Slashdot Mirror

← Back to Stories (view on slashdot.org)

Government, Military and Private Sector Fighting Over Next-Gen Cyber-Warriors

Posted by samzenpus on from the best-people-for-the-job dept.

An anonymous reader writes Both the U.S. Army and Britain's intelligence agency GCHQ launched new initiatives to address their severe shortfalls in cyber-security specialists. The United States Army Reserve launched the "cyber private public partnership" (Cyber P3) on Capitol Hill, which will give reservists the opportunity to train as cyber-warriors in six U.S. universities, in partnership with 11 employers. In the UK GCHQ announced an "Insiders Summer School", where first and second-year computer science undergraduates will be paid to attend a ten week intensive cyber-training course, culminating in a live display of their online and hacking acumen. The Government Accountability Office estimates a shortfall of 40,000 cyber security operatives, and with multiple branches of government in several western countries fighting each other (and the private sector, and the criminal arena) for the patronage of computer science students, cyber-security is looking to be the safest career path an undergraduate could pursue.

68 comments

  1. H1-b by Anonymous Coward · · Score: 0

    Seems to work for business and lord knows that Congress is only too willing to increase the limit.

    1. Re:H1-b by Fire_Wraith · · Score: 1, Informative

      Will never happen. It's probably the biggest upside to working in military/sensitive government IT - it can't be outsourced, the work has to be done by US Citizens (usually with security clearances) by law.

      That's not to say there aren't downsides, but worrying about H1-Bs isn't a concern.

    2. Re:H1-b by Anonymous Coward · · Score: 0

      Will never happen. It's probably the biggest upside to working in military/sensitive government IT - it can't be outsourced, the work has to be done by US Citizens (usually with security clearances) by law.

      Never say never. Laws change and I would not put it past congress to allow 'exceptions' because poor old USA is short of STEM professionals willing to work for food.

    3. Re:H1-b by Fire_Wraith · · Score: 1

      I expect the CIA will become the Central Intelligence Corporation (a la Snow Crash) long before it ever lets uncleared/non-Citizens do its IT work, and that pretty much goes for the rest of the National Security apparatus.

      The thing to keep in mind, too, is that this isn't just about the Government and the IT Workers it pays, it's largely about the Government Contracting firms that act as the middlemen. It's in the interests of those big corporate players in that arena (Northrop, Lockheed, GD, Booz Allen, etc) that it stay that way, because I doubt they're terribly interested in competing with Indian outsourcing firms, nor are they going to be keen on the fact that lowered prices on Defense IT means they can't charge the Government as much for those services.

  2. Military hinders itself by Anonymous Coward · · Score: 0

    If they really wanted to get people to fill these roles they wouldn't require them to go through the whole basic training garbage they require for entry. The type of people who would be good for these roles are not the type of people who will go through basic training. Which is why they go to the private sector and then get hired as a contractor thus bypassing the entire process and probably making more money anyways.

    1. Re:Military hinders itself by DroolTwist · · Score: 1

      If they really wanted to get people to fill these roles they wouldn't require them to go through the whole basic training garbage they require for entry. The type of people who would be good for these roles are not the type of people who will go through basic training. Which is why they go to the private sector and then get hired as a contractor thus bypassing the entire process and probably making more money anyways.

      If I'm not mistaken, there was an article a month or two ago (at work so not much time to search on it) that was talking about the Air Force dropping requirements for physical conditioning (IE., no basic training, no staying in shape). So they are already working on that aspect of their target audience.

  3. What does the military think it is doing? by fuzzyfuzzyfungus · · Score: 1, Interesting

    Are the armed services types swarming over this just because if it has 'warrior' in the name they have to get a piece of the action, or do they actually have something resembling a coherent plan for being able to make a convincing pitch to the people they are hoping to attract?

    Buying their services as consultants, or as civilian employees of DoD agencies, sure; cut them a check and they'll show right up; but some of these plans actually seem to involve enlisted geeks wearing hilariously incongruous camo in front of banks of monitors and 'cyber warrior'-ing. How is selling that going to work?

    1. Re:What does the military think it is doing? by Nidi62 · · Score: 3, Informative

      Buying their services as consultants, or as civilian employees of DoD agencies, sure; cut them a check and they'll show right up; but some of these plans actually seem to involve enlisted geeks wearing hilariously incongruous camo in front of banks of monitors and 'cyber warrior'-ing. How is selling that going to work?

      Civilians, even DoD civilians, are held to different standards than enlisted men and officers. Soldiers are held to the UMCJ and can be controlled much tighter. Just compare the treatment of Manning and Snowden. Plus you have to pay a civilian or contractor a lot more than you can a PFC or specialist. And if you relax physical requirements for these guys, weel then what about your mechanics or clerks or cooks? Morale issues can easily rise up from that.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
    2. Re:What does the military think it is doing? by portwojc · · Score: 1

      They have the beret already might as well give them warrior in their title too. They'll still be called a REMF though. Yeah that is a little mean...

    3. Re:What does the military think it is doing? by ShanghaiBill · · Score: 2, Interesting

      This is about money. Military budgets are being cut. The public has lost their appetite for foreign wars. Manned systems are being replaced with drones and robots. Even the few ongoing spend-a-thons, such as the F-35, are continuing out of political inertia, rather than any sincere belief that they make sense.

