Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dept. of Homeland Security To Build Better Cyber Workforce

Posted by samzenpus on from the assemble-the-team dept.

coondoggie writes "Secretary of Homeland Security Janet Napolitano today said the agency will form a cybersecurity workforce task group that will consider strategies such as expanding DHS involvement in cyber competitions and university programs, enhancing public-private security partnerships and working with other government agencies to develop a more agile cyber workforce across the federal government. The new task force will be co-chaired by hacking expert Jeff Moss who now works for the Homeland Security Advisory Council and Alan Paller is director of research at the SANS Institute."

43 of 57 comments (clear)

  1. first step by ravenspear · · Score: 5, Interesting

    Stop calling it "cyber".

    1. Re:first step by Scorch_Mechanic · · Score: 5, Insightful

      Stop calling it "cyber".

      As much as I dislike the word "cyber" and the overuse of it as a prefix, it's not really "wrong" anymore. It's been used so much that it has acquired legitimacy and meaning in the eyes of the masses, even if we who are computer-aware still wince when someone says it on air.

      When a scumbag (read: politician) says "cybersecurity", you and I both know that he means "computer/network/information security", even as we groan. Much as we wish it were not so, it's the way things are now.

      Sorry.

      --
      You should turn signatures off.
    2. Re:first step by FriendlyLurker · · Score: 1

      Video of "Cyber" person Workforce in action... targeting terrorists no less.

    3. Re:first step by geekgirlandrea · · Score: 2, Informative

      Whenever someone says 'cyber' unironically, just think of it as shorthand for "I'm a blithering nitwit and you should ignore anything I say from here on."

    4. Re:first step by Johann+Lau · · Score: 2

      Nah, I'll just think if it as shorthand for "cybersex" and listen and nod enthusiastically... the Cyber Workforce! For, you know, "working guys". Heh.

    5. Re:first step by geekgirlandrea · · Score: 4, Funny

      Send in a resume claiming to be BloodNinja ?

    6. Re:first step by Johann+Lau · · Score: 1

      Ohh! I haven't read this in a loong time, and now my belly hurts from laughing so much. Thanks :D

    7. Re:first step by shoehornjob · · Score: 1, Troll

      Stop calling it "cyber".

      It's gubbermint... They don't know better.

      --
      "We are just a war away from Amerikastan. When god vs god the undoing of man." Dave Mustaine
    8. Re:first step by ark1 · · Score: 1

      Stop calling it "cyber".

      I hate the word with a passion when used in this context but what alternative would you use? It has to be a single word or an expression that describes it all - Computer Security, Information Security, Network Security etc...

    9. Re:first step by networkconsultant · · Score: 3, Informative

      We should thank William Gibson once more.

    10. Re:first step by SCHecklerX · · Score: 1

      Came here to say exactly this. Government loves that prefix. It's nauseating.

  2. This can't be good. by Anonymous Coward · · Score: 2, Interesting

    -- Waiting in line at the airport terminal

    Excuse me, sir.

    Your laptop is of considerable interest to us.

    -- DHS security walks in and takes the laptop

    You wonder how America got to this point.

    1. Re:This can't be good. by Anonymous Coward · · Score: 1

      You wonder how America got to this point.

      America is dead and gone. This country is not the one my ancestors fled Eastern Europe for and it is not the country my wife and I grew up in. That America was killed off by the greed heads and complacent, The downward spiral has begun and I suspect I will live to see the end of this empire. A friend of mine is a Rastafarian who refers to this empire as Bayblon. The more I listen to him the more I have to agree; Babylon will fall.

    2. Re:This can't be good. by Anonymous Coward · · Score: 1

      The answer: Too few did anything about it.

    3. Re:This can't be good. by lister+king+of+smeg · · Score: 1

      That because we Americans are the descendent of those utter bastards you sent out, only these utter bastards decided not to repatriate their assets to you any more.

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  3. "develop a more agile cyber workforce". . . ? by PolygamousRanchKid+ · · Score: 1

    Well, finally I have an answer when all those pesky non-IT folks ask me what I do:

    "I'm developing a more agile cyber workforce."

    Delivered with an absolute deadpan face and voice. I will answer any follow up questions with:

    "We are currently implementing plans to size the effort."

    DHS, eh? Well, does this program make you feel more secure . . . ?

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  4. Key words... by davester666 · · Score: 4, Funny

    'agile' 'cybersecurity'

    They need to flesh out these ideas with words like:
    "realtime"
    "game-changing"
    "web 2.0"
    "P3"
    "next-gen"
    "hyper-local"

    --
    Sleep your way to a whiter smile...date a dentist!
    1. Re:Key words... by foobsr · · Score: 4, Funny

      http://emptybottle.org/bullshit/index.php

      "Hey Kids! It's The Web 2.0 Bullshit Generator"

      CC.

