Intelligence Agencies Should Recruit Like Google

Finding good intelligence hires is difficult. Information technologists are capable of  these recruiting efforts, using unconventional methods. 

While conducting a search for “python lambda function list comprehension,” programmer Max Rosett was suddenly invited to attempt a cryptic coding challenge. After completing it, he was contacted by Google, where he now works. The challenge was part of Google’s novel recruiting strategy, which allowed the company to identify talent by analyzing search habits.

In the wake of the Paris killings, Western leaders have begun emphasizing a need to ratchet up intelligence efforts. Much of what they propose would involve personnel. There is a widespread feeling that too much is slipping through the cracks, and what seem like small lapses are leading to unacceptable catastrophes.

Hillary Clinton has called for an “intelligence surge.” David Cameron pledged that the UK would hire 1,900 new intelligence officers, and the French enacted sweeping emergency powers, many of them designed to strengthen and broaden intelligence-gathering operations.

Even before the terrible recent events, Washington was well aware of how badly it needs Silicon Valley. Prominent officials have made repeated visits to Palo Alto, and Defense has invested a great deal of money in tech. These efforts go well beyond recruiting, seeking innovations and tools that are considered “vital to the future of national defense.” Information technology and intelligence are now inextricably linked.

Despite these overtures, the relationship between government agencies and tech is at a low point. The issue of encryption has been the primary source of contention. Law enforcement seems to feel that tech firms are prioritizing customer retention and privacy over national defense, while security experts feel that the agencies fail to understand the technical difficulties underlying their requests, as well as the fact that they are undermining the very security they hope to achieve by making systems generally more vulnerable to attack.

Things have gotten so bad that the tone among technical experts has shifted toward open contempt, which is understandable when their critics have openly admitted to lacking even basic knowledge of the technologies they opine upon. 

Finding good intelligence hires is difficult. It requires identifying individuals who can absorb large quantities of information while quickly and accurately gauging significance and risk. Information technologists are uniquely capable of facilitating these recruiting efforts with unconventional methods. 

But where tech could be most useful is in building software tools. One of the biggest issues intelligence agencies face is akin to the “big data” problem so often talked about in tech: They need to find a way to effectively analyze and act upon the huge stores of data at their fingertips. Many of the information sharing programs in place today are concerned more with reporting and providing access to disparate bits of information rather than with gleaning significance and communicating it rapidly.

A recent piece in BankInfoSecurity does a nice job of distinguishing between intelligence sharing and information sharing. We need far more of the former. One area where tech could be extremely useful would be in analyzing volumes of financial data for anomalies. Indeed, this has been an area of increasing focus for governments since the attacks, and with good reason: It quickly became evident that financial information concerning the attackers and their networks was already on hand at a variety of financial institutions. Bank intelligence has already been used to strategically target ISIS oil assets.
TechCrunch: http://tcrn.ch/1J4fwo4

« The Secure Perimeter Cybersecurity Model Is Broken
US Banks Get Tough On Cybersecurity In 2016 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BSI Group

BSI Group

BSI is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

CloudDNA

CloudDNA

CloudDNA deliver solutions that enable users and devices to connect over high performance, secure, efficient, scalable cloud networks.

CERT.br

CERT.br

The Brazilian national Computer Emergency Response Team

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Northwave

Northwave

Northwave is 100% focused on providing integrated high quality information security services.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Belkasoft

Belkasoft

Belkasoft is a software vendor providing public agencies, corporate security teams, and private investigators with digital forensic solutions.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

comforte AG

comforte AG

comforte AG is a leading provider of data-centric security technology. Organizations worldwide rely on our tokenization and format-preserving encryption capabilities to secure personal, sensitive data