      So what is a general, looking for a nice cushy command, while padding his pension, supposed to do? The obvious answer is "cyber-warfare". It is a hot topic. Money is being thrown at it. The only question is which branch will get the lion's share. So the Army, Navy, Air Force, and even the Marines, and falling over each other to make proposals.

      A junior officer once referred to the Soviet Union as America's enemy. General Curtis LeMay quickly corrected him: "The Soviets are our adversary. Our enemy is the Navy."

    4. Re:What does the military think it is doing? by ShanghaiBill · · Score: 5, Insightful

      Just compare the treatment of Manning and Snowden

      That had little to do with the difference between "military" and "civilian", and much more to do with the difference between "got caught" and "got away".

    5. Re:What does the military think it is doing? by DoofusOfDeath · · Score: 2

      Buying their services as consultants, or as civilian employees of DoD agencies, sure; cut them a check and they'll show right up;

      That works for a while. Eventually many of the best software developers working for the Navy installation I was at quit because of the senseless bureaucracy. When you're spending more time fighting your network administrators and purchasing agents than you are actually developing software, only the most committed, desperate, or indifferent developers will stay.

    6. Re:What does the military think it is doing? by fuzzyfuzzyfungus · · Score: 1

      That's exactly why I'm confused.

      If you are of the necessary talent and expertise to be of use for this sort of work, why would you go for the relatively lousy salary, potential to have your career advancement tied to your perceived ability in infantry combat, and comparatively strict rules when you could do the same job for either some private sector outfit, or for the DoD; but as an expensive contractor?

      I can imagine why the people hatching these plans might want to have a cooler 'cyber command' than one that simply writes checks to contractors; but I'm having a hard time imagining how they plan to get the people that they need to go along with the idea.

    7. Re:What does the military think it is doing? by khasim · · Score: 1

      Civilians, even DoD civilians, are held to different standards than enlisted men and officers. Soldiers are held to the UMCJ and can be controlled much tighter.

      That is correct. But the real question is whether they NEED to be "controlled much tighter". What, specifically, is their mission?

      Also, how does that mission differ from the mission that the NSA is already performing?

      And if you relax physical requirements for these guys, weel then what about your mechanics or clerks or cooks? Morale issues can easily rise up from that.

      Bingo. Why should the cooks be held to a higher standard?

      And I'm also questioning their numbers. How many thousand people do you need to crack networks that are all, basically, running the same software with the same vulnerabilities? A few very talented people writing 0-day exploits would probably be a better investment for ATTACK than 1,000 average coders.

    8. Re:What does the military think it is doing? by DerekLyons · · Score: 1

      some of these plans actually seem to involve enlisted geeks wearing hilariously incongruous camo in front of banks of monitors and 'cyber warrior'-ing. How is selling that going to work?

      What, other than hilariously narrowminded stereotyping of geeks, makes you think it wouldn't work? Not all geeks are the anti-authoritarian pseduo-libertarian stereotype so beloved of Slashdot. (My service, the USN Submarine Service, had and has more geeks than you can shake a stick at.)

    9. Re:What does the military think it is doing? by fuzzyfuzzyfungus · · Score: 1

      The odds that they could get paid better to do the same work if the business of crafting really neat attacks and managing defense ends up being handled by contractors?

      I hardly theorize that geeks are just too edgy and anti-authoritarian to work for the man, man. That's nonsense. Some repulsive percentage of silicon valley is currently fighting like animals to see who can invade customer privacy faster, a markedly more sordid business; convincing them to supply services to the feds will not be difficult. I'm just not as clear on how enticing them to supply those services as enlisted personnel, rather than as contractors, is going to work; given both the substantial private sector demand for similar skills and the DoD's nontrivial problem with avoiding substantial overpayment for services it buys externally.

      My skepticism is not that you'll be able to find people to do the job(outfits like Vupen already do, and I doubt such will become any less common); but that an armed forces recruiter would (barring substantial changes in what they are able to offer) have a particularly good time trying to poach the worthwhile talent from such groups.

    10. Re:What does the military think it is doing? by rtb61 · · Score: 1

      Basically they can't, that is the reality. It is all down to mutually exclusive goals. You want very creative intelligent people but you want disciplined single minded people, that is a mutually exclusive goal. You want people who are happy being indoors all of the time but you want fit active people who can spend a lot of time outdoors. You want people who will think freely and independently but you want people who will obey orders without question. You want people who do not indulge in a range of intoxicants but the people who you want actually do indulge in a range of intoxicants. You want buy people you can trust but as soon as you can readily buy people you can no longer trust them.

      So you think privatise it all and they turn a blind eye to what is actually going on with regard to labour as long as you are getting results but the result you want are not the results the contractor wants. The contractor wants more revenue for less effort, more profit and the truth rarely provides that. So privately contract that and you get what we already have, a whole system of lies designed to promote activity that generates more profit and does nothing to solve problems. In fact that run around creating imaginary problems to solve and perversely enough the supposed solutions to those imaginary problems, create real problems that now need to be resolved. You have got the whole US injustice system extortion racket where you blackmail people into jobs but of course they will be untrustworthy and not as skilled as those who do not make all those mistakes and do not get caught in the first place.

