEMBER 22, 2016

                               __________

                           Serial No. 114-160

                               __________

Printed for the use of the Committee on Oversight and Government Reform




[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]






         Available via the World Wide Web: http://www.fdsys.gov
                      http://www.house.gov/reform
                      
                                  ______

                         U.S. GOVERNMENT PUBLISHING OFFICE 

26-069 PDF                     WASHINGTON : 2017 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
                      
              COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

                     JASON CHAFFETZ, Utah, Chairman
JOHN L. MICA, Florida                ELIJAH E. CUMMINGS, Maryland, 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JOHN J. DUNCAN, Jr., Tennessee       CAROLYN B. MALONEY, New York
JIM JORDAN, Ohio                     ELEANOR HOLMES NORTON, District of 
TIM WALBERG, Michigan                    Columbia
JUSTIN AMASH, Michigan               WM. LACY CLAY, Missouri
PAUL A. GOSAR, Arizona               STEPHEN F. LYNCH, Massachusetts
SCOTT DesJARLAIS, Tennessee          JIM COOPER, Tennessee
TREY GOWDY, South Carolina           GERALD E. CONNOLLY, Virginia
BLAKE FARENTHOLD, Texas              MATT CARTWRIGHT, Pennsylvania
CYNTHIA M. LUMMIS, Wyoming           TAMMY DUCKWORTH, Illinois
THOMAS MASSIE, Kentucky              ROBIN L. KELLY, Illinois
MARK MEADOWS, North Carolina         BRENDA L. LAWRENCE, Michigan
RON DeSANTIS, Florida                TED LIEU, California
MICK, MULVANEY, South Carolina       BONNIE WATSON COLEMAN, New Jersey
KEN BUCK, Colorado                   STACEY E. PLASKETT, Virgin Islands
MARK WALKER, North Carolina          MARK DeSAULNIER, California
ROD BLUM, Iowa                       BRENDAN F. BOYLE, Pennsylvania
JODY B. HICE, Georgia                PETER WELCH, Vermont
STEVE RUSSELL, Oklahoma              MICHELLE LUJAN GRISHAM, New Mexico
EARL L. ``BUDDY'' CARTER, Georgia
GLENN GROTHMAN, Wisconsin
WILL HURD, Texas
GARY J. PALMER, Alabama

                   Jennifer Hemingway, Staff Director
                      Sean Brebbia, Senior Counsel
                          William Marx, Clerk
                 David Rapallo, Minority Staff Director
                                 ------                                

                 Subcommittee on Information Technology

                       WILL HURD, Texas, Chairman
BLAKE FARENTHOLD, Texas, Vice Chair  ROBIN L. KELLY, Illinois, Ranking 
MARK WALKER, North Carolina              Member
ROD BLUM, Iowa                       GERALD E. CONNOLLY, Virginia
PAUL A. GOSAR, Arizona               TAMMY DUCKWORTH, Illinois
                                     TED LIEU, California
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                                     
                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on September 22, 2016...............................     1

                               WITNESSES

Dr. Joan Ferrini-Mundy, Assistant Director, Education and Human 
  Resources, National Science Foundation
    Oral Statement...............................................     2
    Written Statement............................................     4
Mr. Scott Montgomery, Vice President and Chief Technical 
  Strategist, Intel Security
    Oral Statement...............................................    13
    Written Statement............................................    16
Mr. Gene Bowman, Executive Director, Alamo Academies
    Oral Statement...............................................    24
    Written Statement............................................    26
Mr. Emile Cambry, Founder, Blue1647
    Oral Statement...............................................    57
    Written Statement............................................    60

                                APPENDIX

Opening Statement of Ranking Member Kelly........................    76
Statement for the Record submitted by The Computing Technology 
  Industry Association...........................................    78

 
                  CLOSING THE TALENT GAP IN FEDERAL IT

                              ----------                              


                      Thursday, September 22, 2016

                  House of Representatives,
            Subcommittee on Information Technology,
              Committee on Oversight and Government Reform,
                                                   Washington, D.C.
    The subcommittee met, pursuant to call, at 3:27 p.m., in 
Room 2154, Rayburn House Office Building, Hon. Will Hurd 
[chairman of the subcommittee] presiding.
    Present: Representatives Hurd, Kelly, and Connolly.
    Mr. Hurd. The Subcommittee on Information Technology will 
come to order. And without objection, the chair is authorized 
to declare a recess at any time.
    We are going to be a little pressed for time today. We are 
going to have a hard stop before votes come out. And so with 
that, I am going to submit my opening statement for the record 
so that we can get to the reason why we are here, and that is 
to talk to our great panel that we have today.
    Mr. Hurd. And I am going to hold the record open for five 
legislative days for any members who would like to submit a 
written statement.
    I want to recognize our panel of witnesses. I am pleased to 
welcome Dr. Joan Ferrini-Mundy, the assistant director of 
Education and Human Resources at the National Science 
Foundation; Mr. Scott Montgomery, vice president and chief 
technical strategist at Intel Security; Mr. Gene Bowman 
executive director of Alamo Academies and from my hometown of 
San Antonio; and Emile Cambry, the founder of BLUE1647.
    And welcome to you all. And pursuant to committee rules, 
all witnesses will be sworn in before they testify. So please 
rise and raise your right hands.
    [Witnesses sworn.]
    Mr. Hurd. Thank you. Please be seated.
    Let the record reflect the witnesses answered in the 
affirmative.
    And in order to allow time for discussion, please limit 
your testimony to five minutes, and your entire written 
statement will be part of the record.
    And again, thank you for being here on such an important 
issue of closing the talent gap in Federal IT. In my 21 months, 
this is the one thing I have heard consistently as a problem 
not only in the government but in the private sector, and it is 
great to have such a distinguished panel here to talk about 
this and also advocate some ways that we can help work together 
and solve this problem.
    And with that, I would like to recognize Dr. Ferrini-Mundy 
for your opening remarks.

