Intelligence Agencies Should Recruit Like Google

Finding good intelligence hires is difficult. Information technologists are capable of  these recruiting efforts, using unconventional methods. 

While conducting a search for “python lambda function list comprehension,” programmer Max Rosett was suddenly invited to attempt a cryptic coding challenge. After completing it, he was contacted by Google, where he now works. The challenge was part of Google’s novel recruiting strategy, which allowed the company to identify talent by analyzing search habits.

In the wake of the Paris killings, Western leaders have begun emphasizing a need to ratchet up intelligence efforts. Much of what they propose would involve personnel. There is a widespread feeling that too much is slipping through the cracks, and what seem like small lapses are leading to unacceptable catastrophes.

Hillary Clinton has called for an “intelligence surge.” David Cameron pledged that the UK would hire 1,900 new intelligence officers, and the French enacted sweeping emergency powers, many of them designed to strengthen and broaden intelligence-gathering operations.

Even before the terrible recent events, Washington was well aware of how badly it needs Silicon Valley. Prominent officials have made repeated visits to Palo Alto, and Defense has invested a great deal of money in tech. These efforts go well beyond recruiting, seeking innovations and tools that are considered “vital to the future of national defense.” Information technology and intelligence are now inextricably linked.

Despite these overtures, the relationship between government agencies and tech is at a low point. The issue of encryption has been the primary source of contention. Law enforcement seems to feel that tech firms are prioritizing customer retention and privacy over national defense, while security experts feel that the agencies fail to understand the technical difficulties underlying their requests, as well as the fact that they are undermining the very security they hope to achieve by making systems generally more vulnerable to attack.

Things have gotten so bad that the tone among technical experts has shifted toward open contempt, which is understandable when their critics have openly admitted to lacking even basic knowledge of the technologies they opine upon. 

Finding good intelligence hires is difficult. It requires identifying individuals who can absorb large quantities of information while quickly and accurately gauging significance and risk. Information technologists are uniquely capable of facilitating these recruiting efforts with unconventional methods. 

But where tech could be most useful is in building software tools. One of the biggest issues intelligence agencies face is akin to the “big data” problem so often talked about in tech: They need to find a way to effectively analyze and act upon the huge stores of data at their fingertips. Many of the information sharing programs in place today are concerned more with reporting and providing access to disparate bits of information rather than with gleaning significance and communicating it rapidly.

A recent piece in BankInfoSecurity does a nice job of distinguishing between intelligence sharing and information sharing. We need far more of the former. One area where tech could be extremely useful would be in analyzing volumes of financial data for anomalies. Indeed, this has been an area of increasing focus for governments since the attacks, and with good reason: It quickly became evident that financial information concerning the attackers and their networks was already on hand at a variety of financial institutions. Bank intelligence has already been used to strategically target ISIS oil assets.
TechCrunch: http://tcrn.ch/1J4fwo4

« The Secure Perimeter Cybersecurity Model Is Broken
US Banks Get Tough On Cybersecurity In 2016 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Innovent Recycling

Innovent Recycling

Innovent Recycling provides a secure IT recycling & data destruction service to all types of organizations across the UK.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

Centraleyes

Centraleyes

Centraleyes (formerly CyGov) is a cutting-edge integrated cyber risk management platform that gives organizations unparalleled understanding of their cyber risk and compliance.

Aegis Security

Aegis Security

Aegis Security helps clients to secure their systems against potential threats through pre-emptive measures, such as security assessments, and cutting-edge solutions to security challenges.

NetTech

NetTech

NetTech’s Managed CyberSecurity and Compliance/HIPAA services are designed to help your company prevent security breaches and quickly remediate events if they do happen to occur.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

Unified Solutions

Unified Solutions

Unified Solutions provide a full continuum of cyber security services, compliance, and technology solutions.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.

RapidSpike

RapidSpike

RapidSpike is the only website monitoring solution that focuses all three key aspects of website health: performance, reliability AND security.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.

FoxPointe Solutions

FoxPointe Solutions

FoxPointe Solutions is a full-service cyber risk management and compliance firm.