      Basically those jobs suck shit and they are only really meant for the perverse, for psychopaths and basically for third raters who cant get employed else where. Perhaps on the defensive side as a real and genuine public service they can get better people based upon being far more tolerant and accepting of personal behaviour but on the offensive side they are screwed.

      --
      Chaos - everything, everywhere, everywhen
    11. Re:What does the military think it is doing? by Anonymous Coward · · Score: 0

      The military is adapting to an emerging battle space.

      Read: They use computers too and need to keep them secure. Defended assets need to be protected from all threats, not just physical. What use controlling a hydroelectric dam in some country if the enemy can prevent it from generating power thanks to specialized malware that jumped the air gap (if there was one)?

      With regards to the U.S. , the military also never forgets the Constitution. Posse comitatus means that there are a lot of cases where an active duty (Title 10) member/unit of the armed forces would be not able to legally act. Because of this the National Guard (both Army and Air) are primarily being tapped for these roles.

      By the way, I'll grant you the term "cyber" is ridiculous but it fits best to describe the battlefield domain. "Electronic/Electric" is just too ambiguous.

      There's plenty of unclassified material laying around on the Internet, usually made available publicly by the DOD, USAF, USA, and USCYBERCOM. In a surprising turn of events, things are not being rushed into and a lot of thought from a lot of smart people has gone into this. Many problems, such as the worry for *retaining* talent let alone attracting it, they are at least aware of. Its very interesting/exciting to see this evolve.

      What comes out publicly from the USA PR machine is a very, very tiny view into what is going on. So take what you will with a grain of salt and realize there's more going on than you are aware of.

      Posting anonymously for reasons...

    12. Re:What does the military think it is doing? by Anonymous Coward · · Score: 0

      Mostly I can agree with your statement. There certainly won't be any vile sort of discharge for refusing to follow orders, etc. As a civilian you are an at-will employee though, and the people in uniforms can ensure that people that they don't like will go away.

      I worked as a civilian for the air force and was nearly fired for refusing to follow an order. The order was issued by a general (who I had never heard of, in fact noone in the whole incident mentioned his name) demanding data from all of our lab machines. This was during the Titan Rain campaign, and we all knew about the campaign at the time. The request ultimately came from a network admin, who I had also never heard of.

      I was a young wippity smartypants and demanded that the request either come directly from my supervisor, or at least be digitally signed using a CAC card by the network admin (CAC standards for Common Access Card, just a smartcard with a data signing applet used for both computer access and digitally signing emails and stuff, ala gnupg). Next thing I know, there are several layers of management who suggest that my ability to work there would be affected by my demand to have some verification on the order. And I was hired specifically to be a computer security person =).

      There are other parts of the .gov that more open to people asking 'why,' but DoD ain't one of them.

      Morale *could* rise, I'm sure. Given that the private sector pays ~200% of the usual dod civilian salary and the added bonus that you get to tell your wife what you did at the end of the day, retention will likely always be an issue.

    13. Re:What does the military think it is doing? by DerekLyons · · Score: 1

      Well, that's just a case of different faulty assumption - that everyone is motivated by money.

    14. Re:What does the military think it is doing? by LessThanObvious · · Score: 1

      The largest problem they will face ongoing is most good engineers and hacker types want absolutely nothing to do with the government. They will be stuck trying to figure out how to play an A game with C players. Go read the Cyber Warrior Field Guide soldier, we need boots at the keyboard!

  4. It's a certification factory dream by Anonymous Coward · · Score: 0

    Within the US DoD this just is a continuation of the proliferation of security and OS certification requirements and the profits generated from them. CompTIA is raking in the dollars from this. You need a Security+ cert, valid for only 3 years, to sweep floors these days and a CISSP to do any real work. Without the cert you can attend all of the training you want but you will not be employed.

  5. Blowing Smoke by Anonymous Coward · · Score: 0

    Again with the stories of shortfalls of trained tech workers. This is more smoke up the you-know-where.

    The story is intended to get a larger than necessary work force involved in the movement. The agencies involved want foreign workers to take part for 2 reasons: deplete the resources from foreign nations (Take away the talented people) and deflate pay for domestic workers.

    They also want a large number of domestic people to get involved in the movement so they can pick "the best of the best" while in reality they choose people based on the tried and true method of nepotism and old boys club.

    The majority of people involved in this plan will be nothing more than people who take courses, learn buzzwords and respond to identified threats in a known manner.

    I take issue with this being passed on as news when there is no shortage of workers, nor will there be a shortage of workers. They pulled the number out of somewhere to increase the acceptable candidate pool by getting the lowest common denominators excited to jump on the bandwagon.

    Slashdot, I am disappoint.

  6. They never hire for these jobs as far as I see by Anonymous Coward · · Score: 1

    I've jumped through the nasty hurdles of the usajobs.gov sites hundreds of times, and never heard back. It's like the resumes go in a black hole, and I've heard similar from other colleagues. 14 years of sys/network admin/security with a masters in cybersecurity... and not one f*cking call back from these gov't jobs ever. Hell, I've even got an active TS clearance, so that hoop is cleared. Finding a job in the private sector.. pffftt... no problem there. Time to overhaul the entire gov't hiring system IMO.

