Immigration Policies Walling Off Security Talent Pools
The new tightening immigration policies in the U.S. are aimed – or at least claimed to be aimed – at improving security. Yet they are having the opposite effect in cybersecurity and developer ranks.
According to the 2019 HackerRank Developer Skills Report, one in three hiring managers surveyed says tightened immigration policies have directly impacted their access to tech talent.
The situation is similar across all job titles and industries, making it difficult to find people in other disciplines that could be trained to do security work. With the U.S. unemployment rate dipping below 4 percent, millions of jobs go unfilled for the medium to long term.
Companies are desperately seeking to hire Americans to avoid processing delays and massive amounts of paperwork. But most efforts fail because there are not enough U.S. citizens available to hire, and those that are tend to be in senior positions and unwilling to let go of the pay and benefits to start a new career in security at another company — or even start a new career path with their current employer.
Internally transferring credentialed foreign talent in the same company isn’t any easier.
“U.S. Citizenship and Immigration Services (USCIS) is challenging and denying more applications for the popular H-1B visa, which brings skilled workers into the U.S. for up to six years. In the first eight months of 2017, USCIS sent employers 45 percent more request for evidence (RFE) forms in H-1B cases, according to MPI. RFEs seek documents to prove the need for a visa,” reports the Society for Human Resource Management (SHRM).
“Workers who already hold H-1B visas are popular targets for recruiters because it’s easier to apply to transfer them to different jobs in the U.S. than to seek new visas; however, even these transfers are requiring more time, effort and expense because of increased RFEs from USCIS.”
Worsening the problem is the corresponding steep drop in morale. One in four developers surveyed in the HackerRank report says that “tightening American immigration policies have discouraged them or someone they know from applying to jobs in the U.S.” That could mean candidates are deliberately ignoring many recruiting efforts.
Additionally, one-half (49 percent) of developers surveyed cite “a lack of values alignment and 14 percent say not enough diversity on the hiring panel are deal-breakers during the recruiting process.”
This is all very bad news considering the already dire security and developer talent shortage.
Bottom line: Even if tightening immigration policies are designed to increase security, they’re falling far short and leaving both the public and private sectors overexposed to security threats. Efforts to force such policies into formal acceptance are even more damaging to security efforts.
“At the Jan. 29 State of the Net conference in Washington, D.C., Moira Bergin, subcommittee director for the House Homeland subcommittee on Cybersecurity and Infrastructure Protection, listed a number of cybersecurity initiatives at DHS – from pipeline security to botnets to election security and activities at the new National Risk Management Center – that simply stopped during the shutdown,” reports FCW.
“Bergin said the shutdown, coming just over a month after Congress passed a long-awaited reorganization law for the Cybersecurity and Infrastructure Security Agency, ‘couldn’t have happened at a less opportune time,’” according to FCW.