                      WINTNESS STATEMENTS

                STATEMENT OF JOAN FERRINI-MUNDY

    Ms. Ferrini-Mundy. Good afternoon, Chairman Hurd, Ranking 
Member Kelly, and other distinguished members of the 
Subcommittee on Information Technology. My name is Joan 
Ferrini-Mundy, and I'm the National Science Foundation's 
assistant director for Education and Human Resources. Thank you 
so much for the opportunity to testify before you today on this 
critical topic for our nation, the preparation of a workforce 
to provide our nation's cybersecurity.
    The directorate that I lead has a unique and crucial 
mission at a science agency within the Federal Government; that 
is, supporting the preparation of a diverse, globally competent 
science, technology, engineering, and mathematics--or STEM--
workforce and a STEM-literate citizenry. We do this by 
providing grants to research and education organizations and 
institutions across the country to support innovation in STEM 
education to build capacity in STEM education for diverse 
students and to do research and evaluation of those efforts.
    Our funding supports both formal education and education 
outside the formal system, for example, work in museums, public 
television programming, and other public engagement. And in 
addition, we fund very important programs for scholarships and 
fellowships.
    Our education investments are closely related to the 
National Science Foundation's research investments, 
particularly in the area of secure and trustworthy computing 
where we fund leading researchers in cybersecurity areas from 
cryptanalysis to cyber physical systems to social networking 
and more.
    Today, I'll focus on just a few of the NSF programs that 
help to build the Nation's workforce for information technology 
and cybersecurity. Specifically, NSF's CyberCorps Scholarship 
for Service, or SFS program, was launched in 2001. We 
coordinate closely with the Office of Personnel Management and 
with the Department of Homeland Security to continue to recruit 
and educate the next generation of cybersecurity professionals 
broadly defined.
    SFS makes awards to institutions of higher education to 
provide scholarships to undergraduate and graduate students in 
strong academic programs in cybersecurity and to develop and 
enhance those cybersecurity programs so that they can remain at 
the cutting edge and of the highest quality.
    Students may be supported for up to three years, and in 
return, they agree to take cybersecurity positions in local, 
State, tribal, or Federal Government for the same duration as 
their scholarships.
    To date, the overall placement in cybersecurity-related 
positions for SFS graduates in government is 94 percent. As of 
last month, there were 62 active SFS institutions, nearly 3,000 
scholarship recipients over the 16 years of the program, over 
2,000 graduates, and over 600 current scholarship-holders.
    NSF's Advanced Technological Education, or ATE, program 
also has a very strong presence in information technology and 
cybersecurity education. That program makes competitive awards 
to community colleges that partner with other academic 
institutions and with local industry to education science and 
engineering students for technician positions. These are 
students at the undergraduate and secondary school levels. ATE 
funds comprehensive centers which may have either a national or 
regional focus, and currently, they are supporting six large 
cybersecurity-focused centers that serve the entire nation.
    NSF also supports the development of a high technology 
workforce for the Nation at the undergraduate and graduate 
levels through several other programs, including the Research 
Experiences for Undergraduates program, which offers intensive 
summer research experiences in all areas of STEM, including 
cybersecurity.
    Taking a longer view, NSF aims to fund projects that 
inspire K-through-12 students to consider high technology and 
cybersecurity careers. The SFS program has partnered with the 
National Security Agency to offer summer camps for K-through-12 
students and teachers to build the pipeline.
    And to help provide better access to computer science at 
the K-through-12 level, NSF has taken on a leading role in the 
Computer Science for All initiative with a commitment of $120 
million over the next five years. Introduction to computational 
thinking and to elements of computer science at the K-through-
12 level can help lay groundwork for the wider range of career 
choices later on.
    Finally, NSF partners with other Federal agencies in 
cybersecurity education through the activities of the National 
Science and Technology Council Committee on STEM Education, the 
National Initiative for Cybersecurity Education, and the 
Cybersecurity National Action Plan.
    Thank you so much for the opportunity to testify today on a 
topic that we at the NSF see as critical for our nation's 
future. I will be pleased to answer any questions that you and 
the other members of the committee may have.
    [Prepared statement of Ms. Ferrini-Mundy follows:]
    
    
 [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
   
        
    Mr. Hurd. Well, Dr. Ferrini-Mundy, I have got to say, we 
have only been doing this for five minutes, you have already 
gotten me excited about a couple of things that you mentioned 
in your opening remarks.
    And also, I want to add I was a beneficiary of an NSF 
program when I was in high school. I got to do an internship at 
the Southwest Research Institute in San Antonio in robotics, 
and that got me excited about computer science, and that is why 
I studied computer science at Texas A&M University. So I am a 
big fan of what you all do. And this is something that I want 
to make sure more kids like me have access to this. So thank 
you for being here.
    Mr. Montgomery, you are now recognized for five minutes.

                 STATEMENT OF SCOTT MONTGOMERY

    Mr. Montgomery. Good afternoon, Chairman Hurd and members 
of the committee. Thank you for the opportunity to testify 
today. My name is Scott Montgomery. I'm the vice president and 
chief technical strategist of the Intel Security Group, and my 
testimony will focus on cybersecurity skills gap and what the 
government, in collaboration with the private sector, can do to 
close it.
    I've been--I've spent 20 years building, designing, 
testifying--or, excuse me, testing and certifying information 
security and privacy solutions for a variety of public and 
private sector organizations.
    Intel is a global leader in computing innovation, designing 
and building the essential foundational technologies that 
support the world's computing devices. When you combine this 
experience with Intel Security's market-leading cybersecurity 
solutions, we bring a unique understanding of the challenges 
threatening our nation's digital infrastructure and global e-
commerce.
    Despite facing an ever-changing threat landscape, further 
complicated by the sharp rise in Internet-enabled devices in 
our personal lives, the job for security practitioners hasn't 
changed: Protect vital services and data from theft, 
manipulation, and loss due to external and internal 
adversaries. We do, however, need to change the way we do our 
job by focusing on ways to reduce security fragmentation, 
automate tasks, and force multiply capabilities.
    Organizations both in the public as well as private sector 
are now more vulnerable in more places. Adversaries are 
increasingly capable of commandeering strategic assets and 
including the critical infrastructure, yet most organizations 
still lack the resources necessary to adequately monitor their 
networks and defend against these sophisticated attacks.
    Earlier this year, the Center for Strategic and 
International Studies, in partnership with Intel Security, 
released ``Hacking the Skills Shortage,'' a global report 
outlining the global talent crisis. The results of the research 
were both stunning and informative.
    A majority of respondents--82 percent--admitted to having a 
shortage of cybersecurity skills, with 71 percent citing this 
shortage as having a direct and measurable impact upon their 
organization and making them more valuable hacking targets.
    In 2015 alone, 209,000 cybersecurity jobs went unfilled in 
the United States, in just the United States. Despite 1 in 4 
respondents confirming their organizations have lost 
proprietary data as a result of this specific skills gap, there 
are no signs that this workforce shortage will abate in the 
near term. Respondents estimated an average of 15 percent of 
their company's available cybersecurity positions could go 
fully unfilled by 2020.
    If the demand for these professionals continues to outpace 
the supply of qualified workers, the United States will face a 
deficit of around one million workers in the next five to ten 
years. With expanding attack surfaces and an increasing 
advanced targeted attacks around the world, the need for a 
technically stronger and numerically increased cyber workforce 
is critical.
    So one of the immediate steps we can take to address this 
issue, in addition to many other sound policy recommendations, 
the President's Cybersecurity National Action Plan, CNAP, calls 
for a $62 million increase in spending to expand training and 
educational programs. Specifically, the plan would build out 
the existing CyberCorps Scholarship for Service program, which 
provides cyber education scholarships in exchange for service 
in the Federal civilian government. This investment is a great 
step forward, but we need to be prepared to do a lot more.
    In particular, we recommend an even larger financial 
investment in existing Federal workforce and education 
programs, a diversity of career paths for interested students, 
and stronger coordination on these initiatives with the private 
sector and industry.
    As Intel Security vice president and general manager Chris 
Young and Chairman Hurd have both urged in the past, the 
government should consider the creation of a Cyber National 
Guard program. The CyberCorps Scholarship for Service and 
reserve programs are ideally situated for students looking to 
pay back their scholarships up front with two or three years in 
Federal service.
    Also, at the State or Federal level, an expanded SFS or 
SFS-style grant program could train and educate a new class of 
cyber practitioners prepared to serve their government on a 
full-time, part-time, or as-needed basis while gaining critical 
experience with the latest private sector innovations.
    The private sector must also be prepared to level-up its 
collaboration with the government to ensure a steady supply of 
worthwhile internships, co-ops, and training opportunities. In 
the CSIS report, a lack of quality training opportunities was 
cited as a significant reason why cyber practitioners seek 
alternative employment. For this reason, it is not only 
imperative that public sector entities compensate their cyber 
professionals well but also provide ample opportunities for 
employees to learn new skills and train on cutting-edge 
technologies.
    Intel supports these efforts through a number of 
initiatives, including investments in STEM education for women 
and girls, curriculum development, a robust paid internship 
program, and partnerships with universities like Purdue, the 
University of Massachusetts, and the U.S. Air Force Academy.
    Finally, investing in more efficient technologies and 
modernizing outdated IT systems will reduce the burden on 
scarce human resources. The CNAP prioritizes this by calling 
for a $3.1 billion IT modernization fund to transform 
cybersecurity management. This initiative has received some 
congressional support with the introduction and successful 
markup of the MOVE IT Act, which would enable retirement, 
replacement, and modernization of legacy IT that is difficult 
to secure and expensive to maintain, and reward government 
departments and agencies who go through harvesting money back 
out of their programs.
    Building out these education and workforce initiatives, in 
tandem with investments in more efficient cyber technologies, 
will make a vital down payment toward closing the cybersecurity 
skills gap.
    I would like to once again thank this distinguished panel 
for giving me the opportunity to discuss these challenges and 
strongly believe that public-private collaboration will 
continue to be our best defense. Thank you.
    [Prepared statement of Mr. Montgomery follows:]
    
