Intelligence Agencies Should Recruit Like Google

Finding good intelligence hires is difficult. Information technologists are capable of  these recruiting efforts, using unconventional methods. 

While conducting a search for “python lambda function list comprehension,” programmer Max Rosett was suddenly invited to attempt a cryptic coding challenge. After completing it, he was contacted by Google, where he now works. The challenge was part of Google’s novel recruiting strategy, which allowed the company to identify talent by analyzing search habits.

In the wake of the Paris killings, Western leaders have begun emphasizing a need to ratchet up intelligence efforts. Much of what they propose would involve personnel. There is a widespread feeling that too much is slipping through the cracks, and what seem like small lapses are leading to unacceptable catastrophes.

Hillary Clinton has called for an “intelligence surge.” David Cameron pledged that the UK would hire 1,900 new intelligence officers, and the French enacted sweeping emergency powers, many of them designed to strengthen and broaden intelligence-gathering operations.

Even before the terrible recent events, Washington was well aware of how badly it needs Silicon Valley. Prominent officials have made repeated visits to Palo Alto, and Defense has invested a great deal of money in tech. These efforts go well beyond recruiting, seeking innovations and tools that are considered “vital to the future of national defense.” Information technology and intelligence are now inextricably linked.

Despite these overtures, the relationship between government agencies and tech is at a low point. The issue of encryption has been the primary source of contention. Law enforcement seems to feel that tech firms are prioritizing customer retention and privacy over national defense, while security experts feel that the agencies fail to understand the technical difficulties underlying their requests, as well as the fact that they are undermining the very security they hope to achieve by making systems generally more vulnerable to attack.

Things have gotten so bad that the tone among technical experts has shifted toward open contempt, which is understandable when their critics have openly admitted to lacking even basic knowledge of the technologies they opine upon. 

Finding good intelligence hires is difficult. It requires identifying individuals who can absorb large quantities of information while quickly and accurately gauging significance and risk. Information technologists are uniquely capable of facilitating these recruiting efforts with unconventional methods. 

But where tech could be most useful is in building software tools. One of the biggest issues intelligence agencies face is akin to the “big data” problem so often talked about in tech: They need to find a way to effectively analyze and act upon the huge stores of data at their fingertips. Many of the information sharing programs in place today are concerned more with reporting and providing access to disparate bits of information rather than with gleaning significance and communicating it rapidly.

A recent piece in BankInfoSecurity does a nice job of distinguishing between intelligence sharing and information sharing. We need far more of the former. One area where tech could be extremely useful would be in analyzing volumes of financial data for anomalies. Indeed, this has been an area of increasing focus for governments since the attacks, and with good reason: It quickly became evident that financial information concerning the attackers and their networks was already on hand at a variety of financial institutions. Bank intelligence has already been used to strategically target ISIS oil assets.
TechCrunch: http://tcrn.ch/1J4fwo4

« The Secure Perimeter Cybersecurity Model Is Broken
US Banks Get Tough On Cybersecurity In 2016 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CyTech Services

CyTech Services

CyTech provides unique services and solutions complemented with professional subject matter experts to both the Federal and Commercial sectors.

Ripjar

Ripjar

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented.

Intercede

Intercede

Intercede is a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

NetGuardians

NetGuardians

NetGuardians is a leading Fintech company recognized for its unique approach to fraud and risk assurance solutions.

Cryptovision

Cryptovision

Cryptovision GmbH is one of the leading specialists for modern, user-friendly cryptography and solutions for secure electronic identities.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

Armorblox

Armorblox

Armorblox stops targeted email attacks such as 0-day credential phishing, payroll fraud, vendor fraud, and other threats that get past legacy security controls.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

CYBAVO

CYBAVO

CYBAVO is a cryptocurrency security company founded by experts from the cryptocurrency and security industries.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

Cyberi

Cyberi

Cyberi provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance to incident management and response, and technical security research.

CFTS

CFTS

CFTS 'Computer Facilities Technical Services' is a Ugandan ICT Support Company that specialises in infrastructure and support services including network security.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.