•   
  •   
  •   

Politics States at disadvantage in race to recruit cybersecurity pros

16:05  25 september  2021
16:05  25 september  2021 Source:   msn.com

Trump-appointed counsel said to be seeking to indict Michael Sussmann

  Trump-appointed counsel said to be seeking to indict Michael Sussmann John Durham plans to ask a grand jury to indict Democratic lawyer Michael Sussmann for making a false statement to the FBI. He alleged Sussmann may have been secretly working for Clinton.Former federal prosecutor Michael Sussmann, 57, who now works as a partner at the Perkins Coie law firm, represented the Democratic National Committee when Russia hacked its servers back in 2016.

CHICAGO (AP) — Austin Moody wanted to apply his cybersecurity skills in his home state of Michigan, teaming up with investigators for the State Police to analyze evidence and track down criminals.

In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius) © Provided by Associated Press In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius)

But the recent graduate set the idea aside after learning an unpaid internship was his only way into the Michigan agency.

Jets DC explains why Patriots QB Mac Jones will be a 'difficult challenge' in Week 2

  Jets DC explains why Patriots QB Mac Jones will be a 'difficult challenge' in Week 2 The Patriots are now preparing to face the New York Jets in Week 2 at MetLife Stadium, and Gang Green defensive coordinator Jeff Ulbrich knows Mac Jones will present a significant challenge for his unit. "He's way better than I wanted him to be," Ulbrich said during a press conference Thursday when asked about the scouting report on Jones. "You anticipate seeing a young, inexperienced quarterback making young, inexperienced quarterback-type of decisions. I didn't see a whole lot of that."Ulbrich added: "Part of that was he's got some real skill and poise.

“I don’t know many people that can afford to take an unpaid internship, especially when it’s in such high demand in the private sector,” Moody said of fellow cybersecurity job seekers. “Unpaid internships in cyber aren’t really a thing beyond the public sector.”

In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius) © Provided by Associated Press In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius)

Hiring and keeping staff capable of helping fend off a constant stream of cyberattacks and less severe online threats tops the list of concerns for state technology leaders. There's a severe shortage of those professionals and not enough financial firepower to compete with federal counterparts, global brands and specialized cybersecurity firms.

Trevor Lawrence: Jaguars 'close' to turning things around after 0-2 start

  Trevor Lawrence: Jaguars 'close' to turning things around after 0-2 start An 0-2 start to the NFL season is, obviously, not what Trevor Lawrence and the Jacksonville Jaguars had in mind. © Mark J. Rebilas-USA TODAY Sports Jacksonville Jaguars quarterback Trevor Lawrence However, the first-overall draft pick insists the two losses to start the season aren't an indication of how the team's entire 2021 campaign is going to go. "We're close," Lawrence said via the Jaguars website after Sunday's 23-13 loss to the Denver Broncos. "Last week and this week doesn't look that great when you look at the numbers, but we just have to make a few more plays and stick together.

In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius) © Provided by Associated Press In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius)

“People who are still in school are being told, ‘There’s a really good opportunity in cybersecurity, really good opportunities for high pay,’” said Drew Schmitt, a principal threat intelligence analyst with the cybersecurity firm GuidePoint Security. “And ultimately these state and local governments just can’t keep up from a salary perspective with a lot of private organizations.”

State governments are regular targets for cybercriminals, drawn by the troves of personal data within agencies and computer networks that are essential to patrolling highways, maintaining election systems and other key state services. Notable hits since 2019 include the Washington state auditor, Illinois' attorney general, Georgia's Department of Public Safety and computer servers supporting much of Louisiana's state agencies.

Report finds US government has made progress on cybersecurity, more work remains

  Report finds US government has made progress on cybersecurity, more work remains The federal government has made "significant" progress on strengthening the United States against cyber threats over the past year, but more work remains, a congressionally-established bipartisan committee concluded in a report published Thursday. The Cyberspace Solarium Commission (CSC) - a group composed of members of Congress, federal officials, and industry leaders - found in its 2021 implementation report that around three-quarters of its recommendations for defending the U.S. against cyber threats have been implemented since March 2020.

In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius) © Provided by Associated Press In this Sept. 20, 2021, photo Austin Moody poses for a photo as he sits a his home work station in Tampa, Fla. Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries. (AP Photo/Steve Nesius)

Cities, too, come under attack, and they have even fewer resources than states to stand up cyber defenses.

Aided by industry groups, the federal government and individual states have created training programs, competitions and scholarships in hopes of producing more cybersecurity pros nationwide. Those strategies could take years to pay off, however. States have turned to outside contractors, civilian volunteers and National Guard units for help when their systems are taken down by ransomware and other hacks.

States needed to fill nearly 9,000 cybersecurity jobs as of this summer, according to CyberSeek a joint project of the Computing Technology Industry Association and the National Institute of Standards and Technology. The total is probably higher because the project doesn’t count job listings that states posted only to their own employment portal.

Hillicon Valley — Presented by Ericsson — Senators gear up for Facebook hearing

  Hillicon Valley — Presented by Ericsson — Senators gear up for Facebook hearing Today is Wednesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.Facebook's head of global safety will face off with members of the Senate Commerce consumer protection subcommittee on Thursday as part of the panel's first in a series of hearings focused on kids' safety. As criticism of the tech giant heats up following recent bombshell reports, the panel will convene again next week to hear testimony from a Facebook whistleblower.

