Slashdot Mirror

← Back to Stories (view on slashdot.org)

DHS Wants To Hire 1,000 Cybersecurity Experts

Posted by kdawson on from the even-one-would-be-nice-if-you'd-listen-to-him dept.

Cyrus writes "DHS Secretary Janet Napolitano plans to hire 1,000 security experts over the next three years. 'Department officials could not say precisely how many cyberexperts now work at DHS and its various component agencies such as the Secret Service and Immigration and Customs Enforcement. Napolitano said she doubts it will be necessary to fill all 1,000 of the authorized positions, but she is focused on making DHS a "world-class cyberorganization."'" Cringely points out, "There aren't one thousand civilian cybersecurity experts in the entire friggin' world!!!!," except he uses all caps and bold.

28 of 222 comments (clear)

  1. Equivalent of the TSA... by Jah-Wren+Ryel · · Score: 5, Insightful

    Cringely points out, "There aren't one thousand civilian cybersecurity experts in the entire friggin' world!!!!,"

    No matter. These guys will be the "cybersecurity" equivalent of the TSA goons at the airport, probably with a management culture even worse than those poor slobs have to live with.

    --
    When information is power, privacy is freedom.
    1. Re:Equivalent of the TSA... by sumdumass · · Score: 2, Insightful

      Or they could become overpaid IT techs who can't design an open access website to comply with government accessibility standards. How about 7 million to "install a firewall" from Norton or AVG or something?

    2. Re:Equivalent of the TSA... by vegiVamp · · Score: 3, Insightful

      Exactly. They'll be paying (relative) peanuts, so they'll get the not-quite brand of expert, while the brunt of the real threat they're up against consists of a) the real experts they couldn't pay enough to hire, and b) the smart kids who've nothing better to do all day than figure out how shit works.

      Their experts will be very effective, however, against the rather common type of attacker that you can block with the kind of network protection that anyone with half a brain already has. Their effectivity numbers will reflect the number of attacks repelled, and thus they'll be commended for their excellent work.

      --
      What a depressingly stupid machine.
    3. Re:Equivalent of the TSA... by Anonymous Coward · · Score: 1, Insightful

      Yup. Sorry to say, but 91k isn't going to attrack the best and the brightest of anything. This isn't much different than other government. And they wonder why commercial people (non-government amployees) outsmart them daily. BTW, this is the same problem with the USPTO.

  2. Nobody's going to work for a government salary.. by HerculesMO · · Score: 2, Insightful

    When they can make over 6 figures easily, with private company perks and bonuses working outside the government.

    If the DHS wants qualified people, they need to pay a competitive salary. Of course, u

    --
    The price is always right if someone else is paying.
  3. Re:Well, I've already had my DHS background check. by oldspewey · · Score: 3, Insightful

    If you have a good shot at faking your way through being a cybersecurity "expert", seems to me this would be a pretty sweet gig. Few things are more entertaining than being paid big bucks to be part of a giant clusterfuck as it unfolds.

    --
    If libertarians are so opposed to effective government, why don't they all move to Somalia?
  4. Doesn't matter if they hire 10,000... by John+Hasler · · Score: 2, Insightful

    ...as long as they can't hire Bruce.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  5. Cringely points out... by John+Hasler · · Score: 3, Insightful

    ..."There aren't one thousand civilian cybersecurity experts in the entire friggin' world!!!!,"

    And he would certainly know, wouldn't he? World-reknowned expert that he is. On everything.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
    1. Re:Cringely points out... by Anonymous Coward · · Score: 1, Insightful

      Based on your post, you're a Contractor, which is who Government hires when actual work needs to get done.

  6. "World-class cyberorganization"? by maugle · · Score: 5, Insightful

    Will you idiots please stop prefixing stuff with "cyber"? I know you're trying to make yourselves sound all cool and tech-savvy, but all you're really doing is sounding like someone from a bad 80s sci-fi movie.

    "Cyberorganization"? What the hell does that even mean? You use computers and computer networks? Computers and computer networks are your primary focus? Big goddamn deal! You don't see Microsoft or IBM or Cisco calling themselves "cybercorporations", do you?

    Look at me, I spend a lot of my time on the Internet! I'm a cyberperson!

  7. Yes, it's hight time to fight the Spam! by Max_W · · Score: 4, Insightful

    Spammers brings much more harm to the world economy than Afghan tribesmen. Billions of people are working as slaves for free for spammers sorting out and deleting their junk day and night. Billions of hours of working time are being stolen as matter of course.

    Maybe the DHS decided at last to tackle this problem? These experts and predators could make the word to sigh with relief. Godspeed!

  8. Translation: by Anonymous Coward · · Score: 2, Insightful

    security expert=security professional

    And as everyone knows, professional=employed

    So, they are saying that they're going to employ 1000 people with security nametags.

    Business as usual, in other words.

  9. Security clearances? by TSHTF · · Score: 2, Insightful

    This paragraph from the article is probably the most interesting point:

    "Another item of great importance is a security clearance to do the work. This is where you will get only one brand of thinking; DoD or DoE clearance. This will prohibit the security "black hat" types from ever being involved in the project without coming from the DoD or Energy."

    This will limit the pool of resources to such an extent to make the project worthless.

    1. Re:Security clearances? by dave562 · · Score: 4, Insightful

      I'm going to go out on a limb here and guess that the DHS doesn't need uber-black hat types doing security for them. What they are looking for is a small army of semi-competent employees who can go from agency to agency, department to department and secure them by implementing generally accepted best practices. They need firewalls installed with the rulesets locked down. They need IDS and IPS devices configured. They need anti-virus and anti-malware on the workstations. They need VLANs configured, servers locked down, disaster recovery plans designed and implemented, etc.