    
    
  [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
  
        
    Mr. Hurd. Thank you, Mr. Montgomery, and thank you for the 
reference of the MOVE IT Act, which we had to rename the MGT 
Act, which passed this morning by the way, and that is a pretty 
significant thing and it was because of the great leadership of 
folks like Robin Kelly to make that happen.
    And I also want to thank your organization and Ms. Kelly 
because this idea of a Cyber National Guard really sunk in with 
me at our field hearing in Chicago. And I am glad we went and 
did that, and I am glad, through you all's participation, and 
it really is what--you know, that kind of collaboration outside 
the Beltway with, you know, participants, you know, outside the 
government where you really get some of these cutting-edge 
ideas. So thank you for that.
    Mr. Bowman, welcome. Did you bring me any breakfast tacos?
    Mr. Bowman. I should have. I ate them. Sorry.
    Mr. Hurd. Well, Mr. Bowman, you are now recognized for your 
opening remarks for five minutes.

                    STATEMENT OF GENE BOWMAN

    Mr. Bowman. Thank you very much. Mr. Chairman and members 
of the committee, I'm pleased to be here today speaking to you 
on behalf of the Alamo Academies.
    The Academies are an outstanding program providing 
opportunities and clear pathways for young men and women to 
achieve their American dream. I would like to briefly describe 
the model, then spend the remainder of the time sharing a few 
stories of our successful graduates who are today closing the 
talent gap in the Federal IT career field, as well in the 
private sector.
    The Alamo Academies is an innovative STEM--you heard it 
before, science, technology, engineering, mathematics--demand-
based model connecting high school juniors and seniors with 
employers. These students earn 30 college credits at no 
personal cost, they obtain nationally recognized industry 
certificates, and they participate in an experiential learning 
environment between their junior and senior summer, a paid 
internship, the program's key component kind of like what you 
did earlier in your career, where they have the opportunity 
during this internship to apply the knowledge and skills they 
learned in the college classroom in a real-world environment 
leading to high-wage jobs or further higher education while 
addressing critical workforce needs.
    And let me tell you about five of our graduates who are 
cyber warriors today. Two of them are 22, one is 19, and the 
other two are 18 years old, and all five share the following 
experiences. They participated in the Academy's Information 
Technology Security Academy. They completed paid internships 
with cybersecurity industry partners. They all have earned 
multiple national industry certificates. They all competed in 
the Air Force Association's CyberPatriot competition. They were 
all on the Academy's team that won the local mayor's Cyber Cup 
competition as the best CyberPatriot team in the San Antonio 
region. And each of their teams also made it to the top 12 in 
the Nation and competed in the CyberPatriot National 
Championship in Washington, D.C.
    As a side note and bragging a little bit, the Academy's 
team has won the mayor's Cyber Cup and advanced the national 
champions competition five out of the last six years. Two of 
these young men, Mario and Robert, were on the National 
Championship Team in 2012. Both Mario and Robert and the other 
14 members accomplished their paid internship with the 
Department of Defense at the Air Force's 33rd Network Warfare 
Squadron as entry-level security analysts. Each was awarded a 
secret clearance at 17 years of age and also offered part-time 
employment during their senior year helping defend our nation.
    At 22, Mario already has six years of intense cybersecurity 
experience supporting DOD initiatives, and shortly after 
graduation from the Academies, Mario was offered a position at 
the Pentagon right down the road here as a computer network 
defense analyst with an interim top-secret SCI clearance. He 
recently returned to San Antonio as a lead cybersecurity 
analyst with a DOD contractor supporting the Air Force's Weapon 
and Tactics Team known as the Computer Emergency Response Team, 
which I know you're familiar with.
    Mario has also added recruiter to his duties. He recruited 
two of our recent graduates to be part of our Cyber Warrior 
talent pipeline. These two graduates, Reed and Kyle, are both 
18. They're CyberPatriot national finalists, completed paid 
internships with cybersecurity industry partners, and are 
starting their careers as tier II security analysts.
    Finally, two other examples, Skylar and Robert, Skylar is 
19 years old, CyberPatriot national finalist--seeing a theme 
here--and is employed as a security analyst with the same 
cybersecurity consulting agency in San Antonio that he 
accomplished his paid internship with, a smart move by that 
company, growing their own workforce.
    Robert, 22, has taken his cybersecurity talent into the 
private sector. He's a security analyst, is a member of the 
Information Security Operations Center for his IT company in 
San Antonio. All of these young men have accelerated their 
careers with great salaries, benefits, and no college debt. 
They're having a transformational impact on their families and 
our community. These outstanding graduate stories are part of 
today's submitted written testimony.
    So the moral of this story, a solid model, the Alamo 
Academies, a community collaborative with college-level 
instruction, national industry certificates integrated into the 
curriculum, connected to industry through paid internships 
where the student receives real-world experiences and mentoring 
and providing opportunities to participate in competitive 
programs like CyberPatriot. It's producing outstanding talent 
immediately out of high school to help close the talent gap in 
Federal IT and the private sector.
    I want to thank you for your time and the opportunity to 
share the Alamo Academies story.
    [Prepared statement of Mr. Bowman follows:]
    
    
 [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
   
    
 
    Mr. Hurd. Mr. Bowman, thank you for that. And it gives me 
hope that we are producing the kind of talent we need in order 
to defend our digital infrastructure.
    Mr. Bowman. Thank you.
    Mr. Hurd. Mr. Cambry, you are now recognized for your 
opening remarks for five minutes.

