UK Spy Agency GCHQ Is Losing Cyber Talent

In a new document from the Intelligence and Security Committee of Parliament, Britain’s spy agency GCHQ describes its difficulty in fending off tech companies keen to poach its workers.

In the annual report, GCHQ highlights the growing international cyber threat and its need to scale up its own cyber operations accordingly, while noting that hiring and keeping cyber specialists in its ranks poses a strategic challenge.

“As noted previously, the level of resource allocated by Government to cyber-related activities has increased considerably, and it is set to do so still further over the next five years,” the report states.

“… The continued expansion of cyber-related work is dependent on the Government’s ability to recruit and retain cyber specialists. GCHQ previously told us that it struggles to attract and retain a suitable and sufficient cadre of in-house technical specialists because it inevitably has to compete with big technology companies which are able to pay significantly more.”

Four years ago, GCHQ informed Parliament that it had worked to put “more flexible reward packages” in place to attract technical specialists. In an update on the initiative, GCHQ noted that “[this] has worked up to a point. It stemmed the flow of people going out in particular areas at particular stages of their career” while observing that “it does lose people for salaries. We couldn’t possibly compete with four, five times what they are getting from us.”

According to the report, GCHQ admitted that it “can probably never compete purely on salaries,” but still sees the unique nature of its work as a strong draw for potential recruits:

“We compete on mission, worthwhile work, on interesting work, on variety. If you’re a pure mathematician, we’re the biggest employer of pure mathematicians in the UK. 

“Going to some of these companies can be quite disappointing. Very well paid, but quite dull… You can go and be an actuary in the City and earn a fortune and use maths, but it won’t be quite the same as using maths where we are”.

To meet emerging cyber threats, the FBI famously signaled that it might disregard its longstanding drug use policy in order to hire 420-friendly hackers. “I have to hire a great work force to compete with those cyber criminals and some of those kids want to smoke weed on the way to the interview,” former FBI director James Comey told an audience at the White Collar Crime Institute conference in 2014.

Later, after coming under fire from then-senator and noted marijuana enemy Jeff Sessions, Comey retracted his comments and claimed that he was joking, but it’s clear that intelligence agencies are rethinking longstanding norms in order to shape a new kind of workforce, one that can rise to meet the rising tide of global cyber threats.

Techcrunch

You Might Also Read: 

Cybersecurity Has A Serious Talent Shortage:

Former Spy Chief Takes Top Cybersecurity Job:

GCHQ Wants Teenage Girls To Join The Cybersecurity Fight:

 

 

« Social Media Is 'Ripping Society Apart'
British IT Bosses Fear Sophisticated Cyber Threats »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The Networking People (TNP)

The Networking People (TNP)

TNP supplies independent advice allowing large organisations to design, build and operate their own networks independently of the established telecoms companies.

PartnerRe

PartnerRe

PartnerRe provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Cybercrime Support Network (CSN)

Cybercrime Support Network (CSN)

CSN is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

Software Diversified Services (SDS)

Software Diversified Services (SDS)

SDS provides the highest quality mainframe software and award-winning, expert service with an emphasis on security, encryption, monitoring, and data compression.

Clear Skye

Clear Skye

Clear Skye, an Identity Access and Management (IAM) software company, reimagines enterprise identity access and risk management software to make a complicated problem easier to manage.

Kyndryl

Kyndryl

Kyndryl has a comprehensive portfolio that leverages hybrid cloud solutions, business resiliency, and network services to help optimize your IT workloads and transformations.

CSIR Information & Cybersecurity Research Centre

CSIR Information & Cybersecurity Research Centre

The CSIR Information & Cybersecurity Research Centre focuses on research, development, and innovation of home-grown cyber and information security.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.

Fivecast

Fivecast

Fivecast is enabling a safer world. We help organizations around the world explore masses of data to uncover actionable insights.

GovSky

GovSky

GovSky streamlines CMMC compliance, saving time and significantly reducing cost.

Academia the Technology Group

Academia the Technology Group

Academia specialise in the supply of software, IT hardware, training and service solutions to the public sectors, business and pro media markets.