    1. Re:They never hire for these jobs as far as I see by Anonymous Coward · · Score: 0

      Unless you have "preference" points (vet, minority, disability) forget getting a DoD job based on merit. Being a US citizen apparently does not qualify you to work for "your" government.

    2. Re:They never hire for these jobs as far as I see by gmhowell · · Score: 1

      Go work for a contractor. Get to know the feds. Then your resume magically moves to the top in usajobs.gov.

      --
      Jesus was all right but his disciples were thick and ordinary. -John Lennon
    3. Re:They never hire for these jobs as far as I see by Fire_Wraith · · Score: 1

      Federal Civilian hiring is a complete mess. Trying to get in the front door that way is possible, but it's hard, and really really time consuming compared to anything in the private sector. As a past fed, though, here's my tip:

      Start with Contracting, as an FTE (Full Time Equivalent).

      Most of the active turnover in any federal agency, including DoD, isn't the civilians - it's the contractors. This is where you're most likely to get hired, and it was how I started out. Your benefits and pay will vary based on what company you work form (big or small, there can be advantages and disadvantages to both*), but as an FTE, you're basically doing the same job as a Federal Civilian. The main exceptions are in terms of authority (you can't speak on behalf of the agency, and may require approval to do certain things, but it's unlikely to be any serious impact on your job from what I've seen).

      This gives you a chance to get to know the agency, figure out if it's one you'd actually want to stay at (or at least get a better idea than from the outside), and also, let your potential future bosses get to know you. If they like you and like your work, they'll likely be more than happy to focus on you when a billet does open up (or possibly even put one into the budget for you). That doesn't mean you're guaranteed to get hired, in writing, but they'll do their best to make it happen (and give you tips on how to navigate and get through USAJOBS for one). Best of all, the Contracting companies generally love it when this happens, unlike Temp Agencies who get pissy when their clients want to direct hire people, it's in the company's best interests for their former employees to join the agency (because years down the road when that next contract compete comes up, it's very much in their interest to have people with a favorable view having input, nevermind that it looks good on them).

    4. Re: They never hire for these jobs as far as I see by chill · · Score: 1

      No. InfoSec is exempt from that. Look for the phrase "direct hire authority".

      The problem is for every opening I've had posted there were 250+ applicants. We only interview the Top 10 and dang near every one of those has advanced degrees and decades of experience.

      --
      Learning HOW to think is more important than learning WHAT to think.
    5. Re:They never hire for these jobs as far as I see by Anonymous Coward · · Score: 0

      > Federal Civilian hiring is a complete mess

      That's the whole point of my post, exactly. "It's a who you know, who you blow" mentality. Worked as a civilian contractor for years, and I'm looking to move to another branch, hence the problem getting in to these positions. Even locally, most of the gov't positions (not just cyber-sec) go to someones old war buddy's brother.. Once these folks are in they are *Impossible* to remove, so some ass-hat who can't do his job worth shit gets to languish away for years sucking off the government-titty.

      I don't stress over this too much, because pay is much better on the contractor side. However, it just pisses me off every time I see one of these articles with the gov't crying "OMG.. there's a shortage of qualified workers"... which is far far from the truth.

    6. Re:They never hire for these jobs as far as I see by Anonymous Coward · · Score: 0

      Federal infosec employee here. The only, and I mean ONLY reason those usajobs postings exist is so the people that recruiters meet in person have something to apply for. Every hiring authority at all the agencies I've spoken to detest the thing. It's clunky, requires you to rewrite your resume countless times, and has to pass through the eyes of a non-tech HR rep ("Don't put any tech acronyms on there since we won't know what it is and will throw it out" quote from an actual OPM hiring official, I kid you fucking not) before it even gets to someone who knows that the fuck they're doing.

      If you want a job, go to a job fair and visit their booths. Talk to an actual person who will basically tell the HR reps who they want to interview, who then pass your resume on up after grabbing it through usajobs. The only way to "cold-call" the system is to be an exceptional candidate based on your listed experiences in the survey.

    7. Re:They never hire for these jobs as far as I see by Whorhay · · Score: 1

      In my experience there is no feedback at all unless you are actually selected for the position or picked for an interview. The agency I have experience doesn't bother with interviews until the GS-13 level. If your resume doesn't explicitly demonstrate experience or training that backs up what you put down on the survey it'll likely be tossed. If you aren't a veteran your chances are also diminished, although this isn't as much of a built in disadvantage as it used to be, however there are a lot more veterans looking for work.

  7. hard to sell a career path these days by nimbius · · Score: 4, Interesting

    cyber-security is looking to be the safest career path an undergraduate could pursue.

    Ok put away the grease gun, we get it. our cybers need more warriors, because our government (at least here in the united states) can only solve problems by declaring a misguided overfuned underperforming war on them. but next-gen cyber warriors only makes sense in a country that hasnt ranked 31st in mathematics, 23rd in science, and 17th in reading on a global stage. next generation technology "warriors" in a country that thinks global warming isnt real and evolution has "alternate" theories is an uphill climb but lets say for the sake of argument we can get past it. Youre now proposing undergraduate education, something consistently underfunded in every state, every year, is the way forward? This type of education represents one of the statistically largest amounts of debt in the US, and its in all likelyhood forecasted as the next bubble to burst. Its a type of education that by all indications has the same rate of employment after completion as having never attended college at all due to 'lack of experience.'

    so lets assume we make this a government priority and not a privatized military like halliburton. what then? The glaring problem in the armed forces isnt funding or training, its plummeting recruitment rates. You see, you can only have a few wars that fail before the limbless vets and combat shocked alcoholics start piling up in society, first outside the VA, and next outside freeway onramps and alleys. Eventually it doesnt matter why youre fighting, they wont join. For the few left who really want to fight a war, Most potential Army reservists are addicted to prescription drugs, are overweight, have mental health problems, or too many tattoos that prohibit them from joining the military. http://www.newsmax.com/Health-...

