US Government Struggles To Recruit Security Experts

DHS official calls for a concerted effort to protect national infrastructure

An under-secretary at the US Department of Homeland Security (DHS) has called for a continued concerted approach to protection of national protection, regardless of the identity of the country's next president.

"We've basically tripled [DHS headcount] from '07 to '09 in cyber-security," said Robert Jamison of the National Protection and Programs Directorate, in an interview at the RSA Conference Europe in London. "We're ramping up our staffing dramatically and I definitely think it's moving in the right direction," he said, adding it was a challenge to recruit, develop and retain the right skillset.

The DHS was recruiting not only specialists in malware, trend analysis, penetration testing and security best-practices but was also attempting to "get creative about where we have to recruit talent", including building relationships with universities, he added.

"It's a critical time," he added, saying that key strategy, budgeting and perimeter defenses were only just being deployed.

"As we go ahead into the election, the first thing that's important is career leadership ... that we have the right people in the right jobs, and, secondly, that we don't lose the momentum of a coordinated approach."

The comments echoed Jamison's recent blog entry defending the DHS against critics who suggest the agency has not gone far enough in its efforts.

"A reorganization of roles and responsibilities is the worst thing that could be done to improve our nation's security posture against very real and increasingly sophisticated cyber threats," Johnson wrote last month. "We have moved beyond words on paper and debate, and are now driving real improvements to our security. We cannot afford to lose that momentum and interagency unity of effort."

Asked about the changing nature of the threat vector, Jamison said: "We've noticed the threats are more frequent, the threats are more sophisticated, the threats are more targeted." Social networks and cloud-based services were also making the security picture more complex, he added.

Jamison also provided an update on the Einstein 2 security system, saying that the updated program will allow the DHS to more comprehensively cover internet access points, analyzing not only analyzing flows and ports but also providing real-time intrusion detection information and analysis of malicious signatures.

SUBSCRIBE! Get the best of CSO delivered to your email inbox.