      --
      TaijiQuan (Huang, 5 loosenings)
    2. Re:Key words... by DarkOx · · Score: 1

      We need something better. There was a buzzword utility that used to come with Dillbert's Desktop Games. What was neat is you could type a few sentences in plain English. It understood enough grammar rules and knew what part of speech the words you typed were that it could inject the buzzwords into your original text, obscuring but not really altering the meaning.

      It usually left you with something ready to paste into the e-mail reply to your idiot co-workers. Usually that something was good enough to keep them busy parsing, and away from your cube, long enough for you get another coffee.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    3. Re:Key words... by White+Flame · · Score: 1

      "web 2.0"

      I think we're up to "web 3.0" now in terms of bleeding-edge buzzword BS.

    4. Re:Key words... by lister+king+of+smeg · · Score: 1

      but in the cloud

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  5. Sounds more like an expansion of the MIC. by Uberbah · · Score: 2

    MIC being the military-industrial complex, or as I like to call it, the military-industrial-congressional-contractor-prison-surveillance complex. Young people, go get computer science degrees with a specialization in security, so you can either work for the Pentagon or work for contractors working for the Pentagon.

    Greenwald:

    The U.S. is the leading developer and perpetrator of cyberwarfare, not the leading target. The New York Times this morning has a long excerpt from a new book by its hawkish national security reporter David Sanger â" the book is entitled âoeConfront and Conceal: Obamaâ(TM)s Secret Wars and Surprising Use of American Powerâ â" which reveals that President Obama personally oversaw the development, and ordered the deployment, of the worldâ(TM)s most sophisticated computer virus, unleashed (in cooperation with Israel) on Iranâ(TM)s nuclear enrichment facility.

    Isnâ(TM)t it amazing how the U.S. is constantly the worldâ(TM)s first nation to use new, highly destructive weapons â" at the same time that it bombs, invades, and kills more than any other country by far â" and yet it still somehow gets its media to tell its citizenry that it is Americaâ(TM)s Enemies who are the aggressors and the U.S. is simply a nation of peace seeking to defend itself.

    Needless to say, if any cyber-attack is directed at the U.S. â" rather than by the U.S. â" it will be instantly depicted as an act of unparalleled aggression and evil: Terrorism. Just last year, the Pentagon decreed that any cyberattack on the U.S. would be deemed âoean act of war.â

    1. Re:Sounds more like an expansion of the MIC. by AHuxley · · Score: 1

      Get them young, give them a security level and set them to work.
      http://www.foreignpolicy.com/articles/2012/04/18/patriot_games
      PATCON, for "Patriot-conspiracy" shows what can be done over years, the total mapping of many groups within the USA.
      You need telco, database and local informants, long term sleepers- over many states and remote telco networks.
      Enjoy the world wide wiretap, its their net and cpu power is cheaper every year :)

      --
      Domestic spying is now "Benign Information Gathering"
  6. Question: Has DHS ever NOT fubared... by dsmithhfx · · Score: 1

    ...anything it set out to do?

    1. Re:Question: Has DHS ever NOT fubared... by Mashiki · · Score: 1

      No. It's actually much worse, they go out and roll in their own shit while screaming it doesn't stink.

      --
      Om, nomnomnom...
  7. The real experts on "cyber" security... by gavron · · Score: 4, Insightful

    When Bruce Schneier and Eugene Kaspersky sign on, it will be apparent that there
    are true experts in the field.

    Until then, the US Department of Homeland Security is nothing more than a joke.
    They disrupt airline travel, train travel, and now have roving "viper" patrols to
    harass motorists. They've done nothing useful in 10 years. That's right, an
    entire decade of harassing travelers... with nothing to show for it.

    "Well you haven't seen terrorists take over airplanes, so clearly we're effective!"
    I haven't seen Santa Claus or Jesus either, so I'm guessing DHS took them out
    at the same time as all the terrorists. Either that or the terrorists really used
    airplanes as an attack vector 11 years ago and have now MOVED ON.

    Do they know anything about "Cyber" security? If so, have they stopped using
    Microsoft Windows -- the number one attack vector of computer security problems --
    and moved to a secure operating system? No. Are they still using Internet
    Explorer -- the most malware open browser -- to view the Internet? Yes. Are they
    still sending meeting requests to each other using Outlook -- the most malware-
    friendly scheduling tool -- yes.

    Until DHS can demonstrate a purpose, reason for existence, an understanding of
    technology in general [milimeter wave spectroscopy, let alone Windows], they are
    not only the WRONG leader to follow. They are a loud obnoxious neighbor throwing
    up in everyone else's back yard.

