Fighting hackers is hard enough, but a huge shortage of cyber workers could leave the government exposed. According to numbers from the Bureau of Labor Statistics, there were more than 209,000 unfilled cybersecurity jobs in the U.S. in 2016, although the number could be as high as 350,000.

And while the federal government has significantly upped its efforts to fight cyberattacks after the OPM breach, questions about future strategy and investment remain. Notably, the Trump’ administration’s federal hiring freeze raises questions about how OPM will fill the listings on its new cybersecurity job portal – cybercareers.gov – which pulls together job listings from across the federal government and was intended to incorporate workforce training in the future.

One notable exemption from the freeze are DoD civilian jobs critical to cybersecurity.

Cybersecurity staffing is a perpetual challenge for the government. Cybersecurity workers command higher salaries than other IT workers and they tend to seek out opportunities where they know they’ll have access to cutting edge cyber tools – and the high level of competition from the private sector makes it hard for agencies to compete for new college graduates. And it’s not just coders that are in short supply, agencies need lawyers and economists who understand cybersecurity too, reports FedScoop.

While questions remain about the future of hiring cybersecurity talent across the rest of government, here are some best practices that DoD and even state and local agencies can leverage to woo cyber pros.

Go Beyond Traditional Government Hiring Practices

Take a leaf out of DHS’ book. FCW reports that the DHS has been aggressively targeting cybersecurity professionals by conducting job fairs at industry and cybersecurity think tank events. The department also has the authority to offer jobs on-the-spot to attractive candidates. DHS is also considering a new career path for cybersecurity employees that would allow them to move more freely between the public and private sector, enhancing the talent pool and skill of both sectors.

The NSA (which has lost cyber workers in droves) is also using new tactics to recruit new cyber talent. With an increased focus on the government’s classified cyber security mechanics (thanks to TV shows, like Homeland, and scandals, like Edward Snowden), NSA is looking to lure in candidates interested in mission-producing results. Politico writes that the agency is hitting up job fairs in Washington, D.C. with plenty of swag and sexy tag lines: “Push the limits of innovation” and “like disrupting a terrorist attack, catching international drug traffickers, or preventing a crippling cyberattack?”.

NSA’s tactics are aggressive and they’re working. Lines were 2-3 people deep at recent fairs. NSA doesn’t just hit the DC job circuit, it attends hundreds of college job fairs and events across the country.

Use Online Innovations in your Search

About 43% of millennials—those born between 1979 to 1997—think the federal government should use social media to connect with recruits, according to an Accenture Federal survey.

NSA is already there, actively combing LinkedIn for resumes, rather than waiting for candidates to apply for federally posted jobs. There’s even a NSA Careers app. Take a look at NSA’s new careers website, which includes a job exploration tool, job search tool, a focus on culture “meaningful work” and a “future-focused environment” and “Top 5 Reasons to Work @ NSA” as well as other tools aimed ad demystifying what it’s like to work at this top-secret agency.

Sounds like a lot of work and expense, but with the urgency around cybersecurity, a new set of skills is called for.