    --
    Good people go to bed earlier.
    1. Re:hard to sell a career path these days by ixidor · · Score: 2

      About the first part, Basically every Nation-State that is in on the game has a better pool to draw from. About your last comment. have you actually tried to Enlist in the last few years? i have, well re-enlist anyway. No one was hiring, i tried them all even Coast Guard. What i got over and over, no one was getting out, they were shining the total numbers, and with the down economy, the recruiters were basically not needed.

    2. Re:hard to sell a career path these days by Fire_Wraith · · Score: 1

      They're looking to reduce the overall size of the force, so the name of the game right now is convincing people to take early retirement/to ETS/etc. That said, the military doesn't just do raw numbers. They have spots for a certain number of infantry, a certain number of finance clerks, a certain number of mechanics, etc. At any given time, certain specialties are simply going to be in higher demand for a variety of reasons, including things like difficulty of training, and the demand in the private sector. Anything where you can get a job in the civilian world that pays significantly more, like IT security, they will always have some sort of retention challenge, and have to throw extra money at people.

      I'm pretty sure that with my certifications and experience, if I walked into a recruiter's office now looking to reenlist, even out of shape as I am, they'd fall all over themselves trying to make it happen (getting me back in shape, etc). That said, I'm not interested, because I make so much more and get treated so much better in the corporate world. If you're serious about it though, figure out what specialties they need that you're interested in, and if you can sign up to retrain into one of those (have the test scores, etc), or even can apply your Civilian-Acquired skills for.

    3. Re:hard to sell a career path these days by Anonymous Coward · · Score: 1

      I enlisted in the reserve after a break in service when I was offered a position in a cyber command unit. At first, there was a lot of movement in getting things established. After a little while, all drills and AT's became about knocking out required Army training and preparing for the next deployment. These were exactly the reasons I originally left the Army and I am on my way out once again. Not to mention that we never had the equipment or tools we needed to conduct a realistic exercise.

      The intent is solid. However, there are too many things the military needs to give up on if they want to recruit cyber-professionals. These people join for a totally different reason than the typical soldier and require a totally different skill set and training regimen. Keep soldiers sharp and offer training to constantly advance them. I was sent to 1 civilian class and there were people in the class that were unable to use bash or Cisco CLI and the civilian instructor dumbed down the class to accommodate them, even though the class had clearly stated per-requisites that should have filtered these soldiers out. Pay sucks. Offer pay incentives for people in this line of duty. It was hard to take the $2000 hit every time I had to leave work for AT. It was even harder when I didn't get paid, my travel card didn't get paid, or I had to cover expenses on my own. Something was screwed up with my pay every time I traveled. If activated, my pay would be half of my civilian pay. Luckily, my civilian employer would have made up the difference. I think it would make much more sense to hire these people as part-time civilians rather than as soldiers.

      I would also like to add that much of the actual "fun" work is done by agencies such as the CIA that also pay tons of money compared to all but the highest ranks in any military branch. Of course, there are people currently in the military that would love to cross-over. However, it will be difficult to draw people into this type of position when they are already making/doing more on the outside. It will also be hard to keep well-trained individuals. Once you have CEH, CISSP, or some of the GIAC certs you can apply your skills towards, you can't get the civilian recruiters to leave you alone.

    4. Re:hard to sell a career path these days by tehcyder · · Score: 1

      Most potential Army reservists are addicted to prescription drugs, are overweight, have mental health problems, or too many tattoos that prohibit them from joining the military

      Although you describe the sterotypical geek admirably, I'm not so sure about the tattoo thing, I thought they were pretty much compulsory in the Armed Forces..

      I suppose if you had a swastika tattooed on your face they might object, as they wouldn't be allowed to deploy you to Germany..

      --
      To have a right to do a thing is not at all the same as to be right in doing it
  8. Re:Why the United States Always Loses Its Wars by AK+Marc · · Score: 1, Interesting

    Despite defeats in both Iraq and Afghanistan still being dragged out as America's longest running wars in its history,

    Hard to take them seriously when we had troops on the ground in Vietnam since Eisenhower sent them in, until Nixon ordered them all out. First US troops on the ground in 1954 (non combat), and first US soldier death in 1959. The last troops out in 1975. 16 years from first US death to last. 21 from first US military personnel officially in country to oppose the North, to the last leaving. Depending on your definitions, that's quite a range, but still longer than the time from 2001 to now, so I have no idea how Iraq and Afghanistan are the longest. Perhaps it's the revisionist history that Kennedy started the Vietnam war, and Nixon ended it, so there was 8 years of the Vietnam war between Kennedy being voted in and Nixon being voted in, even though Nixon only ended it because he knew it wouldn't be what he's most remembered for.

