As part of the kick of for National Cybersecurity Awareness Month, the Department of Homeland Security recently announced that it will hire 1,000 top security professionals to help fight off the threats the U.S. faces over computer networks, infrastructure and the Internet over the next 3 years.
“Effective cybersecurity requires all partners–individuals, communities, government entities and the private sector–to work together to protect our networks and strengthen our cyber resiliency,” said Secretary Napolitano in a news release. “This new hiring authority will enable DHS to recruit the best cyber analysts, developers and engineers in the world to serve their country by leading the nation’s defenses against cyber threats.”
The new authority that will manage the hiring process to find top talent may have some things to contend with, say security experts. It may be a challenge to pry the best security technologists away from the comforts of the private sector.
But that’s not the only issue for DHS, says Security writer Dennis Fisher in the Threatpost blog owned by Kaspersky Lab.
“DHS and other federal agencies have had a very difficult time recruiting and keeping top-flight security talent in recent years, and it’s unclear why that will change anytime soon. As Brian Krebs points out, even the National Security Agency is having trouble stemming the tide of departures from its security organization, many of whom are leaving to join the new Cyber Command just down the road.Another problem is that many of the best security professionals in the world don’t live in the United States. Germany, Brazil, China, Russia and other countries have more than their fair share of security talent. And even if experts from abroad wanted to come work for DHS, it would be a long road for them to get in the door. But that’s a minor concern. There certainly more than 1,000 qualified security pros in the U.S. Getting them to head to Washington is the real sticking point.“
Fisher acknowledges, however, that it’s good to see the government taking a more aggressive approach to managing security at the Federal level, but that naming an actual national cybersecurity coordinator is what’s most needed now.