As Black Hat kicks off, the US government is getting the message on hiring security talent
Katie Moussouris tells it like it is
Black Hat Video With the world's largest collection of security folk gathering in Las Vegas for the Black Hat conference there are encouraging signs that the US government might actually be getting smarter about hiring.
Katie Moussouris, founder of Luta Security, knows a thing or six about recruiting new security talent and was invited to the White House last month to help advise on policy.
You may remember Moussouris from her previous roles at Microsoft, where she persuaded management to start Redmond's first bug bounty program. She then persuaded an even bigger organization, the US Department of Defense, to do the same, to great effect - and may be the first person with purple hair to have worked in the Pentagon.
The security industry needs to widen its horizons, Moussouris told The Register, and look for people with the right skills but who have come into the sector outside of the standard models.
There's a wealth of talent to be found if companies and organizations are willing to be more flexible in the way they handle recruiting and retention of staff, she argues. In the years ahead security is going to have to become as flexible as its adversaries, maybe even more so. There's a huge amount of work that needs to be done, she suggests, but with the right tools then the job can be done much more successfully.
The US government is recognizing this, she told us, which is a very encouraging sign. After decades of inertia it seems like things are finally moving ahead, but there needs to be close attention paid to getting the right people in the right jobs, she argues, based on skills and performance rather than tradition.
There's a huge jobs gap in the security industry and this has to be filled, she argues. Sometimes this will involve unconventional tactics, but the results will be worthwhile if it's done correctly. ®