By Jonathan Powell


Abstract.

In the foreseeable future, humans remain key to software systems development. Therefore, emphasis should be placed on how we maximize both the potential and productivity of what is in fact the most critical element of the Software Development Life Cycle (SDLC).

Introduction

Four years ago in this Journal I wrote:

“Today when the Navy needs next generation software for its submarine sonar systems, defense contractors are not deploying hordes of automatons to the Pentagon to gather requirements, design the software, build the prototype, make it ready for production, and then support it through operations and maintenance. It still comes down to people, and I submit it will come down to people for a long time to come. Even in the far out future, as parts of this chain are automated, people will be needed to intercede, because software is not perfect, and problems always arise. So if one’s ability to overcome software challenges fundamen¬tally comes down to people, the question becomes, ‘How do I get the most out of my people?’ This will be the focus of this article.”

Indeed, not much has changed on that front. There may indeed come a time when humans are removed from the Software Development Life Cycle (SDLC) in significant measure. But in the foreseeable future, humans remain key to software systems development. Therefore, emphasis should be placed on how we maximize both the potential and productivity of what is in fact the most critical element of the SDLC. With this in mind, this article will examine how do we enhance the quality of software talent. And how do we improve innovation, training, and motivation when it comes to human capital.

Attracting Talent

At a macro level, in the Aerospace and Defense Industry (A&D), we need to improve our ability to attract talented individuals who pursue careers in computer science, cybersecurity, and related fields. This is particularly challenging in an era where Google and Facebook are booming, and offer to college graduates the promise of riches and the opportunity to work on cutting edge technology and innovation. While the landscape is challenging, is doesn’t have to be daunting. In certain sectors of A&D (parts of Defense, for example) there may be opportunities to expose prospective candidates to new technologies. However, what A&D really needs to do in order to make substantial gains in attracting and retaining top talent is “hook” them early. This is done by getting them involved doing mission work. For many people, the value of meaningful work outweighs money, new technologies, and other factors. And it is hard to get more meaningful than supporting our Nation’s work catching bad guys and terrorists. There are a whole host of other meaningful areas in A&D as well, not just limited to National Security or Defense. Exposing our young talent to these areas and “setting the hook,” imbuing them with the thrill of pursuing something higher than themselves, is what we’re after. The characteristics of this work are where we have an advantage over many commercial players. The younger the age where the hook is set, the greater the chance of inspiring an enduring, even lifelong motivation to serve in mission oriented roles. This can be done through College Internships, CO-OPs, and the like. But younger is better, even offering internships at the high school level or education and exposure opportunities at ages younger than high school are important. This is especially true since the Facebooks of the world have an inherent advantage with their name brand and clout, and often the important and interesting mission work we perform is unknown to the general populace. Today, we in A&D have the opportunity to go for the “two-fer” – not only entice the younger generation with the attraction of “cool” mission-oriented work, but link this work to the “cool” technologies in the market or coming into the market, positively impacting the mission. A perfect example of this is 3-D Printing, and the revolution in design it is sparking. Take a kid who’s good with computers, knows about 3-D Printing because 3-D Printing is used to build cool custom Lego parts, and introduce him or her to the cool applications that are being used in the Defense community, and bingo – game, set, match. And if that kid doesn’t “bite,” others will, and at a greater rate than through the traditional model of competing with Silicon Valley and others attempting to hire these students after they’ve graduated college. One other point for consideration here – the world has changed so now young talent can go work for a “cool” company and still have a mission focus (look at what Amazon is doing for the Intelligence Community). I would expect that the increase in commercial players in mission oriented work will continue – DoD has even made this a point of focus by standing up a Silicon Valley office. This is a positive development, and will only help get the word out on the important work and opportunities that exist in the A&D sector. This means traditional A&D players will need to work harder and come up with different innovations to continue to spark mission interest in youth in order to successfully compete for talent against non-traditional players in the space.

