The US government is looking to recruit up to 1,000 information security experts, in a bid to strengthen its public sector systems.
The Department of Homeland Security (DHS) said that it had been given the authority to hire the staff on Thursday, at the start of US National Cybersecurity Awareness Month.
"This new hiring authority will enable DHS to recruit the best cyber-analysts, -developers and -engineers in the world to serve their country by leading the nation's defences against cyberthreats," said DHS secretary of state Janet Napolitano in a statement. "Effective cybersecurity requires all partners — individuals, communities, government entities and the private sector — to work together to protect our networks and strengthen our cyber-resiliency."
The government agency is looking for security experts in the fields of cyber-risk and strategic analysis; cyber-incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering. The new employees will be hired over the next three years.
In June, President Barack Obama introduced the results of a 60-day review that looked at how the US government deals with cybersecurity, and said at the time that the US government was "not as prepared" as it should be to respond to disruption from computer and internet attacks. As part of its efforts to improve its response, the US government set up the 16-strong US Homeland Security Advisory Council, which reports to Napolitano.
The move has come under criticism from the Robert X. Cringely blog and others, who suggest that the DHS will have difficulty in recruiting that number of experts."There aren't one thousand civilian cybersecurity experts in the entire friggin' world," according to the Cringely blog. However, the DHS said that it did not anticipate hiring the full quota of experts.
Cambridge University cybersecurity expert Richard Clayton said that the difficulty of recruitment would depend on what the DHS mean by "cybersecurity" and what it meant by "expert". "Security is an extremely broad field, and you need a blend of skills," Clayton said, noting that the skills needed for penetration testing are different from those needed to find flaws in websites.