The Cyberspace Solarium Commission 2.0 released its most recent report on June 02, 2022. This iteration re-affirmed the continued need for public-private partnership in cybersecurity, including the development of shared resources and increased investment in a cyber workforce. Additionally, the report included a plethora of recommendations for the U.S. national cyber director\u2019s action concerning educating and developing the national cyber workforce, as well as expanding the hiring authorities for cyber positions, and establishing \u201cspecial pay rates for the most in-demand roles.\u201d The 43-page report included seven fulsome recommendations for the national cyber director, U.S. Congress, and the private sector, which if adopted would serve to enhance the recruitment, retention, and performance of the nation\u2019s cyber workforce in both public and private sectors.The report\u2019s review of the current state of affairs highlights what every CISO in both government and private entities knows: There is a talent shortage. The lack of talent, however, doesn\u2019t always equate to less being accomplished. One may envision Lucille Ball and the chocolate confection conveyor belt as an accurate analogy, as over time more and more is expected.The lack of personnel has and will continue to create a national security concern, \u201cparticularly when they occur in critical-infrastructure systems or supply chains upon which that infrastructure exists,\u201d said the report.For over a decade the forecast of shortages and the impending impact has been the topic of many a story. In its report, the Commission notes that over 600,000 cybersecurity positions across all sectors, including government, remain empty. Not mincing words, the Commission notes, \u201cthe cybersecurity community is out of time.\u201dNational cyber director cybersecurity recommendationsEstablish a process for ongoing cyber workforce data collection and evaluation.Establish leadership and coordination structures.Review and align cyber workforce budgets.Create a cyber workforce development strategy for the federal government.Revamp cyber hiring authorities and pay flexibilities government-wide.Congressional cybersecurity recommendationsAmend the Federal Cybersecurity Workforce Assessment Act of 2015.Increase support for the CyberCorps: Scholarship for Service Program.Provide incentives to develop entry-level employees into mid-career talent.Strive for clarity in roles and responsibilities for cyber workforce development.Exercise oversight of federal cyber workforce development in each department and agency.Establish cyber excepted service authorities government-wide.Expand appropriations for existing efforts in cyber workforce development.Private Sector cybersecurity recommendationsIncrease investment in the cyber workforce.Develop shared resources.CISO takeaways from the Solarium Commission reportReferencing manpower shortages, the Commission highlights the tendency to count open billets as the primary means to determine understaffing as a shortcoming is spot-on. CISOs will be well served to take on board the recommendation to include in their measurements of the actual need. In doing so they will need to identify what is the optimal number of employees to conduct the tasks at hand. This may create a delta, between the actual number of positions and desired number of positions, thus putting underfunding as a measurable shortcoming. Whether within the government or private sector such a discussion might be contentious as every organization has internal battles for resources.While my time within government was many moons ago, the feeling was always that within government, largely due to the long administrative tail and complicated procurement paths, the private sector was always a generation or two ahead. There may not be opportunities for CISOs to directly participate in the intra-governmental working groups and committees, yet several national cyber workforce evolution opportunities are available, and CISOs are encouraged to participate.The report highlights the general lack of diversity within the federal government\u2019s cyber workforce, particularly at the leadership level, characterizing \u201cthe average federal worker is more likely to be older, male, and possess a college degree relative to the rest of the U.S. labor force.\u201d This characterization should not be taken as a signal that diversity within the private sector is where it should be, but rather as an observation that the U.S. government is trailing. There is much which can and should be done to keep diversifying the national workforce.CISOs have enjoyed the existence of the \u201cpay gap\u201d in the race for talent, as only limited parts of the government have the means to create pay flexibility to bring in needed talent. With the recommendation to change the status quo and bring the pay for cyber employees closer to that of the private sector, CISOs may wish to ensure their total compensation packages for their current and future employees are complete. Working for the federal government will be more attractive, as \u201cservice to the nation\u201d does fill the narrower pay gap for many individuals.\u00a0The report also calls for congressional action to support the national cyber workforce. While many companies engage lobbyists to bring their corporate messages, wants, and desires to the legislative branch of the U.S. government, direct outreach from practitioners, the CISO, and their staff, provide legislators with a ground-truth view as the lawmakers take on various actions designed to enhance, grow, and sustain the national cyber talent pool.