U.S. seeks patriotic computer geeks for help in cyber crisis
BOSTON (Reuters) - The Department of Homeland Security is considering setting up a "Cyber Reserve" of computer security experts who could be called upon in the event of a crippling cyber attack.
The idea came from a task force the agency set up to address what has long been a weak spot - recruiting and retaining skilled cyber professionals who feel they can get better jobs and earn higher salaries, in the private sector.
"The status quo is not acceptable," DHS Deputy Secretary Jane Holl Lute told Reuters in a recent interview. "We are not standing around. There is a lot to do in cyber security."
Lute said she hopes to have a working model for a Cyber Reserve within a year, with the first members drawn from retired government employees now working for private companies. The reserve corps might later look to experts outside of government.
The United States has become increasingly vocal about the need to beef up cyber defenses as Iranian hackers have repeatedly attacked the nation's three biggest banks over the past year, raising the stakes in a long-running battle to protect private companies from digital attacks.
The detonation of a cyber "time bomb" at Saudi Arabia's state-owned oil company in August caused unprecedented damage at a private company, pulling 30,000 PCs out of service and raising concerns that similar attacks could occur in the United States.
Defense Secretary Leon Panetta said on October 11 that the country faces a potential "cyber Pearl Harbor" and that foreign groups have gained access to computer systems that control critical U.S. infrastructure, such as chemical, electricity and water plants.
The Department of Homeland Security has had trouble attracting and retaining top cyber talent since it was created after 9/11 in a massive merger of 22 agencies in 2002. In its early days, the DHS farmed out cyber work to contractors so it could quickly get systems running to improve national security.
As a result, the agency tends to award the most coveted cyber jobs to outside contractors. Those positions include forensics investigators, posts on "flyaway teams" that probe suspected cyber attacks and intelligence liaisons.
"It's not the money that makes people go to the contractors. It's the cool jobs," said Alan Paller, co-chair of the DHS task force. "People want the excitement."
The task force advised the DHS to give more exciting cyber work to government workers to help with retention.
NSA VS DHS
Over the past decade, only 3 percent of students who won scholarships through a prestigious government-funded program known as CyberCorps have taken jobs with DHS. In contrast, nearly a third chose the National Security Agency, according to the task force.
Tony Sager, a task force member and former NSA senior official, said the military intelligence agency has a strong "brand" that opens doors for recruiters.
"DHS doesn't have that sense of 'Wow,'" he said. "There are plenty of cool jobs at DHS. The job is identifying them."
The NSA has spent decades building cachet with university students through on-campus programs and, more recently, with children through cartoon puzzles on the Web. Once people join the NSA, they typically stay for a long time, said Sager, who retired this year after 34 years at the agency.
The DHS task force recommended it set up two-year cyber programs at community colleges to train large numbers of people and encourage military veterans to participate. Lute said the first of those programs could start next year.
Jeff Moss, who co-chairs the task force, said the community college programs would produce more graduates than needed, but the question is how many of them would want to work for DHS.
"Hopefully we'll get our fair share," said Moss, who founded the Def Con hacking convention 20 years ago during a summer break before he started law school.
The DHS may need to boost salaries as well. One former agency official who left government for a job with a private company said that some staff quit DHS jobs, then were immediately returned as employees for outside contractors.
"On Friday they are a government employee working making $80,000 a year. On Monday they are a contractor at the same desk and the government is paying them roughly $150,000," he said.