Innovation and Motivation

So the conversation still begins and ends with people. Not as pithy statements or some platitude, but a compass to follow. If the organization makes hiring and retaining the right talent its true guiding light, then innovation can surely follow. While having knowledgeable and skilled resources in place is a foundation, by itself it is not enough. The organizational culture must encourage and enable innovation. Policies and procedures can support innovation – for example, giving people free time at work “off the clock” to innovate, experiment, and think. These policies and procedures are especially needed in professional services organizations where there’s usually not a formal R&D organization, in which staff is formally allocated significant time to pursue special projects and experiments. Financial incentives can help entice employees to come up with new ideas and bonuses and the like for ideas that are reviewed and accepted could be codified in policy. However, perhaps the single most important determinant in promoting an organization where innovation thrives is through setting the conditions for open and honest communications. This has to start with the leader of the Organization – His/her behavior will permeate all aspects of how business is done, and either positively or negatively impact the “Corporate Culture,” defined as “The way people behave from moment to moment without being told” [1]. An Open and Honest Culture, often referred to as “transparency,” has a multiplier effect, positively impacting not just innovation, but also morale. Joyce Russell, Vice Dean at the R.H. Smith School of Business writes, “When a firm does not have trust or transparency, not only are there employee problems (low morale, productivity, commitment and loyalty), but also employees will undoubtedly pass that along to their clients or customers by treating them poorly. On the other hand, firms with a transparent culture are more successful since employees feel free to come up with more creative solutions, they share issues before they become major problems, and they are more engaged, motivated, and productive at work” [2].

Note earlier I wrote knowledgeable and skilled resources, not necessarily what’s coined as “experience” (i.e. number of years of service). This is a bias, particularly in A&D, where experience can be viewed as a prerequisite or barrier to entry, instead of just one piece of the individual’s mosaic. For certain functions, there may be a benefit in having “experience” act as a gate-keeper prior to contribution, but innovation is not one of them. Case in point – some senior engineers in our intelligence sector wrestled with a thorny issue for months, without finding a solution. Around that time, in came a couple of Virginia Tech Co-Ops and they literally had the problem solved in a couple of weeks. Why? Were they smarter? Better educated? No and No. The answer simply came down to the fact these two individuals had a completely different way of looking at things and brought that lens to the problem, yielding a rapid breakthrough. This is a single vignette, but its implications are telling. Silicon Valley recognizes this fact, and notoriously does not give the “gray hair” any more credence than the new kid on the block. It is the best idea that matters and the one Silicon Valley and the market rewards. More of this attitude needs to be injected into A&D. In fact, this sort of cross pollination of talented millennials and younger generations with the established “gray hairs” is needed if A&D is to stay viable.

