A team from the U.S. Coast Guard Academy participated in the National Security Agency’s 20th annual National Cyber Exercise (NCX), a three-day cyber competition that tests the offensive and defensive cybersecurity skills virtually, April 8-10, 2021. The Coast Guard Academy recently instituted a Cyber Systems degree to meet the needs of the services cyber security strategy of defending cyber space, enabling operations, and protecting infrastructure. (U.S. Coast Guard photo by Petty Officer 2nd Class Hunter Medley)
The GAO has issued a report that finds the Coast Guard is not doing all GAO thinks Coast Guard should be doing, to manage its cyber work force. You can see the one page summary here, it has a nice bar graph. I have reproduced most of the summary below. You can see the entire 40 page report here.
The most striking thing for me, was to see how many Coast Guard people are now employed in cyber. 4507 positions are authorized and 4095 are filled. That is a big chunk of the Coast Guard’s total manpower. It is totally justified considering they are protecting not just the Coast Guard, but the entire maritime transportation system.
A recent US Naval Institute Proceedings article, “Cyber Warfare Is a Navy Mission” discusses why cyber has become so important and also suggests that the Navy needs to take larger role in maritime economic cyber. Apparently the Navy has not been paying much attention to this, but the potential is there, that they may.
What GAO Found
The Coast Guard is increasingly dependent upon its cyberspace workforce to
maintain and protect its information systems and data from threats. As of
September 2021, the Coast Guard determined it had 4,507 authorized
cyberspace workforce positions (i.e., funded positions that could be vacant or
filled), consisting of military and civilian personnel.
Coast Guard guidance calls for the service to use its Manpower Requirements
Determination process to assess and determine necessary staffing levels and
skills to meet mission needs. However, GAO found that the service had not used
this process for a large portion of its cyberspace workforce. For example, as of
February 2022, the Coast Guard had not used this process for three
headquarters units that collectively represent 55 percent of its cyberspace
workforce positions. Until such analysis is completed, the Coast Guard will not
fully understand the resources it requires, including those to protect its
information systems and data from threats.
Of 12 selected recruitment, retention, and training leading practices, the Coast
Guard fully implemented seven, partially implemented three, and did not
implement two. By fully implementing these leading practices, the Coast Guard
could better manage its cyberspace workforce. For example, it has not
developed a strategic workforce plan for its cyberspace workforce. According to
leading recruitment practices, such a plan should include three elements: (1)
strategic direction, (2) supply, demand, and gap analyses, and (3) solution
implementation, along with monitoring the plan’s progress to address all
cyberspace competency and staffing needs. Without having such a plan, the
Coast Guard will likely miss opportunities to recruit for difficult to fill cyberspace
positions.
Chuck Hill's CG Blog 
Some universities are expanding their cyber capabilities such as Northeastern University in Boston. Teaming up with these efforts could provide accelerated improvements.
“The most striking thing for me, was to see how many Coast Guard people are now employed in cyber. 4507 positions are authorized and 4095 are filled.”
95% of those positions are not positions most think of when they hear the word, “cyber”. Most hear cyber and think “Cyber-Security”. Over the past 5 years, the CG just went and abused the use of the latest cool buzz phrase out there – “Cyber”.
The CG took any positions related to computer, electronics, aviation electronics, etc and just applied the term “Cyber” to them. Cyber positions now cover everything that ET’s, FT’s, TT’s, RM’s (TC’s/IT’s) used to do. A recent major reorganization (OMR) within the CG (collapsing the commands at OSC Martinsburg, C3CEN, & TISCOM under the new C5ISC (old C4ITSC)) command, reclassified a lot of jobs as “Cyber”, even though the people in those jobs have no clue what cyber means to their job – but hey, now they can write “Cyber” on their resume!
The Logistics Centers at E-City and the CG Yard also now have lots of new “cyber” positions.
Similar re-org title tricks took place after the Exxon Valdez incident, when lots of jobs became “environmental protection”, or after 9-11 and lots of jobs were suddenly doing “anti-terrorism” or other buzz words at the time. Remember TQM! Same thing!
It would be interesting to do a study of how many uses of the word Cyber were used in OER’s over the past 10-15 years. I’m sure there has been an explosion in the use of the word on OER’s over the past 5 years.
Chucky! Have you seen this? There is a digitised Organisation and Regulations Manual for the Hamiltons online……..
Click to access 1973_CG-260-7.PDF
Public record. All the 378s are still out there so maybe still useful.