                   STATEMENT OF EMILE CAMBRY

    Mr. Cambry. Thank you, Chairman Hurd, Ranking Member Kelly, 
and all the esteemed members of the Committee on Oversight and 
Government Reform for the opportunity to testify for you today.
    My name is Emile Cambry. I'm the oldest child of an 
immigrant from Haiti and an African-American woman on the west 
side of Chicago. In their youth, my parents endured the 
frustration of economic hardship and the pain and indignity of 
racism and anti-immigrant sentiment firsthand.
    But they overcame the frustration, they overcame the pain, 
and they overcame the indignity to become a doctor and a nurse. 
They had the work ethic and the access to opportunity necessary 
to do what statistics said they never would do--succeed.
    And they made sure they did everything possible to give my 
younger brother and sister the opportunities to overcome the 
obstacles necessary for us to attend top institutions. Thanks 
to their sacrifice, I was able to study economics at the 
University of Chicago and business at Northwestern University's 
graduate school.
    I've since had the opportunity to work at JP Morgan Chase 
in their investment banking unit and teach graduate-level 
business and economic courses at three graduate institutions.
    My parents and all of my life's experience up until three 
years ago helped me realize one thing. Entire communities and 
generations of hardworking, incredibly talented men, women, and 
youth are not being given access to the very opportunities that 
helped my family overcome the hardships in their life.
    That's why I founded an organization that addresses that, 
BLUE1647, to bring opportunity to opportunity deserts across 
the country. BLUE1647 transforms lives and communities by going 
into these opportunity deserts and providing residents with 
access to 21st century tech skills so they can too access the 
opportunities necessary for them to overcome the hardships in 
their life.
    The formula was simple: Go where the need is greatest; 
teach those interested in the most marketable skills; and see 
people overcome poverty, racism, and other hardships in a way 
that you've never seen before.
    And today, I'd like to take the time to talk about how the 
various programs and public sector partnerships I've had the 
chance to build are turning communities with few prospects into 
hubs for tech rock stars that can and will yield an ecosystem 
of diverse talent to fill the 1.2 million new tech jobs that 
will need to be filled by 2020 in this country, and that 
includes Federal IT.
    And already we're starting to see that vision come to 
fruition. While we were founded in Chicago just three years 
ago, thanks to the support of people like Congresswoman Kelly, 
we've since grown to have our tech centers present in eight 
cities and serve over 16,000 youth and adults. Our classes have 
included everything from app and software development, 
traditional IT, cybersecurity, and the Internet of Things.
    Physical location of our innovation centers are important, 
which is why we target in lower socioeconomic areas, and 95 
percent of our students are black or Latino.
    But we don't water down our curriculum because of space, 
place, age, or income. Our software development curriculum is 
Department of Labor-certified for our technology apprenticeship 
program.
    I'd like to take a moment to highlight some of the programs 
and success stories. Our 1919 Program is our Women in Tech and 
Entrepreneurship program. Since its inception a year ago, over 
200 women have participated in our cohort-based program, which 
is 12 weeks in length. We have various tracks and have created 
a community approach for skill development in IT. We will soon 
be adding tracks in project management and cybersecurity.
    We have over a 97 percent net promoter score, and an 
additional 75 women have begun our program this week. All of 
these women are black or Latino.
    Our 21st Century Youth Project is for students as young as 
4 and as old as 17 where we have had some great successes in 
cohort-based training. We have had students intern at Google, 
Answers.com, Accenture, and Microsoft, including starting their 
own ventures. Over 70 students have gone on to matriculate into 
computer science and engineering programs.
    We have hosted the Chief Officers for the United States 
Digital Services Team, United States Chief Data Officer D.J. 
Patil, and have held general recruiting events around Federal 
IT opportunities and careers. Over 200 were in attendance for 
one event, and the major takeaway was that you can serve your 
country using the technology skills, which was a new concept to 
many of our attendees.
    We have executed some tremendous public and private 
partnerships to plant seeds in areas you would not expect. In 
St. Louis, we are a partner in the Jobs-Plus program, a Federal 
HUD program over four years to increase employment prospects in 
housing developments. The housing development we focused on is 
the Clinton Peabody development, where we became--where before 
the program started had a 68 percent unemployment rate, 93 
percent were led by a single mother. At the development, we are 
partnered with the St. Louis Housing Authority, the workforce 
development arm of the--St. Louis, SLATE, and the NAACP of St. 
Louis.
    BLUE1647 installed community Wi-Fi, so residents can 
participate in having Internet access, and we focus on bridging 
the digital divide.
    We conduct technology classes for adults during the day and 
provide afterschool technology immersion for youth after 
school.
    In addition to working with one housing development in St. 
Louis, we started working in six housing developments in Los 
Angeles this week. We do--the more we can replicate our model 
and support other programs like ours, we ultimately create a 
pipeline of tech talent who will be naturally interested in 
technology careers
    Thank you for your time, I'll gladly take any questions 
that members of the committee might have.
    [Prepared statement of Mr. Cambry follows:]
    
