UK Spy Agency GCHQ Is Losing Cyber Talent

In a new document from the Intelligence and Security Committee of Parliament, Britain’s spy agency GCHQ describes its difficulty in fending off tech companies keen to poach its workers.

In the annual report, GCHQ highlights the growing international cyber threat and its need to scale up its own cyber operations accordingly, while noting that hiring and keeping cyber specialists in its ranks poses a strategic challenge.

“As noted previously, the level of resource allocated by Government to cyber-related activities has increased considerably, and it is set to do so still further over the next five years,” the report states.

“… The continued expansion of cyber-related work is dependent on the Government’s ability to recruit and retain cyber specialists. GCHQ previously told us that it struggles to attract and retain a suitable and sufficient cadre of in-house technical specialists because it inevitably has to compete with big technology companies which are able to pay significantly more.”

Four years ago, GCHQ informed Parliament that it had worked to put “more flexible reward packages” in place to attract technical specialists. In an update on the initiative, GCHQ noted that “[this] has worked up to a point. It stemmed the flow of people going out in particular areas at particular stages of their career” while observing that “it does lose people for salaries. We couldn’t possibly compete with four, five times what they are getting from us.”

According to the report, GCHQ admitted that it “can probably never compete purely on salaries,” but still sees the unique nature of its work as a strong draw for potential recruits:

“We compete on mission, worthwhile work, on interesting work, on variety. If you’re a pure mathematician, we’re the biggest employer of pure mathematicians in the UK. 

“Going to some of these companies can be quite disappointing. Very well paid, but quite dull… You can go and be an actuary in the City and earn a fortune and use maths, but it won’t be quite the same as using maths where we are”.

To meet emerging cyber threats, the FBI famously signaled that it might disregard its longstanding drug use policy in order to hire 420-friendly hackers. “I have to hire a great work force to compete with those cyber criminals and some of those kids want to smoke weed on the way to the interview,” former FBI director James Comey told an audience at the White Collar Crime Institute conference in 2014.

Later, after coming under fire from then-senator and noted marijuana enemy Jeff Sessions, Comey retracted his comments and claimed that he was joking, but it’s clear that intelligence agencies are rethinking longstanding norms in order to shape a new kind of workforce, one that can rise to meet the rising tide of global cyber threats.

Techcrunch

You Might Also Read: 

Cybersecurity Has A Serious Talent Shortage:

Former Spy Chief Takes Top Cybersecurity Job:

GCHQ Wants Teenage Girls To Join The Cybersecurity Fight:

 

 

« Social Media Is 'Ripping Society Apart'
British IT Bosses Fear Sophisticated Cyber Threats »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CIO Dive

CIO Dive

CIO Dive provides news and analysis for IT executives in areas including IT strategy, cloud computing, cyber security, big data, AI, software, infrastructure, dev ops and more.

H3C Group

H3C Group

H3C provides a full range of Computer, Storage, Networking and Security solutions.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

MAXXeGUARD Data Safety

MAXXeGUARD Data Safety

MAXXeGUARD: The High Security Shredder. MAXXeGUARD easily destroys hard disks up to the highest security levels as well as other digital data carriers like SSD’s, LTO’s, USB’s, CD’s etc.

mxHERO

mxHERO

mxHERO reduces the risks inherent with ransom and cyber-security threats specific to email.

Lavabit

Lavabit

Lavabit's Dark Internet Mail Environment is a secure, open-source, secure end-to-end communications platform for asynchronous messaging across the internet.

BlockSec

BlockSec

BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top security researchers and experiencedexperts from both academia and industry.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

XBOW

XBOW

XBOW brings AI to offensive security, augmenting the work of bug hunters and security researchers.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.

CYSEC Global

CYSEC Global

CYSEC Global is a series of summits dedicated to tackle regional cyber security challenges.