FBI struggles to retain top cyber talent
Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Credits: politico
The recent departures of four top FBI cyber officials reflect a troubling trend: The bureau is losing its most seasoned agents and supervisors tasked with disrupting digital threats from Russia and elsewhere, even as threats to the nation’s power grid and elections grow.
Close to 20 top FBI cybersecurity leaders have left for high-paying corporate jobs over the past five years, one former veteran agent told POLITICO — a dramatic turnover in a handful of senior jobs. And news of the most recent retirements followed the abrupt departure of the co-head of the FBI’s newly formed election meddling task force.
The exodus — including departures from the FBI’s Cyber Division — worries current and former bureau officials. It’s also prompting concern from several top congressional Democrats, who asked their committees’ chairmen last week to get assurances from FBI Director Christopher Wray “that the agency has a plan to replace the departing staff, and that the safety of our elections will not suffer in the interim.”
The bureau has spent years losing highly trained specialists to the private sector, where salaries and benefits for senior cyber leaders can easily top $300,000, far above the government’s pay scale. But the recent decline in experienced cyber leaders comes as the country’s top law enforcement and intelligence officers warn that the nation’s critical infrastructure is under daily assault from hackers. Director of National Intelligence Dan Coats said last month that “the warning lights are blinking red” as “the digital infrastructure that serves this country is literally under attack.”
Investigators will feel ripple effects from the departures as the former leaders are replaced with people who lack their institutional memory and credibility. “This type of change, if not properly managed, is highly disruptive,” said Leo Taddeo, who served in the bureau for 20 years and once led cyber operations at the FBI’s New York office.
One former senior FBI cyber official said the bureau urgently needs to get a handle on its turnover problem.
“It is absolutely imperative that the FBI try to retain as many senior leaders as they can, especially due to the current state of how the public and others may view the organization,” the former official said.
The four most recent high-level departures were Scott Smith, assistant director in charge of the FBI’s Cyber Division, who left to work for the construction giant Caterpillar; Smith’s deputy Howard Marshall, who left to become director of cyber threat intelligence at the consulting firm Accenture; David Resch, executive assistant director of the bureau’s Criminal, Cyber, Response and Services Branch; and Carl Ghattas, executive assistant director of the National Security Branch, which works closely with the Cyber Division. All four worked at the bureau for more than 20 years.
The retirements come as President Donald Trump has attacked the FBI and the Justice Department as key players in a “deep state” conspiracy against his administration, and as agents’ confidence in bureau leaders has dropped significantly, according to recently published data. But current and former officials said Trump’s tirades probably played little role in the recent cyber departures.
The FBI declined to comment on the retention challenge for cyber officials or the departure statistics gathered by POLITICO.
The departures probably won’t faze front-line agents or hamper their investigations, but they raise bigger concerns. The four recent losses “represent a more serious issue for the FBI’s cyber mission and strategy,” said a former FBI official who specialized in cyber cases.
POLITICO spoke with nine current and former FBI and DOJ investigators and supervisors, all of whom said that the bureau faces serious challenges retaining experienced personnel while adapting to modern threats. Many requested anonymity to speak candidly about this sensitive and complex issue.
“One of the only things the FBI effectively does at the ‘speed of cyber’ is churn through executive leadership,” said the former official. “How can an organization effectively develop and implement an effective, long-term strategy on anything, let alone the highly complex and rapidly changing environment of criminal and national security cyber threats, with that kind of turnover?”
For the Cyber Division, which lost its top two officials, this churn is nothing new. The former FBI official pointed out that the bureau’s newest division has had four leaders since 2012.
The dynamic is unavoidable, said a current FBI agent involved in cyber investigations. “As cyber moves up the ladder of priorities for [the] private sector, our execs get these lucrative offers,” the agent told POLITICO. Meanwhile, senior officials “hit a ceiling” where more promotions are rare, and “the natural option is to bounce out, assuming they’re eligible” for retirement benefits.
Austin Berglas, who led the FBI New York field office’s cyber branch from 2009 to 2016, said the bureau needs to “reassess its compensation and incentives” for cyber agents and supervisors.
“Even for the most dedicated,” he said, “the lure of private-sector pay and benefits for young agents with growing families and college-aged children could prove to be destructive to the FBI’s mission over time.”