    
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    Mr. Hurd. Mr. Cambry, I am usually at these hearings--I 
usually get outraged when I hear opening remarks, but this time 
I am inspired by what is going on, so thank you for being here 
for that.
    And I believe the ranking member is going to submit her 
opening remarks for the record, is that correct? Without 
objection, so moved.
    Mr. Hurd. I am going to recognize myself for five minutes 
and go back and forth with Ms. Kelly until we get the going to 
go to the Floor for votes. And, Ms. Ferrini-Mundy, my first 
question for you is these SFS CyberCorps, you said there is 
about a little over 2,000 graduates from that program starting 
in 2001. You said about 600 active. What is the head room? Have 
we hit the cap?
    Ms. Ferrini-Mundy. Well, we're always looking for 
institutions that can come into the fold. We're funding about 
62 different institutions right now, and so a big piece of our 
activity is to build capacity in more places so that we can 
broaden out the access for students more widely.
    Mr. Hurd. So the scholarships, it is basically a 
scholarship. There is a dollar amount ----
    Ms. Ferrini-Mundy. Right.
    Mr. Hurd.--it is a range, right, depending on ----
    Ms. Ferrini-Mundy. Right.
    Mr. Hurd.--the institution. How many more of these could we 
be doing? Let's assume we have, you know, miraculously you 
can--I'll let you borrow my magic wand. We have these 
institutions. Do we have an idea of, you know, is it 600 more 
students, is it 100 more students, is it 10 more students?
    Ms. Ferrini-Mundy. I mean, we could get back to you with a 
closer analysis of that. It varies by institution type.
    Mr. Hurd. Right.
    Ms. Ferrini-Mundy. We're trying to build up our involvement 
with community colleges so that we again ----
    Mr. Hurd. Yes.
    Ms. Ferrini-Mundy.--see more of a pipeline.
    Mr. Hurd. Could we make--I am sure Mr. Bowman would love to 
be the first, you know, to help be one of the ones that help 
make that--I don't want to speak for you, Mr. Bowman, but I am 
assuming you are not part of the 62 institutions that receive 
some of these CyberCorps scholarships, is that correct?
    Mr. Bowman. Mr. Hurd, we're not today, but we surely can be 
tomorrow.
    Mr. Hurd. Making things happen, huh, Robin Kelly, right 
here?
    And one other thing, and, you know, I am interested in the 
CyberCorps primarily to figure this idea of a Cyber National 
Guard, right? These are going to be folks that don't go 
necessarily in the DOD or the NSA but Social Security 
Administration, Department of Homeland Security, Department of 
Interior. We need people there. And to be able to get them out 
of university when they know that they are going to spend X 
number of years there and that they probably have a job already 
waiting, a good-paying job with a company that is willing to 
loan them back to the Federal Government is important. So I 
have a lot of questions around that.
    But the Computer Science for All program, is that something 
that BLUE1647 is able to tap into? And I would love your 
thoughts on whether that is, and, Mr. Cambry, you know, whether 
that is something that you are even interested in.
    Ms. Ferrini-Mundy. I mean, absolutely. We have a number of 
different places where that program is being funded, most--
primarily in our Innovative Technology Experiences for Students 
and Teachers, and we accept applications from all eligible 
places. We'd love to have great connections that go beyond the 
set of institutions that we typically see.
    So inclusion is a very strong emphasis for us. The other 
place where we are seeing phenomenal engagement from 
communities, from community-based organizations, from a variety 
of industry sectors is under our new INCLUDES program, which 
has 7 of its 37 First Awards are collaboratives among community 
organizations focused on high-tech engagement with minority 
students.
    Mr. Hurd. Mr. Cambry, are you willing to participate and 
learn more about it?
    Mr. Cambry. Absolutely. And for centers like our housing 
developments, we really look at that as truly a model that we 
can truly expand and scale, and having programs that--with the 
curriculum that's already tried and tested only makes our jobs 
easier, which is trying to create a culture of technology 
development to get people excited and engaged and pursue paths 
and careers in technology.
    Mr. Hurd. Great. Thank you. And back to the CyberCorps for 
a second, the CNAP talks about investing more money into that 
program. So, again, when you get back to me on the details, 
where do we think that headroom is, right, because, look, in 
Texas alone in 2015 we had 42,000 computing jobs that went 
unfilled, right? And we are not producing enough to fill that, 
and that is just in private sector, I believe. And the need in 
the Federal Government is even more.
    And so I am going to stop there and turn it over to my 
ranking member and come back and ask some more questions about 
kind of structurally how we can do this in the private sector.
    My good friend and the distinguished gentlelady from the 
great State of Illinois is now recognized for five minutes.
    Ms. Kelly. Thank you so much. First, I just want to 
congratulate you on all your hard work with the bill that was 
passed today. It showed bipartisanship, which people don't 
think we can do, but we have done that on this committee. And 
welcome all of you. I just, though, have to give a special 
shout-out to Mr. Cambry. Emails on my STEM Council that I 
started when I came in the Congress--I have a STEM Council and 
the STEM Academy, and he has helped us greatly, so thank you so 
much. And thanks for all of your testimony.
    I too am very, very concerned about the jobs that go 
unfulfilled but also the lack of Latinos and African-Americans 
that are prepared to fill those jobs. And it is extremely 
important. And when I think about a district like mine where 
our unemployment rate is--even though everything has gone down 
but it is still higher than the national average. And then when 
I visit companies and I hear that they can't find--they don't 
even need to be college graduates but they still can't find 
people to fill those positions. So I am very interested in how 
we can diversify and fill those positions. And they are 
positions that are not minimum-paying jobs but good-paying jobs 
that you can have middle-class income and do the things that 
you need to do.
    I had a set of questions, but listening to you guys, what 
more do you think that Congress needs to do to help reach these 
goals of filling these jobs, more diversification? Do you see--
besides things we are doing today, how can we be more helpful, 
I guess? And that is anybody. Don't be shy.
    Mr. Montgomery. I think one of the things that is already 
in motion, if you look at this administration, this has been a 
very forward-thinking, forward-leaning administration with 
respect to cyber, the number of policies, the number of 
directives, the risk management framework itself.
    One of the things I would urge is that regardless of what 
happens shortly that that energy continue because this is a 
topic that we can't take a four-year break on ----
    Ms. Kelly. Right.
    Mr. Montgomery.--we can't take a four-hour break on, we 
can't take a four-minute break on.
    One of the things that I think would actually help in 
addition to that, Intel in 2015 we've committed $300 million to 
the similar topics as my fellow panelists with respect to women 
and underrepresented minorities to make the workforce more 
diverse specifically in technology.
    But there has to be--there has to be some protection for 
the U.S. Government for its own employees. And what I would 
suggest is that Congress look at modifying the way that 
talented Federal cyber employees are compensated, retained, and 
trained because the lure to the private sector is intense 
because, as you mentioned, Ms. Kelly, the number of spots that 
are open is so demanding that people are looking down the 
street when the only change is money because of that intense 
demand. And we need to make sure that our Federal workforce in 
particular--and this is what Congress can help with--remains 
highly paid, highly trained, highly effective, and highly 
motivated to stay.
    Mr. Bowman. If I may, Ms. Kelly, thank you for the question 
about what Congress can do.
    For the Alamo Academies, a community collaborative program, 
homegrown, one of the things that drive that model with our 
industry partners is a pull system--not a push--a pull system 
to industry demands and requirements to meet their needs.
    And, as Chairman Hurd indicated, he had an internship with 
Southwest Research Institute that kind of got him excited about 
his career and got him on a pathway. That's exactly what the 
Academies are doing today with this model.
    We had over 45 internships last year alone just from the IT 
Academy and about 120 internships in all five academies. That 
model is limited because our capacity depends on how many 
internships we can get with companies. So any incentive--and 
