It’s a seller’s market for the cyber war’s special forces.
Just ask Scott Davies, 30, who left a career snooping on Australia’s enemies in December for a similar gig at FireEye Inc. Or Brian Varner, 35, who swapped a job with the U.S. Department of Defense breaking into networks in the Middle East and other hot zones to be a security engineer at Symantec Corp.
“I have a blank canvas to paint whatever I want,” says Varner, exulting at the lack of bureaucracy, not to mention his ability to work remotely from Florida.
All told, cybersecurity companies have hired hundreds of ex-government sleuths in recent years, capitalizing on the boom in business caused by hackers who stole more than 1 billion records in attacks last year. The former spies, cyber-warriors and government-groomed hackers are becoming the cornerstone of the cybersecurity services industry, which is projected to bring in more than $48 billion in revenue next year, up 41 percent from 2012, according to Gartner Inc.
“The people coming out of the military and the intelligence community are really, really good,” says Nir Zuk, co-founder of Palo Alto Networks Inc. and himself a former Israeli army computer hacker. “They know the attackers. They know how they work.”
FireEye has hired more than 100 ex-government hackers since 2013, part of an international expansion that has cost more than $1 billion, according to Chief Executive Officer Dave DeWalt. Symantec has increased the size of its security services division by almost a third, to 500 people, in the past year.
Even smaller companies are snagging top talent. Lacoon Mobile Security, a mobile-security startup that Check Point Software Technologies Ltd. agreed to buy this month, has hired 15 people from Israel’s Unit 8200, said Michael Shaulov, a Lacoon co-founder who, like Zuk, served in the Israeli military’s computer-hacking group. The hires usually had five to eight competing offers and each earned more than $100,000 straight out of the armed services, Shaulov said.
“There’s a bit of a run on security talent,” said Rob Owens, an analyst at Pacific Crest Securities in Portland, Oregon, who has covered the industry for almost 20 years.
While CVs that include government hacking can supercharge careers, they’re not a guarantee of safety — or an easy fit in corporate America.
Bloomberg reported in February that JPMorgan Chase & Co. has put two former Air Force colonels in its cybersecurity division and that they clashed with the FBI, Secret Service and some members of their own staff about their insistence that Russia’s intelligence services were behind a hacking attack on the bank last year. Law enforcement has determined the attack was the work of ordinary cyber-criminals, and insiders said the clash was an example of how military training can cause some to see state-sponsored attacks where there are none.
SOURCE: Jordan Robertson