State leaders are reluctant to detail the number of vacancies, worrying that could further entice potential attackers. States' top security officials have ranked inadequate cybersecurity staffing among their top concerns every year since the National Association of State Chief Information Officers and Deloitte began surveying the group in 2014.

The problem isn't limited to state governments.

U.S. officials make no secret of their own struggles to hire cybersecurity pros or retain them. The Department of Homeland Security alone has 2,000 cybersecurity job vacancies, and the Biden administration promoted 300 new hires this summer.

The $95,412 average salary of a local or state government cyber employee lagged by $25,000 or more in 2020 compared with the pay in the federal government, the financial services industry and IT services, according to a survey conducted by the International Information System Security Certification Consortium, a trade association.

Information security analysts earned a median salary of $103,590 in May 2020, according to the Bureau of Labor Statistics. Cyberseek puts starting salaries close to $90,000 across all employers.

Homeland Security officials in 2014 recognized that lower pay was keeping their agency at a disadvantage, but it took until this year to publish a rule allowing higher salaries for cybersecurity roles — capped at $255,800, the maximum salary allowed for the vice president.

Hillicon Valley — Presented by Ericsson — Welcome to Cybersecurity Awareness Month

  Hillicon Valley — Presented by Ericsson — Welcome to Cybersecurity Awareness Month Today is Friday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.Hope everyone remembered to wake Billie Joe Armstrong up this morning, it's Cyber Month! President Biden kicked off the festivities Friday in a statement touting his administration's work to secure the nation against cybersecurity threats. The vote of confidence, and the awareness month, come amid a steep rise in major hacks and other cybersecurity incidents.

“The Department desperately needs a more flexible hiring process with incentives to secure talent in today’s highly competitive cyber skills market,” a portion of the rule due to take effect later this fall reads.

Leaders in the field often bemoan the expensive and time-consuming certification requirements and background checks that employers insist on for cybersecurity roles, saying that keeps jobs vacant and discourages women and people of color from working in cybersecurity.

Nicole Beebe, chair of the department of information security and cyber security at the University of Texas at San Antonio, said states' struggles are more fundamental. Private companies and the federal government aggressively recruit students during college, sending representatives to classes and career fairs.

State agencies are rarely there, said Beebe, who counsels students weighing multiple job offers long before graduation.

“When it's a hypercompetitive field, you can't just submit a job posting and think it will get the same traction,” Beebe said.

Lower pay at government jobs can be a turnoff, but many students prefer a position that lets them leave work at home, which is not always the case with private companies.

A state or local government role doesn't compare to the “meat grinder” of constantly responding to new attacks or vulnerabilities on a cybersecurity team for Microsoft or Amazon, said Michael Hamilton, founder of the PISCES Project. The organization connects cybersecurity students to local governments that don't have employees focused on that work.

Hillicon Valley: Senate package brings cybersecurity billions | Twitter suspends Taylor Greene, again | Amazon gets NSA contract

  Hillicon Valley: Senate package brings cybersecurity billions | Twitter suspends Taylor Greene, again | Amazon gets NSA contract Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter by clicking HERE.Happy Tuesday! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar), for more coverage. What an avalanche of a news day! Albany aside, the Senate has finally approved the roughly $1 trillion bipartisan infrastructure package. Democrats also started debate over their multi-trillion spending plan, with cybersecurity and tech investments included in both.

“State agencies can be taking on interns, grooming them, showing them that state government is a promising place to work,” he said. “But what I see them doing is just getting into the fistfight with all the others that want to hire these people and losing.”

Sienna Jackson, a 2020 graduate from the University of Texas at San Antonio, accepted a job as an engineer at the defense company Northrop Grumman after interviewing with the company at a conference. She began college as an accounting major but discovered cybersecurity through a classmate.

After an internship with Dell during college, she hoped to find a similarly sized company with a strong training program and other benefits.

Salary and help with moving or housing also mattered for Jackson, who worked several jobs while earning her degree and has to pay back her student loans. She didn’t rule out state government jobs but didn’t see agencies at career fairs on campus or at conferences.

“Once I graduated and was interviewing, I realized I have a lot of options,” she said. “I get to choose where I go and my standards and not just accept whatever job comes my way.”

Moody, the Michigan native, got a scholarship from the Department of Defense that required working for the agency at least a year after graduating. Moody said he understands that state governments don't have the kind of money that federal agencies or private companies spend on recruiting and generous salaries.

But sending cybersecurity staff to talk to students about their work and its importance to thousands of state residents can make a big impact without costing much, he said.

“A lot of people want to be in a public service role and are open to starting there," Moody said.

Senators introduce bill to strengthen federal cybersecurity after attacks .
Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and ranking member Rob Portman (R-Ohio) introduced a bill Monday to overhaul and improve federal cybersecurity policies following multiple major cyberattacks.The legislation is aimed at updating the Federal Information Security Modernization Act, signed into law in 2014, and takes steps to clarify reporting requirements for federal agencies if they are successfully targeted by hackers.

usr: 1
This is interesting!