many of our industry partners on the Academies board would love 
to come and help you work on that issue. Any incentive that can 
encourage and motivate companies to take on these internship 
responsibilities even at high school level would show that high 
school young men and women can accomplish these duties and they 
can do it successfully if they're in the right model and 
they're mentored properly. And we're showing that this is 
working and it's been working for the last 16 years.
    In regards to minorities, though, San Antonio is a 
majority-minority community, and over 70 percent of our 
graduates are Hispanics today and 6 percent are African-
American. So I think we're achieving that in our local 
community and modeled like the Academy can do that in whatever 
community that they're in like Mr. Cambry here, you know. 
You've got a couple of great models here.
    But incentivizing our industry partners to want to take on 
these internships, there is some cost to them to do that, but 
the benefit to homegrown product pays off hugely when they 
come, and that loyalty and that culture they get by getting 
exposed to it early in life. And they don't have any bad 
habits. They're coming in very young, and it's easy to get a 
secret clearance because they haven't done anything bad yet.
    [Laughter.]
    Ms. Kelly. Did you have any thoughts about ----
    Mr. Cambry. Yes, and I will just add into that. One of the 
reasons why we pursued this apprenticeship model for software 
development was because it gave us stamp of approval that we 
can take to employers to say they've been trained, this 
curriculum has been certified, and on top of that we're trying 
to include folks that otherwise might have been excluded.
    So I think that, you know, in addition to what Mr. Bowman 
has mentioned, any incentives that we can get more employers on 
board that can give us some opportunities to folks that 
otherwise wouldn't have gotten them because, once again, as he 
mentioned, when you don't have college debt and you're still 
able to pursue some revenue for your family, and especially to 
be able to jump into the middle class, it has a tremendous 
effect not just for that family but for that community to say 
that this is a possible pathway and this is a pathway we can be 
successful in in a relatively short amount of time with some 
very intensive training.
    Ms. Kelly. How do you get the word out about your programs 
because that is always my concern, too, that sometimes entities 
like yours don't know what is out there for you as far as 
grants because maybe we don't do a good enough job getting the 
word out, but also how do the young people know that you exist? 
What do you do to get the word out? Any order.
    Mr. Montgomery. May I just--so it's funny that you're 
asking that because I was thinking the exact same thing. I--
with respect to Mr. Bowman's comments, I think there would be a 
line of employers with paid internships and programs where a 
matriculating student would enter the internship's 
organization. I think people would line up around the block 
because they don't have an alternative today. And I think the 
challenge is one of awareness.
    One of the things that we're doing--and we've sort of 
relegated our efforts to higher education--is with respect to 
that exact kind of awareness between local centers such as the 
University of Massachusetts. We reach out to local employers 
who are having trouble employing and doing internship programs 
for kids who are currently in hands-on programs at the 
university.
    I think industry can help by joining forces with the kinds 
of organizations that NSF and other government organizations 
have designated to say, look, here's a workforce that wants to 
work. They actually want to work, and they want to come help 
you with your problems. We constantly get asked for those 
resources. We don't have them either. So I think it is 
absolutely a challenge of awareness, but I think industry can 
help with these kinds of outreach as well.
    Mr. Bowman. If I may, opportunities like this to be able to 
come to Washington, D.C., and talk about programs that are 
being successful in the communities that are working together, 
there's been historical bias that you had to be a four-year 
graduate to be in the IT career field. And fortunately, the 
last six or seven years, programs like the Academies connecting 
with opportunities like the Air Force Association CyberPatriot 
program where they're getting these young men and women exposed 
to these opportunities so much earlier in life that you're 
creating that skill set that they can do the job.
    And now, we have enough--well, we don't have enough but 
we're getting graduates out there in the community with 
Department of Defense, Defense contractors, and then showing 
them that they can do this work. So we don't have the companies 
lined up yet, but I believe in just a few short years with more 
marketing and exposure and seeing how there's multiple career 
pathways.
    You go to college--Robert, one of our examples, went 
straight to college and came out and got offered a job a year 
before he graduated. One of them went right into the workforce. 
Mario went up to Defense with the Pentagon, so he used a career 
path. And the other three are using a hybrid. They're going to 
community college, getting associate degrees, minimal debt, 
getting scholarships while they're working, continuing their 
higher education because they see the benefit of it, but they 
also have that experience.
    So here is young men and women getting exposed to that 
culture and excited about it, and industry is starting to get 
excited about it as well. So the more we can do to encourage, 
let our industry partners know that these young men and women 
can do this work, then we're going to have them lined up at the 
door. And we can meet that need. Thank you.
    Ms. Ferrini-Mundy. Could I just add one other dimension to 
think about in this context? And that has to do with the 
rapidly changing landscape of the cybersecurity world. And so 
at a place like the National Science Foundation, it's very 
important for our research investments in such areas as access 
control and cyber physical systems and privacy and data 
analytics and so forth. All of that research is teaching us 
about this rapidly changing landscape.
    And it's important, I believe, in thinking about the 
curricula, the experiences that students get in their 
preparation for us to keep in mind that this is a dynamic field 
where we need to continually be updated, be offering internship 
and authentic experiences so students are working at the 
cutting edge as early on as they can in this domain, which is 
part of what makes it both exciting and challenging. It has to 
stay very current.
    Ms. Kelly. With the academy we have, the council actually--
we have someone from the elementary level and the two-year and 
then four-year because that was--and then the industry people 
because the concern was getting the young people interested 
anyway, to whet their appetite, but then making sure the high 
school and the community colleges are teaching what needed to 
be taught.
    Did you have any ----
    Mr. Cambry. I'll just add in one last thing. Any time you 
have a little bit of success and one gets a job or an 
opportunity, it creates a ripple effect. Yesterday, I got word 
that one of our students, we--we partnered with an adult school 
in Compton, California. One of the students got their industry 
certification in cybersecurity, and they recently got a job 
at--offered a full-time job at Hewlett-Packard, and all of a 
sudden I get 50 emails today about folks who say, hey, what is 
it that your program does? And so I think those kind of small 
successes have a ripple effect, but you're starting to see 
people to say I can be successful in this space.
    Mr. Montgomery. One of the ----
    Mr. Hurd. Go ahead.
    Mr. Montgomery. Thank you. One of the things that I think 
Homeland and the Continuous Diagnostics and Mitigation program 
did well was it put together a framework for organizations to 
understand their cybersecurity posture, where their gaps were, 
and how to improve. One of the things that we could do 
similarly is to create this clearinghouse of these kinds of 
organizations and academies that have interns available, what 
their level of training is, what their level of certification 
is, where their location is in order to incent employers, both 
government and nongovernment, to have a place to go to fill 
this need even if it's with interns in temporary assignments 
because any work that they're doing is going to help the 
organization, as well as the candidate get some real-time 
hands-on experience.
    But that clearinghouse of these organizations like Mr. 
Cambry's, like Mr. Bowman's, I'm not aware of it. That would be 
ideal because then people can shop by their location, shop by 
their need, and help benefit the local community as well.
    Mr. Hurd. I am going to recognize myself for another five 
minutes.
    So I think, you know, here there is consensus that there is 
