New federal appointments highlight growing importance of cybersecurity
Cybersecurity continues to be a key concern for leaders of the federal government. From agency heads to elected officials, there is broad consensus that the United States needs to improve its efforts to protect sensitive government data, resources and infrastructure.
This widespread support has led directly to a number of important steps forward. Most recently, the Department of Justice announced several new appointments that suggest a growing focus on cybersecurity, the Federal Times reported.
The news source reported that the DOJ recently restructured its National Security Division, announcing a number of new appointments in the process. Many of these positions specifically addressed issues relating to state-sponsored cyberterrorism and espionage.
Most of the appointees come with backgrounds in cybersecurity litigation, the source explained.
Additionally, the DOJ announced the creation of a new high-level position, the deputy assistant attorney general for the NSD. According to the Federal Times, the deputy assistant attorney general will lead a team of cybersecurity-focused prosecutors, all of whom will operate in district offices established within the National Security Cyber Specialists network.
The first appointee to this position, Luke Demobsky, previously represented the DOJ at the U.S. embassy in Moscow and earlier served as federal prosecutor at the DOJ's Computer Hacking and Intellectual Property network in Pennsylvania, the Federal Times reported.
"We have assembled a talented, dedicated and experienced team of seasoned professionals to launch this new phase for the National Security Division," said John Carlin, assistant attorney general for National Security, according to the news source. "These changes will help us continue confronting today's threats while readying the NSD workforce to engage what we see as the key emerging threats to our national security."
Carlin's words and the NSD's moves in general highlight the importance of skilled, talented professionals to execute federal cybersecurity programs and initiatives. Even the most advanced, automated tools are not sufficient in and of themselves to protect federal networks. Experienced professionals who can oversee and guide these efforts are essential.
Unfortunately, however, the government has experienced major difficulties when attempting to recruit and retain cybersecurity experts. Put simply, the private sector offers better compensation and potential career growth than federal agencies. Companies in every industry are just as aware of the importance of cybersecurity as government bodies, and these corporations have the resources necessary to lure much of the most desirable cybersecurity talent to their organizations.
Recent events at the Department of Homeland Security emphasized this challenge. As The Washington Post reported, over the past four years the DHS has lost employees twice as quickly as the federal government's overall average. Significantly, this turnover resulted in six different directors taking control of the DHS' terrorism intelligence arm since President Obama took office. Between June 2011 and March 2012, the agency lost five of its senior cybersecurity professionals, each of whom proceeded to take positions in the private sector.
"My cyber folks were spending more time on human resource issues and acquisition than they were analyzing technical data to defend and protect networks," a former senior official with the DHS told The Washington Post.
The source noted that high-level cybersecurity professionals can typically expect to receive annual salaries of between $360,000 and $540,000 in the private sector, but only $180,000 at the DHS.
With federal agencies' budgets, there are limited ways of getting around this inherent dilemma. One of the best options is to work directly and closely with a third-party cybersecurity services provider. These firms will have the best-trained and most knowledgeable personnel on staff, allowing agencies to take advantage of these human resources without burning through their entire HR budget in the process.