    E

    1. Re:The real experts on "cyber" security... by Ryanrule · · Score: 1

      Well, some of bushes buddies got very rich off of it.

    2. Re:The real experts on "cyber" security... by Fallon · · Score: 1

      While not Schneier or Kaspersky, Jeff Moss did found DefCON & Black Hat. He has some real skills & experience as a security expert.

    3. Re:The real experts on "cyber" security... by elucido · · Score: 1

      While not Schneier or Kaspersky, Jeff
      Moss did found DefCON & Black Hat. He has some real skills & experience as a security expert.

      If that is the standard that they are going by, that one has to be Bruce Schneier to be qualified then probably only Bruce Schneier and a handful of others in the entire world are qualified. If you look at what most of the jobs being advertised are, you don't have to be Bruce Schneier. If you look at what they expect people to know and what they ask people to do, it's digital forensics, it's policy, it's not as technical as designing encryption algorithms, it's more deciding which encryption to use and which access control policy and so on.

      Based on the certifications they list as wanting the skill-set bar isn't that you have to be a professor in cryptography. It's that you need to be certified in X with Y years experience.

  8. Step 1 - by Lumpy · · Score: 1

    Dismantle the "homeland security" department. Wipe them out as they are useless waste of money.

    Step 2 - give the funds to the FBI and CIA, the people that actually have been doing this stuff for far longer and are far better at it.

    Step 3 - allow the FBI to shoot any senator that tries to make yet another department for "Security" so he can help his donors businesses.

    No the CIA cant shot senators, they are not supposed to work inside the USA.

    This is the problem. We used to have a clean division. FBI Inside, CIA outside. that way we don't get Traitorous acts of spying on US citizens by the CIA happening in secret, like we get with the Homeland Security.

    But then checks and balances get's in the way of profits and power, and we cant have that.

    --
    Do not look at laser with remaining good eye.
    1. Re:Step 1 - by a90Tj2P7 · · Score: 1

      The whole point of DHS was to make and maintain a clean division of roles. The TSA's only part of that, things like FEMA and the secret service have been moved under that umbrella as well. The FBI is supposed to be the national-level police force, they shouldn't be getting involved in industry regulation and policy.

    2. Re:Step 1 - by lister+king+of+smeg · · Score: 1

      i though that the US marshals were the nation police force

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
    3. Re:Step 1 - by a90Tj2P7 · · Score: 1

      Oversimplifying a bit, the FBI handles the investigation and prosecution of federal criminal offenses, the marshal service provides security for the federal court system (personnel, buildings, endangered witnesses) and hunts down fugitives. They're more or less national-level court officers.

  9. Citizen! by alexmin · · Score: 1

    Open your wallet even wider!

  10. Rules for new hires .... by Anonymous Coward · · Score: 5, Informative

    Rules for new hires ....

    I used to work on government contracts where clearance was required and have applied for contract jobs recently. The old guard boss is still there and he is more clueless than ever.

    During the interview, it was clear:
    * Nobody interviewing me was qualified to do that from a technical perspective. They were smart, just not smart about anything related to computers, networking, ....
    * My skill set addressed 3 of their open positions. I'm serious.
    * My rate was pretty low, yet the 3 guys kept talking about how expensive I was.
    * The clearance from my prior job was 5.1 yrs old - WITH THE SAME COMPANY, just at a different place. The interviewer/manager couldn't be bothered to look up the name of the security officer at the other location.
    * After I was deemed to be a perfect fit - aircraft, networking, languages, sys admin - the boss decided to list all the mandatory aspects of the job.
    ** be on time. Start time for my job was 7am at the latest. I'm serious. 7am **everyday**, regardless of what was happening that day. I understand that 4am was commonly needed - that was the nature of this specific job. Testing new aircraft is an early morning thing.
    ** Never talk back. He actually said that.
    ** Lunch was 30 minutes. Ok, this was getting funny.
    ** No leaving work early - PERIOD. Not even for Dr appointments. If I needed to pick up a sick kid early from school, I could be fired.

    This boss seemed to have been from the 50s. I think he worked on an aircraft assembly line, not with "professionals" and he definitely didn't have a clue about IT people.

    A week later, I followed up with the interviewer (mainly to be polite) to see where I stood. He hadn't done anything. I'd already decided to take a different position, for a 30% higher rate, which I know now is still cheap. 3 weeks later, he called me back and seemed shocked that I was working somewhere else.

    Government hiring managers are clueless. They don't understand the competitive nature of the world and that people have other opportunities - some much more interesting for much more pay without all the hassles from old-style bosses.

    I don't want to say that all government bosses are like this, I've worked on other contracts where I was treated with respect, paid fairly, had a great boss - we worked long and hard doing great things for the government - it was good.