a need in the IT workforce for professionals who have received 
their skills through training, certificates, or a degree that 
is not a traditional four-year model. Is that consensus there? 
And, Dr. Ferrini-Mundy, the CyberCorps program can be used for 
those types of things, is that correct?
    Ms. Ferrini-Mundy. Certainly. We--particularly in the 
capacity-building area, we can be funding the design of 
innovative curricular approaches, different durations of 
training, and particularly the connection to the two-year 
colleges.
    Mr. Hurd. Yes. But scholarships as well?
    Ms. Ferrini-Mundy. Yes, scholarships also go to two-year 
college students.
    Mr. Hurd. Got you.
    Ms. Ferrini-Mundy. Yes.
    Mr. Hurd. So what do we need to do to grow the program? And 
what do we need to do to grow the program? And just so I am 
clear, if I am a senior in high school, do I apply to OPM for 
this scholarship and then take it to a school or do I have to 
apply it to one of the 62 institutions for that specific 
program?
    Ms. Ferrini-Mundy. Right. So you have to apply to one of 
the 62 institutions, and OPM does a very good job in 
publicizing these institutions and the program, so that's one 
thing.
    But your other question about what would it take to grow 
this program in our fiscal year 2017 request, we have indicated 
that we'd like to lay the groundwork with an increase for SFS 
alumni to be available over the course of their careers to help 
the Federal Government respond to cybersecurity challenges. So 
this is related to the reserve idea, to the cyber surge corps 
idea.
    But at the same time for us at the National Science 
Foundation, I believe we're beginning to think about this 
systemically. So we do have the SFS program with its 
scholarships, but I mentioned our INCLUDES program, our 
Advanced Technology Education program, the Computer Science for 
All initiative. And I think that that leads me to believe a 
more systemic look by us inside our agency at how we think 
about the pathways, at how we kind of build a context, connect 
to the research. That would help us address the challenges that 
we're trying to address in a more comprehensive way.
    Mr. Hurd. Good copy. Mr. Montgomery, your point about the 
draw of the private sector, now, the value in, you know, the 
CyberCorps or a National Guard is saying you are going to 
commit to the Federal Government for a length of time. If it is 
the length of time of what your scholarship is or we say it is 
four years or something, that is what gets someone into the 
ground floor at protecting digital infrastructure.
    And then if we add on top of that that there is 
participating entities or companies that are willing to help 
loan those folks back, you know, as their National Guard 
experience, how do we structure that in such a way that it is 
not disruptive to business operations?
    Mr. Montgomery. There's actually some great Federal 
examples of this kind of loaning program. There's a program in 
particular out of OSD called the Corporate Fellows Program 
where--and this is a little bit different. This isn't students 
necessarily, but the model could be very, very similar. An 
officer grade 6 is loaned out for a year. The government pays 
for the salary; the private company pays for all of the travel 
and expenses for the military officer. But they're embedded 
with the company for a year. And the thought is that they'll 
return to their rotation with cutting-edge management technique 
and experience with respect to what private industry is doing.
    I can see the same exact thing being--with respect to this 
National Guard of Cyber Warriors as well because the demands in 
both industry and the private sector is so intense. Getting 
someone loaned out for the course of a year, the only 
difference is the company themselves would pay for the 
privilege. But it could be that kind of fellows program where 
it is a rotation in, it's a rotation out. But I would urge you 
to investigate that program because those paperwork--that 
paperwork is already developed. We're already doing those kinds 
of things.
    Mr. Hurd. Yes, because the framework can be that you have 
these kids coming from high school and that they are going to 
school, whether it is, you know, four-year, two-year, or 
something else, but then the set of companies that want to see 
these Cyber National Guardsmen and women are also the ones 
providing internships during that educational process as well, 
right, in order to help hone that so when they finally finish 
whatever educational opportunities they are looking at.
    That is kind of, you know, the concept that I envision of 
this program to make sure that we ultimately are having a 
cross-pollination of skill sets between the public and the 
private sector. Is that crazy?
    Mr. Montgomery. Not at all. The number of occasions--when 
people think about cyber today, they think about a breach, but 
cyber is a 24-hour occupation. And the number of occasions 
where a private industry organization has a spike in demand for 
labor is routine. If you think about anyone with respect to the 
vertical markets like retail or banking, there are--it is 
cyclical. They have more demand at different times than they do 
at other times. And the ramp-up for a guard contingent would be 
an important bolster to their workforce.
    Also, with respect to Presidential Directive 41 where they 
established the guidelines for what happens in a government 
breach, the same thing can be said for the private sector as 
well. There is a criminal element that the FBI investigates. 
There is a hygiene element that Homeland is responsible for. 
And there is constant need for updates and hygiene and good 
best practices that this National Guard could take care of an 
ongoing basis that companies are struggling to find good supply 
for.
    Mr. Hurd. Got you. Dr. Ferrini-Mundy, what is the first 
step that an entity like the Alamo colleges need to do in order 
to be part of the 62 participating agencies in the CyberCorps?
    Ms. Ferrini-Mundy. Well, I think that Mr. Bowman and I need 
to exchange business cards and talk about the various 
possibilities for getting to know the National Science 
Foundation and its ----
    Mr. Hurd. I think we can make that happen.
    Ms. Ferrini-Mundy. Okay. It's starting already.
    Mr. Hurd. And then what about for an organization like 
BLUE1647 to participate in the Computer Science for All 
program?
    Ms. Ferrini-Mundy. Same response. And we can point you to 
the programs that would be, I think, the best-suited to the 
particular organizations here.
    Mr. Hurd. Excellent.
    Ms. Ferrini-Mundy. Very exciting. We're looking always to 
broaden involvement and to reach out more generally.
    Mr. Hurd. Great. I would now like to recognize for five 
minutes the gentleman from the Commonwealth of Virginia, Mr. 
Connolly.
    Mr. Connolly. Thank you, Mr. Chairman. And welcome to our 
panel.
    Gosh, there are so many facets of this subject. Let's start 
for a second with internships. I don't know if you know, Dr. 
Ferrini-Mundy, but when you compare the Federal Government's 
success with internships to the success in the private sector, 
you want to guess how well we do?
    Ms. Ferrini-Mundy. No, I'd prefer to have you explain. I 
don't--I'm not familiar with the ----
    Mr. Connolly. Anyone from the private sector want to take a 
guess at the rough percentage of interns who are eligible and 
hired for employment in terms of a successful internship? It is 
very high. It is, you know, well above 60 percent private 
sector. In some private sector companies it is like--well, I 
won't name one that hired my daughter--but it is in the 90 
percentile.
    We are in the single digits, Dr. Ferrini-Mundy in the 
Federal Government. It is a fiasco. There is no systematic 
mentoring. There is no systematic exposure to all aspects of an 
agency's mission or most of them. There is no morale booster. 
We actually have people who leave when they kind of talk in any 
kind of exit interview, if there is one, who say I would rather 
put my head through a pencil sharpener than ever work for the 
Federal Government again.
    We don't see it apparently as a tool for recruiting the 
next generation or motivating the next generation or tailoring 
the next generation, which the private sector systematically 
does. Otherwise, why have an internship program? Why not make 
it work for both sides? You try us out for size and we are 
trying you out, but we have done some screening and orientation 
so the probability of you sticking around with us is high. And 
our desire for making a permanent job offer is also high. 
Otherwise, it is very inefficient, and we are actually turning 
people off to our mission.
    I don't mean to suggest by saying this that you in any way, 
shape, or form have responsibility. I just point out it is a 
subject I looked into, and I was appalled at the data I found 
and what a complete opportunity cost our current internship 
efforts are in the Federal Government.
    And it is relevant to the topic at hand because we can't 
afford that, especially when it comes to the Federal IT issue 