    --
    Learn to love Alaska
  9. It makes you wonder... by Anonymous Coward · · Score: 0

    How will Democrats cry with outrage and protest "cyber wars" when they become more common?

  10. I'm here... by ressolute · · Score: 1

    This sure doesn't appear to be the case. —an undergraduate about to enter the job market with a degree in security

  11. I don't see it myself... by Anonymous Coward · · Score: 1

    ...cyber-security is looking to be the safest career path an undergraduate could pursue....

    Maybe it's ok for undergrads.

    But I have 35 years in Information Security, was part of the team that developed the BS7799/ISO2700 series world standard for commercial Information Security, and I haven't had a contract for the last year.

    The real trick in computing is not to be 63 years old...

  12. Tackle the easy things first by Anonymous Coward · · Score: 0

    Can our NSA-snooping / cyber-warrior government at least provide some *value* to US citizens ? Easy things from a national level that shouldn't exist:

    - cryptowall/locker
    - spam
    - ddos

    It's great that you're blowing up centrifuges in Iran, but my friend's father (admittedly, PC illiterate) doesn't need to have his family photos crypto-ransomed.

    I could almost accept the full-out privacy intrusion if you did something useful with it. (for us, your citizens)

  13. What about the costs of updating old software / ha by Anonymous Coward · · Score: 0

    What about the costs of updating old software / hardware to fix security?

    Look at the target hack the hvac should of been on it's own network but that likely cost to much Some of the HVAC monitoring software uses an older version of Java.
    also they outscored IT that may of lost the warring signs in the ticket system.

  14. Chasing fads in education again? by ErichTheRed · · Score: 3, Insightful

    "cyber-security is looking to be the safest career path an undergraduate could pursue."

    Uh oh, here comes another surge in CS enrollment. Seriously, I just heard a story talking about how petroleum engineering undergrad programs are suffering because the oil boom is slowly settling back down. These new grads were getting six figure starting salaries when things were going great, and now things are leveling off. Any temporary spike in demand for new grads is usually smoothed over very quickly by economic forces. I would just focus on the fundamentals -- get a good solid CS education, engineering education, or whatever, and your skills will transfer if you have the talent to succeed in these fields without the artificial demand.

    The first dotcom boom led to a huge jump in CS enrollment, followed by a prolonged period of un- or underemployment in the field. I still think we're working through a bunch of the first hangers-on even today that haven't been weeded out completely. Chasing a college major for money if you don't have the talent or desire just ends badly when the temporary good times end and you find yourself in a bad spot. The second dotcom boom today is generating more CS enrollment again as people want to write the hot new phone app...guess where most of them are going to be when the world moves on to something else??

    The reason why the armed forces aren't getting the new grads is most likely due to culture. If you're a civilian DoD contractor, you're paid pretty well but there are a lot of political obstacles to jump over. I've worked with a lot of different types of people in my career, and the "elite cyber warriors" that would be hunting down vulnerabilities in foreign systems would probably bristle at the typical office politics situations, let alone what happens in government/military.

    That said, I've always wondered how the CIA/NSA attracts super smart mathematicians, systems experts, etc. The government pay scale is very rigid. Say what you will about the NSA, but they really do seem to have a pretty big cache of talented people to do some of the things they've been doing. Beyond the idea of public service, the only thing in my eyes that makes a permanent job in government or military attractive is the stability and guaranteed retirement. I'm liking stability now that I've grown up and produced offspring, but I'm sure the typical "elite hacker d00d" straight out of college doesn't care and is most likely hostile to government.

    1. Re:Chasing fads in education again? by Anonymous Coward · · Score: 0

      Say what you will about the NSA, but they really do seem to have a pretty big cache of talented people to do some of the things they've been doing.

      They are desperately battling 13 year olds for control of the Internet, and they even admit that they're not doing it well (more money please!) It's got to be the world's biggest fucking joke.

      So yeah, I began this disagreeing with you, but you're right...How the bejeezus do they attract smart people to such a fucking wank-fest? What have they actually accomplished? STUXNET? A virus that took 20 years of international research and millions of dollars and still had to be socially injected is not that impressive.

      What do these smart people actually do at the NSA? Make fucking tea?

    2. Re:Chasing fads in education again? by Fire_Wraith · · Score: 1

      Some of the agencies do have a certain "cool factor" to them. I'm certain that the NSA's cachet has fallen in the post-Snowden era, certainly, but prior to that, don't you think there'd be some allure to the (perceived) notion of getting paid to legally hack the living crap out of bad guys? Sure, you couldn't brag about it on the internet, but within "the community" people would know. And of course, the CIA has the whole James Bond/Jack Ryan/etc glamour going for it (or did).

      Overall though, it's certainly part of the tradeoff in government service in general. The upside is getting some stability, reasonably good time off (all federal holidays plus 13 days of vacation and 13 sick days per year, going to 19.5 days of vacation after 3 years), lots of free training (the government is far better about paying for this than most companies, or at least they used to be), and generally good work experience. You don't get paid nearly as much, but in many cases you can move to the private sector later and make that money, either in the corporate world or in contracting. If you stay until retirement, you get an actual pension (unlike most of the corporate world) on top of your own 401(k) type savings. I've known a lot of people who retired from government/military and went straight to contracting, sometimes doing the exact same job, except for more money (and on top of the retirement check they were then getting).

