Will there be a gigantic sound of cyber security talent evading the concept by moving to Canada?
The National Military, National and Public Service Commission, established by Congress, is currently evaluating the Selective Service System (SSS) with a view to modernizing the design, including the ability to enroll cyber security professionals.
"Part of that discussion", Jacob Daniels, a legislative contact at the SSS, reports CSO by e-mail, "has included a & # 39; skills draft & # 39; whereby our agency would ask experts on certain topics to register with Selective Service. References to these discussions include healthcare professionals and cyber security experts. The Commission will report its findings and recommendations to Congress in March 2020. "
"That said," adds Daniel, "Congress is not bound by any of the Commission's findings or recommendations."
The person who came up with this idea is waving paint. – Then Tentler
The idea is going to be as popular with hackers as you might think. "The person who came up with this idea has stained paint," says Dan Tentler, founder of Phobos, consultancy for attack simulation.
The future of the design
"The feasibility and advisability of modifying the military selective service process to enable military, national and public service providers to acquire skills (such as medical, dental and nursing skills, language skills, cyber skills and science, technology, engineering, and mathematical (STEM) skills ) for which the nation has a critical need, regardless of age or gender. "
Employees who teach specialized skills, including cyber security experts, are formally discussed in Washington and the latest discussions Executive Order of the White House contains language that suggests that the idea is taken seriously. "United States government policy should facilitate the seamless relocation of cyber security practitioners between the public and private sectors," says the EO, "maximizing the contributions made to our nation through their different skills, experiences and talents."
The M.A.S.H. precedent
Qualifying highly skilled employees is not new. The US government appointed doctors and nurses during the Korean War (think of M.A.S.H.) and reserves the right to refuse medical professionals service during times of war. The current rules for selective service can make medical professionals as old as 44 and in some cases even older.
Times have changed, however, and a similar attempt today to set up doctors or cyber security professionals is likely to be resisted.
Some members of Congress argue in favor of abolishing the Selective Service, the agency that implements the draft. Others say that the design should include both women and men. Currently, all men between the ages of 18 and 26 must sign up for the concept. A court of law decided that earlier this year only forcing men to register for the design was unconstitutional but did not instruct the Selective Service to register women. The Commission's findings will almost certainly tackle this problem.
Don't say the word "design"
Last week in the testimony of the US Congress, witnesses from the US Army Cyber Command and the Department of Defense withdrew to the words & # 39; concept & # 39; or & # 39; conscription & # 39; not to use, but instead propose new recruitment and retention efforts to acquire skills with appropriate cyber security.
One of the main goals being discussed is the ability to recruit and promote mid-career experts, perhaps thirty, forty or even older – and to train them to become O-6 Navy, Colonel in the US). other services). The result, a witness said, meant a & # 39; Michelin man & # 39; formed military advance, with an age and experience bulging in the middle.
Traditionally, the army is pyramid-shaped – large numbers of young and less-skilled people do most of the fighting, with a sharp ascension in years and skills as military personnel climb the ranks. However, in a cyber conflict, older, more experienced cyber security experts may be at the forefront.
"The future army may need more personnel in the middle years of experience due to the technical nature of operations (a & # 39; Michelinman & # 39; profile), versus the pyramid shape that the army now assumes," David SC Chu of the Institute for Defense analysis wrote in submitted testimony. "Only by drawing on the private sector could such a distribution be achieved."
"SWAT teams of nerds"
US Army Cyber Command wants to deploy more experienced security practitioners to modernize and secure the military information systems, Nicole Camarillo, director, talent acquisition and US Army Cyber Command management strategy, Congress said.
"In addition to improving technology within the Pentagon, SWAT teams of nerds worldwide are deployed to command warriors supporting the warfighter and our global defense networks," Camarillo said in a written statement.
Finding ways to enable security professionals to go in and out of uniformed services laterally is part of the goal of filling those SWAT teams with motivated nerds. The military service personnel memorandum, distributed this week before the hearing, calls on the government to "build new military service pipelines" and to facilitate "a continuum of service" between the military and private sectors. "
The military clearly prefers recruitment and promotion incentives to acquire the cyber security talent they want, but it remains unclear how they can compete with salaries in the private sector or for the growing numbers of talent who have grown up with the Snowden disclosures and who are basically object to works for the US military, intelligence services or the military-industrial complex. The committee does not specifically acknowledge the impact of Snowden disclosures on the recruitment of cyber security professionals, but many witnesses deplore the growing cultural gap between civilians and soldiers, while some are concerned about the actual emergence of a "warrior class" in American society.
The latter can be the biggest hurdle to overcome, and the committee proposes to solve the problem with more marketing aimed at American youth, including more basic tours, extensive youth gift programs such as JROTC, and setting up a " pilot program to provide innovative approaches to branding and marketing "military service to potential recruits.
If the idea of going to Canada to avoid a concept sounds appealing, remember that the global lack of cyber security opportunities has also affected our chilly northern neighbor. Security professionals will not find it difficult to find a job and a visa.
For his part, that's what security expert Robert Graham from Errata Security said he would do if there was a trip. "Move to Canada", he tells CSO. "That is not a journey, that is slavery."