Intelligence Agencies Should Recruit Like Google

Finding good intelligence hires is difficult. Information technologists are capable of  these recruiting efforts, using unconventional methods. 

While conducting a search for “python lambda function list comprehension,” programmer Max Rosett was suddenly invited to attempt a cryptic coding challenge. After completing it, he was contacted by Google, where he now works. The challenge was part of Google’s novel recruiting strategy, which allowed the company to identify talent by analyzing search habits.

In the wake of the Paris killings, Western leaders have begun emphasizing a need to ratchet up intelligence efforts. Much of what they propose would involve personnel. There is a widespread feeling that too much is slipping through the cracks, and what seem like small lapses are leading to unacceptable catastrophes.

Hillary Clinton has called for an “intelligence surge.” David Cameron pledged that the UK would hire 1,900 new intelligence officers, and the French enacted sweeping emergency powers, many of them designed to strengthen and broaden intelligence-gathering operations.

Even before the terrible recent events, Washington was well aware of how badly it needs Silicon Valley. Prominent officials have made repeated visits to Palo Alto, and Defense has invested a great deal of money in tech. These efforts go well beyond recruiting, seeking innovations and tools that are considered “vital to the future of national defense.” Information technology and intelligence are now inextricably linked.

Despite these overtures, the relationship between government agencies and tech is at a low point. The issue of encryption has been the primary source of contention. Law enforcement seems to feel that tech firms are prioritizing customer retention and privacy over national defense, while security experts feel that the agencies fail to understand the technical difficulties underlying their requests, as well as the fact that they are undermining the very security they hope to achieve by making systems generally more vulnerable to attack.

Things have gotten so bad that the tone among technical experts has shifted toward open contempt, which is understandable when their critics have openly admitted to lacking even basic knowledge of the technologies they opine upon. 

Finding good intelligence hires is difficult. It requires identifying individuals who can absorb large quantities of information while quickly and accurately gauging significance and risk. Information technologists are uniquely capable of facilitating these recruiting efforts with unconventional methods. 

But where tech could be most useful is in building software tools. One of the biggest issues intelligence agencies face is akin to the “big data” problem so often talked about in tech: They need to find a way to effectively analyze and act upon the huge stores of data at their fingertips. Many of the information sharing programs in place today are concerned more with reporting and providing access to disparate bits of information rather than with gleaning significance and communicating it rapidly.

A recent piece in BankInfoSecurity does a nice job of distinguishing between intelligence sharing and information sharing. We need far more of the former. One area where tech could be extremely useful would be in analyzing volumes of financial data for anomalies. Indeed, this has been an area of increasing focus for governments since the attacks, and with good reason: It quickly became evident that financial information concerning the attackers and their networks was already on hand at a variety of financial institutions. Bank intelligence has already been used to strategically target ISIS oil assets.
TechCrunch: http://tcrn.ch/1J4fwo4

« The Secure Perimeter Cybersecurity Model Is Broken
US Banks Get Tough On Cybersecurity In 2016 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Agari

Agari

Agari is the Trusted Email Identity Company™, protecting brands and people from devastating phishing and socially-engineered attacks.

Lanner Electronics

Lanner Electronics

Lanner Electronics is a leading hardware provider for advanced network appliances and industrial automation solutions including cyber security.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

OutThink

OutThink

OutThink is a web-based platform (SaaS) that has been developed specifically to identify and reduce risky workforce behaviours and build a risk aware culture.

AppOmni

AppOmni

AppOmni is the only SaaS CSPM solution that gives teams all the tools they need to be successful – from security posture management to monitoring and detection to continuous compliance.

Neovera

Neovera

Neovera is a trusted provider of managed services including cyber security and enterprise cloud solutions, committed to delivering results through the innovative use of scalable enterprise-grade tech.

Dashlane

Dashlane

Dashlane puts all your passwords, payments, and personal info in one place that only you control. So you can use them instantly. Securely. Exactly when you need them.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

West Midlands Cyber Resilience Centre (WMCRC)

West Midlands Cyber Resilience Centre (WMCRC)

The East Midlands Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Opus Security

Opus Security

Opus dramatically reduces cloud security risks by enabling teams to define, orchestrate, automate and measure remediation processes across the entire distributed organization.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

HTL Support

HTL Support

HTL Support, your trusted partner for comprehensive IT support in London. We specialize in delivering top-tier IT solutions tailored to both large enterprises and small businesses.

SplxAI

SplxAI

Our mission at SplxAI is to secure and safeguard GenAI-powered conversational apps by providing advanced security and pentesting solutions, so neither your organization nor your user base get harmed.