All the report produced by principal security firms remark a meaningful increase in the number of cyber attacks against organizations, government offices and private companies. The increased number of cyber incidents is animating the debated on the offensive approach to cybersecurity fighting back the attackers.
With the growing number of cyber attacks and the increasing demand for cyber specialists able to protect the infrastructure it is being born a florid market that attracts the best talent from government cyber units, the demand for skilled professionals of this market is outstripping the supply.
Following the Law Of Supply And Demand the price salaries for these professionals is growing like never before causing a real escape of cyber specialists from the government industry to a more generous private sector.
Numerous security firms, including UK-based Protection Group International (PGI), are offering cyber services, the PGI for example has recently hired former staff from Britain’s GCHQ eavesdropping agency.
“As with anything, it really comes down to human capital and there simply isn’t enough of it,” “They will choose where they work based on salary, lifestyle and the lack of an interfering bureaucracy and that makes it particularly hard to get them into government.” says Chris Finan, White House director for cyber security from 2011-12.
Let’s consider that all governments are investing in the development and improvement of cyber capabilities, the US Cyber Command will reach 4000 cyber units by 2015, the Britain government announced recently a new Joint Cyber Reserve, Russia, Brazil and New Zeland are adopting similar initiatives.
China, Russia, Iran, North Korea, Israel and U.S. are the countries that major investing in the creation of new cyber units, their primary intent is the creation of an army of hackers to involve in offensive cyber operations and cyber espionage campaigns.
In many cases the governments have publicly announced the recruiting of skilled hackers, NSA chief General Keith B. Alexander during the 2012 edition of the Defcon Hacker Conference, asked for the hacker community for help U.S. to secure the cyberspace.
The effects of cyber attacks are devastating, according the Washington-based Center for Strategic and International Studies the global losses are in the range of $80 billion to $400 billion a year. The British security services confirmed that one unidentified London-listed company incurred losses of 800 million pounds ($1.29 billion) in a cyber attack several years ago. Britain authorities revealed to have blocked 400,000 advanced cyber threats to the government’s infrastructures, same declaration is made by Israeli cyber defense.
Consider that it is quite impossible to provide an exact estimation for exact losses, in many cases the incident aren’t reported or in the worst cases the victims do not realize they have been attacked.
Cyber espionage and sabotage are the most common type of state-sponsored attacks meanwhile cybercrime is mainly focused on cyber frauds (e.g. Banking account hacking, ID theft). Very dangerous is also the effect of hacktivism campaigns, Anonymous operations have demonstrated how much vulnerable are many companies and government offices, causing in many cases embrace and disclosure of sensitive information.
In these concerning scenario, despite the huge effort spent by governments, the greatest portion of cyber capabilities is concentrated in the private sectors where enterprises have increased in spending on security services and recruiting of talented experts.
The U.S. Bureau of Labour Statistics informs the number of Information Technology security roles in the U.S. will increase by some 22% within 2020, creating 65,700 new jobs and causing globally an increase in cyber expert’s salaries of 5-7 percent a year.
Companies are looking for hackers to engage in their processes, many companies, including Google and Lockheed Martin Corp, have started recruiting campaigns to acquire in their staff cyber experts that could help to prevent damage from cyber attacks and could support product design to build robust solutions.
Today the hackers are the most important players for governments and private companies, their knowledge has become crucial for the design of secure products/solution and for the defense of the intellectual properties of an enterprise.
“Recruitment and retention in cyber is a challenge for everybody working in this area,” “It’s an area where demand exceeds supply … it’s going to take a while for supply to catch up.” says Mike Bradshaw, head of security and smart systems at Finmeccanica IT unit Selex.
Where is it possible to find young cyber talents?
It is not easy to discover a talented hacker despite principal universities, sponsored by private companies and governments, are promoting new courses on cyber security and hacking.
Recruiters are promoting hacking contest to evaluate the skills and cyber capabilities of the participant to select the most promising professionals.
“Those who have “very good” skills in the most-needed areas can earn $110,000 to $140,000, while the very top get paid as much as $200,000 in private sector jobs, according to Paller. While the private sector offers big cash, the government is still able to retain some talent by appealing to people’s sense of public service and patriotism.” reported Reuters agency.
Britain’s Government Communications Headquarters (GCHQ) intelligence agency started months ago a recruiting campaign, dubbed Xbox generation, for 100 new talents to be involved in an apprenticeship program for the creation of a new generation of cyber spies. The announcement was made by Foreign Secretary William Hague during a conference at Bletchley Park.
“We face constant and growing threats from crime and attacks in cyberspace,”
“We want to step up our efforts to find the most talented people to help sustain and secure the UK’s code-breaking and cyber expertise for the future.”
“It will be the young innovators of this generation who will help keep our country safe in years to come against threats which are every bit as serious as some of those confronted in the Second World War.”
The process of recruiting is revolutionary for UK government, in the past the secret agencies mainly drew from principal universities selecting most promising pupils, the requirement was the obtaining of A-level qualifications with strong capability in science and mathematics. The new skills are not taught at the university, UK Intelligence is selecting talented young guys with a great passion for the cyber security, high elasticity and mental aptitude work for the objectives … exactly as they do when they play with their console, passing level by level.
The campaign is clearly open to a new kind of professional, more oriented to the practice, a figure with a great familiarity with the cyber tools that follow the trend already introduced by other countries such as China.
The figure of the hacker has assumed a strategic role, every sector is exposed to risk of cyber attacks and to better defend its assets from incursions originated in the cyberspace it is necessary to improve its cyber capabilities … The hackers’recruiting are the quickest way to acquire these skills.
The shortage of cyber security experts is destined to increase to raise of cyber attacks
(Security Affairs – Hacker, cybersecurity)