    3. Re:Chasing fads in education again? by Anonymous Coward · · Score: 0

      The reason why the NSA is appealing to Mathematicians is because it is one of a handful of places outside of academia that they can still do real math instead of glorified accounting or having to babysit engineers.

    4. Re:Chasing fads in education again? by tehcyder · · Score: 1

      Chasing a college major for money if you don't have the talent or desire just ends badly when the temporary good times end and you find yourself in a bad spot.

      Setting aside the question of whether college should be in any way vocational, you seem to overlook the fact that the vast majority of people do jobs that they are neither particularly talented in, nor full of desire to do in the first place.

      It's called paying the bills, most of the rest is necessary self-delusion.

      --
      To have a right to do a thing is not at all the same as to be right in doing it
    5. Re:Chasing fads in education again? by tehcyder · · Score: 1

      I've always wondered how the CIA/NSA attracts super smart mathematicians, systems experts, etc. The government pay scale is very rigid.

      Once you can pay the bills, most people aren't greatly motivated by money, unless they're entrepreneurial types.

      I suppose it's different in the US, you do seem to equate wealth with success and happiness.

      --
      To have a right to do a thing is not at all the same as to be right in doing it
    6. Re:Chasing fads in education again? by ErichTheRed · · Score: 1

      Interesting points. My experience with federal employees comes from working with regulatory agencies and from friends who work for defense contractors. In general, you're dealing with normal human people who are mired in a mess they can't really directly control. I see very similar stuff at the large corporations I've done work for -- basically a private self-perpetuating bureaucracy. The key to doing well in an environment like that, assuming you don't want to brown nose your way up the ladder, is to learn the exact minimum amount about what's needed to work the system to your ends and not to let it engulf you. If you fight it, it will roll over you -- but if you completely embrace it to the point you know every little trick, become an "insider," you'll hate working there eventually.

      I imagine a lot of this just doesn't exist inside CIA/NSA and the more elite branches of the military. In that way, it probably is pretty cool for a mathematician or computer security genius to basically be given an unlimited budget and free reign to work on something extremely complex. Also, there are still some people with a strong sense of public service...if the right opportunity came along I wouldn't be against it, for example.

      Agreed on the pay scales for government service as well. I almost took a job with the state university system a few years back...unfortunately it was a 20% pay cut for less interesting work. I ended up opting for the more interesting work, but it was a similar deal -- very generous time off, guaranteed permanent employment, and a decent pension. Basically, the only thing that they can offer is a stable wage progression as you gain time-in-grade, small merit increases based on reviews, and a promotional path to change your base pay. So, you really have to want to do it, or have a fun job, or love the work environment, or some combination of this.

    7. Re:Chasing fads in education again? by ErichTheRed · · Score: 1

      "I suppose it's different in the US, you do seem to equate wealth with success and happiness."

      I think that more most mature people who have responsibilities, the motivation is not having to constantly worry whether you can meet your obligations. We just don't have the same labor protections or unemployment compensation that other countries (Canada, EU, etc.) do. There are a lot of people, even the responsible ones, who can't live within their means, and there is a lot of societal pressure to do so.

      For me, having manageable debt and savings generates happiness. Having 2 little kids, we go through periods where we basically spend everything we make, and my happiness level goes down during those periods. For others, that happiness may only come when they have every single consumer toy they can buy, cars, a huge house, etc.

    8. Re:Chasing fads in education again? by david_thornley · · Score: 1

      In the US, wealth is also security. If you lose your job, you lose your health insurance (less true now than six years ago, but still important). Unemployment pay lasts only so long, and then you're screwed unless you have enough stashed away to keep you solvent for a while. Many European countries have a reasonable social safety net and guaranteed reasonable health care of some sort, so a long period of unemployment isn't anywhere near as devastating.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  15. Cyber war is more complex than that by Anonymous Coward · · Score: 0

    Its easy to criticize these generals' actions, especially among the /. crowd, who have more experience in the down-and-dirty of network security than the policymakers themselves, but Cyber War policy is more complicated than what I'm seeing in these comments.

    If you boil it down, the guts of the "cyber warrior" push is to improve the ability of the US military to improve the force multiplier of normal soldiers with better control of enemy information. Just like a guy with a gun is only the tip of a military iceberg, hacking and black hat is only a part of the recipe for cyber war. The rest of the cyber war recipe is outside the scope of expertise on /.. I hope the techies out there with big egos can appreciate that generals are good at their own craft.

  16. Only right-wing nuts need apply by nbauman · · Score: 1, Offtopic

    http://science.slashdot.org/st...
    Posted by samzenpus on Wednesday September 10, 2014 @06:12PM
    from the skeletons-in-the-closet dept.
    sciencehabit writes Valerie Barr was a tenured professor of computer science at Union College in Schenectady, New York, with a national reputation for her work improving computing education and attracting more women and minorities into the field. But federal investigators say that Barr lied during a routine background check about her affiliations with a domestic terrorist group that had ties to the two organizations to which she had belonged in the early 1980s. On 27 August, NSF said that her 'dishonest conduct' compelled them to cancel her temporary assignment immediately, at the end of the first of what was expected to be a 2-year stint. Colleagues who decry Barr's fate worry that the incident could make other scientists think twice about coming to work for NSF. In addition, Barr's case offers a rare glimpse into the practices of the Office of Personnel Management (OPM), an obscure agency within the White House that wields vast power over the entire federal bureaucracy through its authority to vet recently hired workers.

    http://news.sciencemag.org/peo...

