Security

As Black Hat kicks off, the US government is getting the message on hiring security talent

Katie Moussouris tells it like it is


Black Hat Video With the world's largest collection of security folk gathering in Las Vegas for the Black Hat conference there are encouraging signs that the US government might actually be getting smarter about hiring.

Youtube Video

Katie Moussouris, founder of Luta Security, knows a thing or six about recruiting new security talent and was invited to the White House last month to help advise on policy.

You may remember Moussouris from her previous roles at Microsoft, where she persuaded management to start Redmond's first bug bounty program. She then persuaded an even bigger organization, the US Department of Defense, to do the same, to great effect - and may be the first person with purple hair to have worked in the Pentagon.

The security industry needs to widen its horizons, Moussouris told The Register, and look for people with the right skills but who have come into the sector outside of the standard models.

There's a wealth of talent to be found if companies and organizations are willing to be more flexible in the way they handle recruiting and retention of staff, she argues. In the years ahead security is going to have to become as flexible as its adversaries, maybe even more so. There's a huge amount of work that needs to be done, she suggests, but with the right tools then the job can be done much more successfully.

The US government is recognizing this, she told us, which is a very encouraging sign. After decades of inertia it seems like things are finally moving ahead, but there needs to be close attention paid to getting the right people in the right jobs, she argues, based on skills and performance rather than tradition.

There's a huge jobs gap in the security industry and this has to be filled, she argues. Sometimes this will involve unconventional tactics, but the results will be worthwhile if it's done correctly. ®

Send us news
11 Comments

Beijing-backed cyberspies attacked 70+ orgs across 23 countries

Plus potential links to I-Soon, researchers say

Row breaks out over true severity of two DNSSEC flaws

Some of us would be happy being rated 7.5 out of 10, just sayin'

White House and lawmakers increase pressure on UnitedHealth to ease providers' pain

US senator calls cyber attack 'inexcusable,' calls for mandatory security rules

Microsoft Copilot for Security prepares for April liftoff

Automated AI helper intended to make security more manageable

Forget TikTok – Chinese spies want to steal IP by backdooring digital locks

Uncle Sam can use this snooping tool, too, but that's beside the point

In the rush to build AI apps, please, please don't leave security behind

Supply-chain attacks are definitely possible and could lead to data theft, system hijacking, and more

Amazon finishes pumping $4B into AI darling Anthropic

Adds $2.75B to the ML sweepstakes ante and is counting on Claude

US task force aims to plug security leaks in water sector

From a trickle to a flood, threats now seen as too great to ignore

Biden's budget proposal boosts CISA funding to $3B

Plus almost $1.5b for health-care cybersecurity

Whizkids jimmy OpenAI, Google's closed models

Infosec folk aren’t thrilled that if you poke APIs enough, you learn AI's secrets

Miscreants are exploiting enterprise tech zero days more and more, Google warns

Crooks know where the big bucks are

US charges Chinese nationals with cyber-spying on pretty much everyone for Beijing

Plus: Alleged front sanctioned, UK blames PRC for Electoral Commission theft, and does America need a Cyber Force?
BREAKING NEWS: FTX crypto-crook Sam Bankman-Fried gets 25 years in prison