The base salary for an FBI assistant director is $185,767 for fiscal 2018, according to a bureau spokeswoman. Executive assistant directors, who lead FBI headquarters branches, make $188,066. Both figures are calculated annually based on the Senior Executive Service pay scale. Each position carries potential bonuses of between $10,000 and $25,000, according to former agents.
Once these senior officials take jobs in the private sector, they can expect at least $300,000 in salary, bonuses, retirement matches, profit sharing and incentives, according to the former veteran agent. The average now, this person said, is closer to $350,000. A second former veteran agent cited a range of between $300,000 and $600,000. And large banks in New York now pay between $450,000 and $950,000 for executive-level cybersecurity positions.
Fortunately for the bureau’s current work — which ranges from tracking Russian government hackers to disrupting amateur criminals running botnets — the recent departures probably won’t rattle agents in the field.
“My agents probably don’t even know that they departed,” said the current FBI agent, who supervises other investigators. “We really don’t let the Beltway bureaucracy affect field investigations.”
Berglas said the FBI “operate[s] in a manner that does not create indispensable individuals.”
A former senior cyber agent who speaks regularly with current officials said the disruption would have been bigger five years ago, when “the FBI was in the midst of establishing a stronghold over other agencies with a cyber mission” and “there were few senior executives with a decent understanding of cyber investigations.”
“The mission remains the same — to identify, pursue and defeat the cyber adversaries,” said the current FBI agent. “Cyber agents in the field don’t notice change at the top.”
But Taddeo, now the chief information security officer at the data center and cloud giant Cyxtera, said the loss of senior executives will make it harder for the Cyber Division to “compete for resources with other divisions” and for the bureau to compete for resources with other agencies.
Another factor is a special agent hiring boom that the FBI experienced in the 1990s, when all four recently retired officials joined the bureau. FBI agents can retire after 20 years of service if they are 50 years old, and special agents — a rank all four men held — must retire at age 57. The bureau expects more officials hired as agents in the 1990s to continue retiring over the next few years.
Trump’s tweets notwithstanding, the FBI won’t have a problem filling these senior roles. But people knowledgeable about the situation differed as to where the new appointees would come from — whether they’d be front-line agents or other managers.
“We’ll likely promote cyber-savvy management,” said the current FBI agent. “Our investigative agents aren’t in the [management] queue per se. These promotions are usually from an identified group that had been in [management] for quite a while.”
Because of the private-sector opportunities that await them, “most senior leaders getting near retirement want to learn cyber,” said the former agent.
The former FBI official said this approach would only worsen the problematic churn, especially at the Cyber Division. “Someone else who’s got a couple years left in his career and has a diverse background, probably including counterterrorism, will be picked,” he said, “and the cycle will continue.”
New leaders don’t have be “coding champions,” he said, but to work well with other agencies and the private sector, “they need significant experience effectively managing people working in the trenches on tough cyber issues.”
Some FBI agents worry that bureau supervisors will draw new cyber officials from the ranks of other, mostly unrelated divisions. “It would show a lot that the culture hasn’t changed if a 20-year organized crime agent … gets appointed to [be] the [assistant director] of cyber,” said the former senior agent who speaks regularly with current officials.
Another concern, he said, is that supervisors will promote their friends “to put them in a good place to ‘learn cyber’ and be able to be global [chief information security officer] of some large company because they have cyber under their belt now.” Then, later on, the corporate executive will encourage their company to hire their former FBI supervisor too.
Others are more optimistic. Berglas, now the head of cyber forensics at the security firm BlueVoyant, said the bureau had reached a point where agents recruited for their technical abilities “will be in positions to take some of these leadership roles.”
Despite his concerns, the former senior agent acknowledged that the FBI had experienced “a significant surge in rank-and-file cyber agents moving to cyber leadership positions.”
According to this person, one of the candidates to lead the Cyber Division is Aristedes Mahairas, the special agent in charge of cyber operations in New York.
Regardless of where new appointees come from, the former senior cyber official said the FBI needs to focus more on retention.
“Stability is important now to the men and women that are actually in the field conducting the investigations that are keeping our country safe,” said the former senior official. “They rely on the leadership to continue to be able to help the director of the FBI in the coming years to restore the agency’s reputation.”
www.extremehacking.org
Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10,CHFI,ECSAv10,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India
The post FBI struggles to retain top cyber talent appeared first on Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan | Hackers Charity.
from Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan | Hackers Charity https://ift.tt/2Mu7zMt