UK Spy Agency GCHQ Is Losing Cyber Talent

In a new document from the Intelligence and Security Committee of Parliament, Britain’s spy agency GCHQ describes its difficulty in fending off tech companies keen to poach its workers.

In the annual report, GCHQ highlights the growing international cyber threat and its need to scale up its own cyber operations accordingly, while noting that hiring and keeping cyber specialists in its ranks poses a strategic challenge.

“As noted previously, the level of resource allocated by Government to cyber-related activities has increased considerably, and it is set to do so still further over the next five years,” the report states.

“… The continued expansion of cyber-related work is dependent on the Government’s ability to recruit and retain cyber specialists. GCHQ previously told us that it struggles to attract and retain a suitable and sufficient cadre of in-house technical specialists because it inevitably has to compete with big technology companies which are able to pay significantly more.”

Four years ago, GCHQ informed Parliament that it had worked to put “more flexible reward packages” in place to attract technical specialists. In an update on the initiative, GCHQ noted that “[this] has worked up to a point. It stemmed the flow of people going out in particular areas at particular stages of their career” while observing that “it does lose people for salaries. We couldn’t possibly compete with four, five times what they are getting from us.”

According to the report, GCHQ admitted that it “can probably never compete purely on salaries,” but still sees the unique nature of its work as a strong draw for potential recruits:

“We compete on mission, worthwhile work, on interesting work, on variety. If you’re a pure mathematician, we’re the biggest employer of pure mathematicians in the UK. 

“Going to some of these companies can be quite disappointing. Very well paid, but quite dull… You can go and be an actuary in the City and earn a fortune and use maths, but it won’t be quite the same as using maths where we are”.

To meet emerging cyber threats, the FBI famously signaled that it might disregard its longstanding drug use policy in order to hire 420-friendly hackers. “I have to hire a great work force to compete with those cyber criminals and some of those kids want to smoke weed on the way to the interview,” former FBI director James Comey told an audience at the White Collar Crime Institute conference in 2014.

Later, after coming under fire from then-senator and noted marijuana enemy Jeff Sessions, Comey retracted his comments and claimed that he was joking, but it’s clear that intelligence agencies are rethinking longstanding norms in order to shape a new kind of workforce, one that can rise to meet the rising tide of global cyber threats.

Techcrunch

You Might Also Read: 

Cybersecurity Has A Serious Talent Shortage:

Former Spy Chief Takes Top Cybersecurity Job:

GCHQ Wants Teenage Girls To Join The Cybersecurity Fight:

 

 

« Social Media Is 'Ripping Society Apart'
British IT Bosses Fear Sophisticated Cyber Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

BankVault

BankVault

BankVault is a new type of cyber technology (called remote isolation) which sidesteps your local machine and any possible malware.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

Anect

Anect

Anect is a leading provider of ICT security and services for hybrid and cloud solutions.

GV (Google Ventures)

GV (Google Ventures)

GV provides venture capital funding to bold new companies in the fields of life science, healthcare, artificial intelligence, robotics, transportation, cyber security and agriculture.

Adyta

Adyta

Adyta specializes in cybersecurity solutions adapted to the needs of sovereign institutions, business groups and other organizations that handle information and sensitive or classified data.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Prima Cyber Solutions (PCS)

Prima Cyber Solutions (PCS)

Prima Cyber Solutions is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

InfoSec4TC

InfoSec4TC

InfoSec4tc is an online Information Security Courses, Training, and Consultancy provider.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

Mitigo Group

Mitigo Group

Mitigo offers a well considered and effective approach to keeping businesses completely secure from any digital attacks.

12Port

12Port

12Port network security solutions help companies tackle modern cybersecurity threats cost-effectively while implementing zero-trust architectures.

SignalRed

SignalRed

SignalRed provides the cutting edge next-generation penetration testing and secure development solutions to startups and large enterprises.

Core42

Core42

Core42 provides a full-spectrum of AI enablement solutions covering cloud, data, cybersecurity and digital services designed for customer success.