and cyber in particular because our IT experts in the Federal 
Government are aging out. And if you looked at the average age 
of our counterpart in the private sector, it is much younger.
    So the private sector does not have a problem recruiting 
the next generation to handle the mission. We are. And the only 
choice we have, it seems to me, is to recruit a younger 
generation. Well, what are the tools at hand for doing that? 
And I worry about that. The pay gap is growing. The 
desirability of the workplace can be a challenge. I think it is 
very hard for a Federal recruiter to go to a university campus 
and say I see a 30-year Federal career in your future and you 
are going to love it.
    Now, partly, we are to blame. Congress has done a great job 
in making the Federal workplace a less desirable place in 
public imagination. We have disparaged the workforce, we have 
frozen salaries, we have cut benefits. None of that brings any 
glory on us, and I think frankly was designed in some cases to 
do just that, make it less desirable as a career choice.
    But we can't afford to continue to do that, certainly not 
in the sphere that the chairman and ranking member here are 
exploring because IT is just too important. Security is 
involved, national security is involved, privacy is involved. 
And so I think this is a critical topic, and I think there are 
things we can do to make it easier on ourselves to do that 
recruiting and to make it more attractive, internship programs 
being one of them. That is not rocket science. And the private 
sector has lots of models that are profoundly successful that 
we could emulate or learn from or benchmark against if we would 
only try.
    But longer term, we are going to have to suspend some 
normal civil service workplace protections if we are going to 
have fellows who go in and out of the government. That is not 
so easy. That is really not so easy. I wish it were, so we are 
going to have to be less rule-driven if we are going to do that 
while still protecting everybody involved. We are going to have 
to look at more flexibility, obviously, in pay scales. If we 
are not willing to do that, we will never attract a talent 
comparable to that we face in the private sector.
    So I think there are lots of issues here for us to continue 
to explore. I thank you so much for having this hearing because 
I think this is a critical piece of what we are trying to do in 
IT modernization and upgrading the Federal Government.
    Thank you, Mr. Chairman.
    Mr. Hurd. Amen, brother.
    Last round of questions from me and then we will wrap it 
up. And, Dr. Ferrini-Mundy, are the folks that are 
participating in the CyberCorps, are they staying around in the 
Federal Government? You gave some stats at the very beginning. 
Can you characterize that for me?
    Ms. Ferrini-Mundy. Well, I would like to first just mention 
briefly how excited they are as they enter the Federal 
Government, and so although the incentive of a scholarship is 
powerful and the payback requirement is definitely there, this 
jobs fair that we do in conjunction with OPM every January 
attracts 100 Federal agencies, and students are hired on the 
spot and do their security clearances while they're ----
    Mr. Hurd. And this is a jobs fair for ----
    Ms. Ferrini-Mundy. For the SFS graduates.
    Mr. Hurd. Okay.
    Ms. Ferrini-Mundy. So we know that they're welcomed into 
the Federal Government with--warmly, and the data that we have 
indicates that about 70 percent stay beyond their service 
requirement. So we are again tracking to see how long they stay 
and what they do, but their entry is very quick and smooth and 
they're quite in demand.
    Mr. Hurd. And how does--I don't know if it is NSF or OPM. 
How do they prioritize which agencies are in need of these 
potential SFS or is it this--it is a free-for-all and you come 
to this job fair and that is how you do it?
    Ms. Ferrini-Mundy. I think I--it's my understanding that 
there is no prioritization particularly, but the agencies show 
up, they make themselves available, they talk with students. 
And we'd love to invite the members of the subcommittee to join 
us next year when we go through it. It's quite fascinating.
    But, as I understand it, there's no ----
    Mr. Hurd. Yes.
    Ms. Ferrini-Mundy. It's an open discussion.
    Mr. Hurd. Please do. And in my remaining three minutes and 
18 seconds, I want to go down the line. And, Mr. Cambry, I want 
to start with you. This notion of a Cyber National Guard, I 
think you are attracting people in from areas that may not be 
exposed to this. We can expose them to, you know, the 
CyberCorps program. We can expose them to institute like the 
Alamo Academies, equivalents in your neck of the words. And 
then we have companies like Intel that are interested in hiring 
them.
    What do you see is kind of the next step in trying to 
achieve that vision? And that is really--my question down the 
line--and, Mr. Cambry, you are going to have the last word.
    Mr. Cambry. For us, it always has been can we change the 
narrative so people can see themselves being successful in 
these positions? So that's kind of the standpoint we took since 
we first started.
    Now, our standpoint is to also convince the employers that 
there is some value to investing in these folks from the 
community and other nontraditional settings. We've also been 
able to partner with colleges, community colleges, and a whole 
host of other people as part of this ecosystem of kind of 
support.
    What that next step for us has always been, partnering with 
organizations that either do the placement or that have those 
direct connections to those employers because, once again, the 
more that we can focus on our students and our constituent base 
and not as much on trying to find the perfect match with the 
employers, it makes our job easier because then we can push 
harder downstream and really start cultivating that level of 
talent and really focus even more on our curriculum, placement, 
and being able to do the testing necessary to make sure they're 
ready.
    Mr. Hurd. Thank you. And thank you for being here. And 
everybody, the remaining--you have got 30 seconds to answer 
that question. Mr. Bowman, you are recognized for 30 seconds.
    Mr. Bowman. Chairman Hurd, thanks again for the 
opportunity. So it's real simple. Companies that are willing to 
invest in an intern get to indoctrinate this young man and 
woman to their culture. And what they're finding is the 
retention is off the charts. Sometimes it's the first paycheck 
that these young men and women have received, so they're 
bleeding that company's blood, that color, forever. Their 
loyalty is off the charts. So if you invest in it, you get a 
positive return on investment.
    Businesses will not be participating in a program like the 
Alamo Academies going into their 16th year if there was not a 
positive return on investment. And internships is that secret 
ingredient to getting these young men and women exposed just 
like yourself when you had yours at Southwest Research and here 
you are today. And that's a pathway to success, so I'm very 
much for it.
    Thank you for the opportunity.
    Mr. Hurd. Thanks for being here. Mr. Montgomery?
    Mr. Montgomery. I think demand is so intense that 
organizations will take a flyer. What I'd love to see is focus 
on a clearinghouse where the kids are made available to 
potential employers because they'll come. They'll absolutely 
come.
    Mr. Hurd. Absolutely. Dr. Ferrini-Mundy, take us out.
    Ms. Ferrini-Mundy. Thank you so much, Chairman Hurd, 
Congresswoman Kelly. This has been wonderful and exciting to 
talk about this topic. Two points that I'd like to leave us 
with, one is the critical importance of developing and seeking 
talent broadly across all groups from this country that have 
been underrepresented in the STEM fields, in the IT fields, and 
in the cybersecurity fields. We need the diversity of this 
nation to be brought to bear on these challenges.
    And second point is that through public-private 
collaboration, the government and the private sector can work 
together to understand the changing needs in this domain and 
the kinds of experiences, certifications, assessments, ability 
to be certain that people are ready to step in as needed over 
the course of their career in and out of government so that we 
are taking the very best talent and helping them learn and grow 
throughout their careers.
    Mr. Hurd. I would like to thank our witnesses for taking 
the time to appear before us today. What you guys do is 
important to educating our kids and the future of our country, 
so thank you for that.
    And if there is no further business, without objection, the 
subcommittee stands adjourned.
    [Whereupon, at 4:31 p.m., the subcommittee was adjourned.]


                                APPENDIX

                              ----------                              


               Material Submitted for the Hearing Record



[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


                                 [all]