The FBI is more focused on retaining and training existing employees than hiring young people who might be more technologically adept, according to Howard Marshall, deputy assistant director of FBI’s Cyber Division.
FBI, like many Federal agencies, sometimes loses potential talent to private companies that are more attractive because they offer more money. Marshall, who spoke at the Armed Forces Communications and Electronics Association’s Law Enforcement and Public Safety Technology Forum on May 10, said the conversation with potential employees usually ends when an FBI official says the agency is going to offer them the “princely sum of $55,000 a year.”
“We’re getting our clocks cleaned,” Marshall said. “We’re struggling to get the talent we need through the door.”
Instead of scouring for talented people who just graduated from college, Marshall and his team are leading training exercises for current employees. While he admitted there was only so much the FBI could offer an on-board employee, he said training is used as a retention tool.
“We can train folks to do almost anything. They have to be willing to do it,” Marshall said. “We’re going to have to catch up internally.”
FBI is not the only agency actively trying to attract bright young people. Douglas Maughan, director of the Homeland Security Advanced Research Project Agency’s Cyber Security Division, said DHS’s Cyber Student Volunteer Initiative provides stipends to students who serve a tour within agency to whet their appetite for civil service.
However, DHS is also running internal programs to keep existing employees, according to Matt Wright, a special agent within Homeland Security Investigations’ Cyber Crime Center, a division of Immigration and Customs Enforcement. Wright said his office offers a cyber curriculum of four classes. However, he admitted that a mission-oriented focus does not always distract from the salary temptations of the private sector.
“We’re trying to keep the motivation on the mission rather than on the money side of things,” Wright said. “It’s not working.”
Information sharing, in addition to attracting and retaining employees, is another major focus among Federal agencies. Arlette Hart, chief information security officer of FBI, said that incident reporting is crucial to cybersecurity practices across all Federal agencies, not just ones that fall prey to hacks.
Hart said that reporting breaches helps agencies identify patterns in attacks; these patterns can ultimately clue agencies in to future incidents. Incident data can help agencies learn best cybersecurity practices from one another.
“You need to report that you’re being attacked to FBI and state and local partners,” Hart said. “The word is ‘report.’ Have a framework in mind. Reporting helps more than the individual. It’s systemically important.”