Training

For Cyber Security training, there are two facets. First, recognition of the fact there are plenty of well-trained folks out there. But often times, these folks can’t be hired in A&D because of barriers (for example, inability to get a security clearance because of some disqualifying item from the past) or they have no interest in working within the A&D arena – the white hat or ethical hacker may be a category of individual who’s not necessary inclined to work in the A&D space because they may perceive entities in this space as being stuffy, bureaucratic, etc. Organizations like the FBI are making changes in their clearance processes, to widen the aperture of qualified candidates who can apply and be accepted. In addition to looking at policies and procedures like the FBI is doing, organizations can attempt to be innovative. For example, an A&D company may elect to form an independent Skunk Works subsidiary, possessing a Google-like entrepreneurial bent and freedom, that talented individuals like the ethical hacker may be enticed to join. This can be challenging, because the organization has to derive a way to get the technical gems out of the skunk works and into the MILSPEC world of the end user. But where there are risks, there are rewards, and the potential rewards for successfully implementing such model could be huge for the A&D firm. Second is the case where training is in place and needs to be improved. Of course, many of today’s experts in Cyber Security are self-taught or learn through non-traditional means. There ought to be a way to recognize the talents these people bring to the table. So today where a degree or certification is required, instead look at experiential or other substitutes. The Army is establishing a Cyber Branch (an entire field, akin to Infantry, Artillery, etc.). They should give serious consideration to non-traditional means to fill this branch, especially since they need to get going and reach critical mass of personnel immediately. So the tried and true ASVAB exam, and picking those who score highest for some form of follow-on training, won’t get it done. However, what could work is offering bonuses to resources with a proven skillset (for example, network penetration resources, hackers, etc.) without barriers (i.e. not making a degree, certification, etc. a requirement), and have the entry procedure involve passing a one-on-one interview with a slate of known cyber experts to see if the resource really does have the skillset they portray. There’s a lot of talent literally sitting in the basement of homes across America (ala the classic movie ‘War Games’) just waiting to be tapped, and the old pipeline approach simply won’t get it done. In situations where training is needed and is provided, one enhancement has to be increasing the hands on, in-person elements. Cybersecurity is a space that requires on-the-job-training (OJT), where one can learn side-by-side with an experienced mentor or have the opportunity to experiment in a lab environment. I’ve heard numerous complaints about college or other offerings possessing high lecture content and low hands-on aspects, thus resulting in insufficient learning. Generally, anything that can be done to increase the hands-on aspects of training will improve the quality of the training and the curriculum. Note, here I am talking about the Doers – the Network defense, Pen Testers, Ethical Hackers, etc. Classroom and lecture are fine for policy makers, management, etc. But A&D is in dire need of Doers, and the way to increase the real pool of doers (different than the perceived pool of doers – those with certifications and degrees but aren’t capable of performing hands on Cyber Security functions) is to ramp up the hands on aspects of training. There’s not a need to be prescriptive in this regard. Just as long as the hands get on the keyboard in engaged and meaningful work, under the tutelage of someone who knows what they’re doing, the learning will occur and most importantly, stick. And once this new pipeline of effectively trained folks is in place, one benefit is the assurance more of these folks will be effective in their roles sooner, versus the current scenario where people with degrees and certs are hired, but a significant portion are subsequently shown the door because they weren’t the Doer they were perceived to be.

Conclusion

Software remains a product which is reliant upon human capital. Action needs to follow in order to nurture this critical resource, especially in sectors like A&D, if it is to remain viable in the future. While some companies and areas of government are making steps in adjusting the frameworks for attracting, retaining, training, and motivating software talent to meet current needs and those of the future, not enough is being done. As a first principle, let’s take a look at our existing organizations, and ask ourselves how do we establish the conditions to harness and unleash the true array of human capital already available and bring these capabilities to bear. MIT Professor Alex Pentland sums this up nicely.

“It is not simply the brightest who have the best ideas; it is those who are best at harvesting them from others. It is not only the most determined who drive change; it is those who most fully engage with like-minded people. And it is not wealth or prestige that best motivates people; it is respect and help from peers” [3].


References and Notes

1. See http://fortune.com/2015/03/05/perfect-workplace

2. See http://www.washingtonpost.com/news/capital-business/wp/2015/04/02/career-coach-the-importance-of-being-more-transparent-at-the-office

3. See http://fortune.com/2015/03/05/perfect-workplace


Jonathan Powell

Click to view image

Jonathan W. Powell, CGFM, PMP, Security+, is an
adjunct professor at UMBC. A former submarine officer, Mr.
Powell has led complex engagements for military, federal
and intelligence agencies. His articles have also been
published in “PM Network” and “Contract Management.” Mr.
Powell serves on the board of the Montgomery County Revenue
Authority and is a member of the State of Maryland’s
Cybersecurity Council. A graduate of the FBI’s Citizens
Academy, he holds a B.S. from USNA and an MBA from the
University of Maryland.

E-mail: jopowell@umbc.edu

Jonathan Powell

Click to view image

Jonathan W. Powell, CGFM, PMP, Security+, is an
adjunct professor at UMBC. A former submarine officer, Mr.
Powell has led complex engagements for military, federal
and intelligence agencies. His articles have also been
published in “PM Network” and “Contract Management.” Mr.
Powell serves on the board of the Montgomery County Revenue
Authority and is a member of the State of Maryland’s
Cybersecurity Council. A graduate of the FBI’s Citizens
Academy, he holds a B.S. from USNA and an MBA from the
University of Maryland.

E-mail: jopowell@umbc.edu


« Previous Next »