    I remember going to a recruitment meeting at my college for some 3-letter agencies. After all the hype in the first 10 minutes, they said that if you'd ever used any drugs, including pot, you would not be hired. 50% of the room got up and walked out. I think the other 50% were 80% liars. Personally, I don't want people who have never inhaled making decisions about my life and definitely don't want someone so straight to represent the USA abroad.

    Anyway, to be happier at a new job, you'll want to
    * get the pay scale early in the process
    * get any "work rules" understood
    * find out if your actual boss is a prick

  11. Re:Altso Hitler Jugend by AHuxley · · Score: 1

    Moms and dads ask - will s/he advance in a blue or white shirt?
    Or keep saving and try a National Center of Academic Excellence in IA Education.

    --
    Domestic spying is now "Benign Information Gathering"
  12. Sounds Great by Curunir_wolf · · Score: 1

    Yea, that's not frightening. Not at all.

    --
    "Somebody has to do something. It's just incredibly pathetic it has to be us."
    --- Jerry Garcia
  13. Cybermen by Roger+W+Moore · · Score: 2

    As much as I dislike the word "cyber" and the overuse of it as a prefix, it's not really "wrong" anymore.

    I agree, particularly in the context of US Homeland security we should refer to the new workforce as cybermen: emotionless, de-humanized creatures who have no compassion. Not only will this likely be accurate but it might also stop them using the term 'cyber' for everything.

  14. Wrong Move by DaKong · · Score: 1

    The best thing to do for national security is to immediately de-fund and dissolve the Department of Homeland Security. WTF is a "Homeland" anyway? Is that like a "Fatherland" or "Motherland?" As an American, as one whose ancestors signed the Declaration of Independence and also who got here long, long before, I am deeply offended by and opposed to calling this country anything but "The Land of the Free, and the Home of the Brave."

    DHS, and their child agency, TSA, need to clear out their desks immediately and to not let the door hit them on the ass on the way out. They must be not only barred from ever working in government again, but to be stripped of their citizenship and exiled to North Korea, Cuba, or some other sufficiently totalitarian state more predisposed to their dysfunction.

    --
    If not us, who? If not now, when?
  15. The 30 year Job by braindrainbahrain · · Score: 1

    Cybersecurity has got to be a great job! Why just the other day I submitted a story about how a fellow from the State Department said the cybersecurity "would most assure 30 years of steady, well-paying employment".

      What do you say cyber dudes (and dudettes) out there? Are recruiters calling you? Are you getting retention or sign-on bonuses? Is the grass really that green over there?

  16. We've already done this by Anonymous Coward · · Score: 1

    In April my university's Information Security club held a cyber defense competition geared for high school students. This was funded in full by the government (NSA or the DOD, I don't remember specifically which). Their motive behind it was to get the students interested in info sec so that they'll hopefully have these kids in the workforce later on. It was a lot of fun and our club made up the white and red team. We had a great time and so did the students so I guess it was a success.

  17. Then what? by elucido · · Score: 1

    They never outline a clear path from University to a job in Cyber Security. All the Cyber Security jobs they talk about expect years of experience, a security clearance, and social connections. Most people will be lucky to have just one of those qualifications.

    As far as skills go they can take any college student off the street. As far as experience goes they can find some people who have skills and experience. When they want skills, experience and a security clearance then their list is drastically smaller. When they want all of this and want to pay chump change, then they run into problems.

    If their goal is to build a cyber workforce, in my opinion the answer is paid internships. If they offer 10,000 paid internships a year they'll have a skilled workforce in no time. If they want to save money they could even get away with offering it unpaid and in this economy people would still take it.

  18. Re:Some of your points are PURE "b.s." by lister+king+of+smeg · · Score: 1

    android is a bad example of why Linux is insecure. First off name one drive by download virus or self executing virus for android, scrap that name one actual virus for android, there aren't any at least in the wild. what there are is malware. malware exist for all systems and is an entirely different problem than viruses, maleware must be installed by the user/admin to run. meaning you have to give it permission to run i the first place. secondly the permission system on android is fubared.

    these problem don't occur in gnu/linux (as opposed to android/linux) for a number of reasons, one of whice is that you are allowed to be root and that isn' the special right of google, phone carrier, or manufacturer it is you. you can secure it and fix holes, those holes are left in the android system to make it easer for grandma to use her phone. where on gnu linux there is maleware you don't usualy see it because most apps are available via a well vetted repository system where the maintainers and users can review the source code and catch malaware ( malware writers don't want you to see the code because you might remove their crap and have a usable app and they would get caught.) there are also binary only apps in some distos repositories but those are still vetted nut not at the source level. with google apps however the is a much less stringent vetting system they are trying but there is still the issue of fubared permission that they are not willing to fix, which will perpetuate the problem.

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.