UK Spy Agency GCHQ Is Losing Cyber Talent

Uploaded on 2018-01-02 in NEWS-News Analysis, INTELLIGENCE--Europe, FREE TO VIEW

In a new document from the Intelligence and Security Committee of Parliament, Britain’s spy agency GCHQ describes its difficulty in fending off tech companies keen to poach its workers.

In the annual report, GCHQ highlights the growing international cyber threat and its need to scale up its own cyber operations accordingly, while noting that hiring and keeping cyber specialists in its ranks poses a strategic challenge.

“As noted previously, the level of resource allocated by Government to cyber-related activities has increased considerably, and it is set to do so still further over the next five years,” the report states.

“… The continued expansion of cyber-related work is dependent on the Government’s ability to recruit and retain cyber specialists. GCHQ previously told us that it struggles to attract and retain a suitable and sufficient cadre of in-house technical specialists because it inevitably has to compete with big technology companies which are able to pay significantly more.”

Four years ago, GCHQ informed Parliament that it had worked to put “more flexible reward packages” in place to attract technical specialists. In an update on the initiative, GCHQ noted that “[this] has worked up to a point. It stemmed the flow of people going out in particular areas at particular stages of their career” while observing that “it does lose people for salaries. We couldn’t possibly compete with four, five times what they are getting from us.”

According to the report, GCHQ admitted that it “can probably never compete purely on salaries,” but still sees the unique nature of its work as a strong draw for potential recruits:

“We compete on mission, worthwhile work, on interesting work, on variety. If you’re a pure mathematician, we’re the biggest employer of pure mathematicians in the UK. 

“Going to some of these companies can be quite disappointing. Very well paid, but quite dull… You can go and be an actuary in the City and earn a fortune and use maths, but it won’t be quite the same as using maths where we are”.

To meet emerging cyber threats, the FBI famously signaled that it might disregard its longstanding drug use policy in order to hire 420-friendly hackers. “I have to hire a great work force to compete with those cyber criminals and some of those kids want to smoke weed on the way to the interview,” former FBI director James Comey told an audience at the White Collar Crime Institute conference in 2014.

Later, after coming under fire from then-senator and noted marijuana enemy Jeff Sessions, Comey retracted his comments and claimed that he was joking, but it’s clear that intelligence agencies are rethinking longstanding norms in order to shape a new kind of workforce, one that can rise to meet the rising tide of global cyber threats.

Techcrunch

You Might Also Read: 

Cybersecurity Has A Serious Talent Shortage:

Former Spy Chief Takes Top Cybersecurity Job:

GCHQ Wants Teenage Girls To Join The Cybersecurity Fight:

 

 

« Social Media Is 'Ripping Society Apart'
British IT Bosses Fear Sophisticated Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

TrustInSoft

TrustInSoft

TrustInSoft develops solutions that validate mission-critical software and eliminate attack vectors.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Port53 Technologies

Port53 Technologies

Port53 Technologies is focused on delivering enterprise-grade, cloud-delivered security solutions that are easy to deploy, simple to manage and extremely effective.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

Dynics

Dynics

The Dynics ICS-Defender is an Industrial Control System Security Appliance for OT or OT/IT convergent environments.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

ENSCO

ENSCO

The ENSCO group of companies provides engineering, science and advanced technology solutions that guarantee mission success, safety and security to governments and private industries worldwide.

MajorKey Technologies

MajorKey Technologies

MajorKey improves security performance by reducing user friction and business risk, empowering your people, and protecting your IP.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Filigran

Filigran

Filigran provides threat intelligence, adversary simulation and crisis response open solutions to thousands of cybersecurity and crisis management teams across the world.

Arculus Cyber Security

Arculus Cyber Security

Arculus Cyber Security enables customers to securely realise the benefits of digital transformation through pragmatic solutions, guidance and services.