      This is the government we're talking about. They aren't looking for the best of the best. They're looking for good enough to get the job done. Maybe you guys have heard of the saying, "It's good enough for government work." ?? The DHS doesn't need anything that your average small business or Fortune ## organization doesn't need. They just need clean workstations, secure servers and reliable data. They need to be able to process their reams and reams of paperwork and forms and all the other nonsense that comes with the huge machinery of the Federal government.

    2. Re:Security clearances? by hedwards · · Score: 2, Insightful

      Except that none of the major anti-virus companies will hire black hat types and I'd be surprised if other forms of anti-malware were going to hire those sorts. It's just more hassle than it's worth. You're not sure when, if ever, they'll be arrested, if they're still active at their craft, going to try and sneak out proprietary information for sale to others.

      It's not accident that reputable companies won't hire them.

  10. The real reason for this by Alain+Williams · · Score: 2, Insightful
    is that they can then say that "we are doing everything that we can, look: we have employed lots of experts. By the way can we have some more budget."

    Summary: DHS gets to look more important.

    If that is all that they do then be thankful. Be fearful that they start to push pointless rules on everyone.

  11. Re:The U.S. government is EXTREMELY corrupt. by hedwards · · Score: 4, Insightful

    That's bullshit, you're going to have to cite that. The US government does have issues with corruption, but it's not any worse that most places. And definitely not "EXTREMELY" corrupt. If you want to know what extreme corruption looks like take a looksy at all those African nations that have ultra riches in minerals but mysteriously can't find the money to pay for food for their own people and somehow manage to do worse than nations without any resources to speak of.

    In this case I'd say it's about damn time, that's probably a good starting point considering that so much of the military network is so completely hopeless right now, depending upon who their looking for it would take a goodly number of entry level employees just to get the simple stuff done. Let alone the more complex tasks.

  12. Re:The head guy is from Microsoft by Hurricane78 · · Score: 5, Insightful

    Then you're forgetting the negative things that could happen. Like Linux declared a threat to national security.

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.
  13. Re:The American Way by mellon · · Score: 4, Insightful

    That's kind of a bogus observation. If you aren't world-class, then you are at the mercy of those who are. "World-class" doesn't mean "better than anyone else in the world." It just means "good enough to hold your own with the best in the world." Really, everybody needs world-class people. The pity is that not everyone can afford them.

  14. Re:Well, I've already had my DHS background check. by oldspewey · · Score: 2, Insightful

    The key point here is that in order to be hired as a cyber-security expert in the private sector, you probably need to be an actual cyber-security expert. In order to be hired as a cyber-security expert by DHS, along with 999 other "experts" all being sought within the same timeframe, you probably just need to study up on your buzzwords and you're good to go.

    --
    If libertarians are so opposed to effective government, why don't they all move to Somalia?
  15. Maybe there aren't 1000 security experts by Skapare · · Score: 2, Insightful

    ... but there are surely tens of thousands of people that currently have, or can get, cyber security certification. This is good enough for government work.

    --
    now we need to go OSS in diesel cars
  16. Building Parnerships by Skapare · · Score: 2, Insightful

    From the referenced link on list of priorities:

    Building Partnerships: "We're defining our partnership models, making sure they're as efficient as possible, that they let the private sector work effectively with us and as one, and we're starting the process of developing a national cyberincident response process..."

    Translation: If it's a problem with a security exposure in Microsoft Windows, hand it over to Microsoft to deal with. Let them do the coverup.

    --
    now we need to go OSS in diesel cars
  17. Re:World Class? by vegiVamp · · Score: 2, Insightful

    Because *obviously* Al-Qaeda is on the verge of launching an all-out cyberattack on the US, from the crank-driven laptop they have in their cave. Why, the CIA confirmed only yesterday that they forked out on an amazing full megabit of sattelite bandwidth for exactly that purpose. That's 1.000.000 bits per second !

    --
    What a depressingly stupid machine.
  18. Why Chicago lost the Olympics by kurt555gs · · Score: 2, Insightful

    I think you can lay the blame at Chicago's loss of the Olympics squarely at the feet of DHS and Customs enforcement. The USA is NOT a friendly place to visit. I wish President Obama would have put an end to this Bush era foolishness, but it seems he wanted to cuddle up with the right wing Republicans instead. Strike, one. Strike, two.

    --
    * Carthago Delenda Est *
  19. Re:The head guy is from Microsoft by mikael · · Score: 3, Insightful

    Notice the focus on words like "ecosystem", "religion" and placing the blame on machines and people. No mention of vulnerable drivers, protocols or applications.

    Practical things would be

    o Develop reliable methods of network protocol design to prevent vulnerabilites in network services.

    o Proper application design so that the above aren't compromised by feature bloat of applications. "Hey, let's add macros and automatic E-mail sending/receiving to our application. Never know when it might come in useful".

    --
    Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
  20. Re:Yes there are over 1000... by Skapare · · Score: 2, Insightful

    1000 people who think they are security experts would do far more harm than 5 people who actually are.

    --
    now we need to go OSS in diesel cars
  21. U.S. financial system unchanged. by Futurepower(R) · · Score: 2, Insightful

    "Recent evidence suggests not only has Wall Street survived, but it is essentially unchanged."

  22. Re:World Class? by GaryPatterson · · Score: 2, Insightful

    Al Qaeda?

    They're nothing on this stage.

    Look to your trading partners for the real threat.