One of the most pressing cybersecurity issues facing government is the ability to recruit and hire talented professionals, who either have a knack for cyber or come highly skilled with a security background.
The FBI, for example, has 56 major field offices, 200 satellite offices and locations around the world. There is a strong need in all of those offices for people who have cyber backgrounds, skills, knowledge and abilities, said Pete Mitchener, Assistant Section Chief, Cyber Intelligence Section, FBI Cyber Division.
Individuals with a computer science background make strong candidates, but they aren’t the only potential hires on the FBI’s radar, Mitchener said during a GovLoop training event Tuesday on the Evolving Tactics to Combat the Cyber Threat.
People adept at analysis work, who can identify the broader ramifications of a cybersecurity attack against a financial institution or a company like Sony and what it may mean for other firms in an industry or the larger economy, are valuable assets to the FBI and in particular Mitchener’s section.
His section focuses on cyber intelligence and looks at not only the “what” aspect of cyber but also the “so what.” His team also works on cyber investigations in regional areas, such as East Asia and the Middle East, so having knowledge of those areas and the language are valued attributes. Individuals who understand the mindset and workings of cyber criminals also make attractive candidates.
“We’re trying to convince the best and the brightest who may be hackers in a different community of interest that they don’t have to wear a Jos. A. Bank suit to come work for us,” Merritt Baer, Chief of Staff, Cyber Strategy, Department of Homeland Security, said during the event.
Defending Against Evolving Cyber Threats
“A lot of the times when people talk about the cyber threat there is not always a realization that the cyber threat has manifested in a lot different ways,” Mitchener said. “It’s not just one category of actor.”
“You could have the 14-year-old who [says], ‘hey AOL is still around, I’ll see what’s there,” Mitchener said, responding to a question about how government can defend against a range of cyber attacks, including an alleged hack that is reported to have breached the personal AOL email account of CIA director John Brennan and the Comcast account for DHS Secretary Jeh Johnson.
The threat varies and includes the curious and mischievous; cyber criminals seeking financial gains; hacktivists motivated to break into computer systems and promote an ideological agenda; as well as nation state actors using highly-skilled experts to gather intelligence and make economic gains.
“I can’t tell you how many cases I’ve seen where it’s social engineering,” Mitchener said of the method commonly used by hackers to trick people into divulging sensitive information. “It’s [these] other things that allow the hackers to get in to do what they do, which no firewall in the world is going to detect.”
That’s why the FBI is developing all employees to ensure they are aware of cyber threats and steps they can take to help raise the agency’s defenses. “We all have limitation on what we can do,” Mitchener said, whether it’s experienced cybersecurity professionals or resources. “One of the most effective things we can do to have better cybersecurity structure is to work and develop partnerships.”
For example, the FBI and DHS have multiple partnerships to help the government and private sector share cybersecurity best practices. One of those partnerships involves training companies on how to do intelligence analysis.
What’s Next for Cyber?
“I’m convinced that this mostly open source, mostly unclassified world of negotiations between companies and between government and companies is where the puck is moving in cybersecurity,” Baer said.
She doesn’t see companies as nefarious actors trying to avoid responsibility when it comes to cybersecurity but rather organizations that prioritize the bottom line and need to understand the return on investment and economic implications of better cybersecurity.
Part of DHS’s role has been making tools available for companies to roll out the right cybersecurity solutions for their needs. Upon request, the department goes onsite to companies and provides red team testing to measure the security of unclassified business networks and identify gaps.
“Part of the delicacy of this is that we have to have a trust-based relationship,” Baer said. “We have to preserve some limits on liability, and this is also what feeds into our information sharing legislation currently. We are really looking to ensure that we have time to scrub any sensitive or otherwise delicate data.
I can tell you, that if the gov, took a few people hired them put them thru their program taught then what they needed to know, taught them how to search and destroy these hackers, they wouldn’t be such a problem, but the government, doesn’t doesn’t want to seem to listen to reason, the want to spend billions on crap they don’t need.
I believe these all I said is really and there are not problems American African Indian, S.E Asian, European, Middle Eastern, Mexican, Christians, and Islam’s communities in the worlds more than them, and also the dictatorship some local Government, work discrimination in lost many generations hopes youth the youths have the power to exercise political control they evolved what is going on in other worlds but middle and east Africa are not possible that because the youths have not strong education to help to Analysis programs are Also there is problem economic. But we can be changed this if we get. I believe the youth of the third world and American, African Indian, S.E Asian, European, Middle Eastern, Mexican, communities in the worlds in specific face many challenges, We can Summarize it as follow: Poor education and absent of jobs.
High quality education Systems
2 Jobs Creation for the youths, and the spread of drugs and absent of Gov. Control.
3 The lack of training program.
4 Subsidy economic Systems for the poor family etc. Due to lower income the family weakens and as a result the education was not a priority.
The Gov. Political Systems in most of the Middle East is form dictatorship that subdues any form of freedom speech.We want to understand how people from different countries solve problems in their own nations and we want to provide support to the local community as well as those returning to their homeland enriched with knowledge and education gained here.
We will provide this support though community volunteer work, helping both children and adults with interpretation, homework, practicing languages, religious study, and after-school programs. We want to provide these services because we are young African American, Indian, S.E Asian, European, Middle Eastern American leaders who think it is important to help create new leaders for the future. We hope to address and come up with solutions to issues both in America and all over the world such as agriculture, business/entrepreneurship, children/youth/human rights, community development, education, technology/telecommunications, health and women’s issues.
We must strong relationships trust share goals.
Create a Map all other civic society.With these efforts to integrate many people of different national backgrounds our intent is to create a community of new leaders that bring a different perspective to this great nation.