    In her 11 August response, Barr questioned whether the special agent who conducted the investigation “can be an impartial evaluator of academic scientists, or anyone with liberal political beliefs.” As evidence, she points to a posting on a blog maintained by the agent, a veteran who served in Iraq, and his family. The item is a copy of a popular Internet meme about an incident that supposedly took place in an introductory college biology course.

    According to the story, a “typical liberal college professor and avowed atheist” declares his intent to prove that there is no God by giving the creator 15 minutes to strike him from the podium. A few minutes before the deadline, a Marine “just released from active duty and newly registered” walks up to the professor and knocks him out with one punch. When the professor recovers and asks for an explanation, the Marine replies, “God was busy. He sent me.”

  17. Private Sector will Win... by maomoa · · Score: 1

    "Have you or do you currently smoke marijuana?" --Yes Clearance Denied....

    1. Re:Private Sector will Win... by Anonymous Coward · · Score: 0

      I've gotten a secret level security clearance even having to have admitted to smoking before. Although I think your point is completely valid and relavent to the shortage

  18. safest career path? by fustakrakich · · Score: 1

    No, most likely you'll be the guy who takes the fall, after the procurement chief.

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:safest career path? by Fire_Wraith · · Score: 1

      I'd say it's a good career path (and I'd hope so, since I'm in it) generally, not in a government specific vein. If anything, I'd say most government agencies aren't going to see the kind of growth that corporate IT security will, because most of the government has been aware that they needed to secure their systems in ways that many corporations didn't.

      Why? Because most non-bank/financial companies didn't really take the threat all that seriously. "I'm just a big-box retail store, IT is a cost center, not a profit driver" or the like. That's changing, I think - hardly a month goes by without some major breach getting into the news, and those are just the ones we hear about. CEOs are starting to get fired over it.

      Moreover, it's not a job that can be automated - or rather, it's already automated, but you need someone who knows what they're doing to manage the bots, and you always will (until the singularity at least, after which all bets on everything are off).

  19. If I were human I believe my response would be by Anonymous Coward · · Score: 0

    "Go to hell" neither government nor security industry give a fuck about people. They both have vested interests in maintenance of the status quot.

    What systems have billions of US dollars spent playing Chloe o'Brian and reenacting scenes from hackers made safe? How many vulns has US government initiatives found and reported and or patched in the interests of protecting US persons and corporations from attack? How many are being actively hoarded by various TLAs?

    Likewise the security industries response to everything is an alphabet soup of nonsensical signature based detection systems which don't work, can't work while completely avoiding forward progress in solving underlying enabling deficiencies.

    Hard to imagine anyone who gives a fuck wanting to waste their time with these clowns.

  20. I have a solution by Anonymous Coward · · Score: 0

    Just outsource it all. More H1-B's! What could possibly go wrong?

  21. Is there really a shortfall? by Anonymous Coward · · Score: 0

    Well it seems like every other person out there is some kind of cyber something or the other. Is there really a shortfall?

  22. this is the pentagon's way of by Anonymous Coward · · Score: 0

    'Controlling the enemy' by hiring them and making them look legit. Basically, they're de-arming the public.

    Know what the state department wanted to do with ISIS? give them jobs, not fight them in war.

    know what we have been doing for 70+ years? trying to bring other countries into our BS mess we call democracy, giving them jobs, opportunity, TO CONTROL them.

    we imported 10,000 fucking Nazi scientists, psychiatrists, propulsion scientists, for example, to bring them into our military industrial complex, into the CIA, to control them, after world war 2...

    that's what we do best. bring them in, and control them!

    FBI wants to hire people who smoke pot? why? to fucking control 'em. lmfao. they can give jobs to people who they want to control.

    are we that valuable to 'em? fuck no. are cyber warriors real? not really. sure DDOS and shit is real, but that just impacts business as usual, sure they want to prevent DDOS and various digital groups from forming and doing their thing..

    mind control 101. devise a program that people you want to control will accept. implement the program. make that person think they're fulfilling a crucial role and are important. prevent that person from doing anything you don't want their entire lives.

    obamasweapon.com

  23. Top-tier schools?? by shadesofgreen · · Score: 1

    "The universities were selected because they are top-tier schools with multi-disciplinary programs, Nelson said. The universities in the Cyber P3 are University of Colorado, Colorado Springs; Drexel University; George Mason University; Norwich University; University of Texas at San Antonio; and University of Washington Tacoma. " Are these really the top-tier schools? Why is MIT, Stanford, Carnegie Mellon, UIUC not in this list?

    1. Re:Top-tier schools?? by Anonymous Coward · · Score: 0

      UIUC.. ? That belongs more with the first list than the second list of school.

  24. looking for what? from where? by bouldin · · Score: 1

    Here's part of the problem:

    The six universities involved are Norwich University in Vermont (the oldest military college in the United States), the University of Washington, George Mason University, the University of Texas at San Antonio, Drexel University and the University of Colorado.

    The only one of these universities with a respectably ranked CS program is U of Washington.