DHS PR Does Not ‘Get’ Information Army.
Oops!
Security is a Wide Area and there are all sorts of experts – not one master set of skills that you can find on any single resume.
A few years ago ~1994 I was at dinner with Mr. Ex. (Don’t want to embarrass him cause he still claims he is the smartest of us all.) I had only been in the field about 10 years and was learning… as we all still are every day. He told me, “I know everything there is about security….” ad nauseum. NONE OF US DO! (I choked on my Ratatouille but kept PC-ish and moved my plate to another table.)
The error here is with DHS PR. Some wonk used the media term “security expert” (sans definition) and off we go in the wrong perception-description; just as we have allowed the media to blame every security incident on ‘hackers’ – clearly a massive nom-de-guerre error by any standard.
Once we allow them to lock in the term “security expert” as a catch all for anyone who can find the ‘on’ button or push Defrag or even do slick coding hacks, we are in trouble. No more than a company (or kinetic force projection outfit) can run on one set of expert skill sets, security itself (like any vertical technical discipline) is a highly granulated suite of skills that must be integrated.
A CND/CNA (Computer Network Defense/Attack) suite of expertise includes (at a broad stroke) many skills needed to deploy and Information Army
- Mapping People
- Cracking People
- Coding (CNA & CND)
- Reverse Engineering
- Social Engineering
- C3I
- Sniffers
- Readers
- Research
- Moles (yeah, C****, I****, P****** has none of those in our CIs) (Note: the way the national letters come out… 
- Analysts/Synthesizers
- Manufacturing (CNA)
- Distribution (CND/CNA)
- PR (!! Techy and accurate, not PC)
- Education
- Awareness
- Perception Management & PsyOps
- Failure Modeling
- Process Control
- Reconstitution
- DR
- Layered Technical Management.
- The interdisciplinary expertise needed from psychology, neural behavior, etc. etc. (Security is not technical, solely, not is it?)
- Yeah… and more good PR people who speak geek. (Not the usual wonks)
No one can do it all. No one has all of these skills. Period.
I worry much less about DHS acquiring 1,000 people with skills than them being able to find the right management who understand security, the temperament of the geek community and can last more than a handful of months in a culture designed to fail.
There are millions of people with the varied skills a well-organized Information Army (CND/A) needs. There are decidedly fewer people who know how to, or have even ever thought about to taxonomize the skills and organize them (skills and people) like a true business.
Get a free download of ‘Information Warfare’ at: http://www.winnschwartau.com/downloads.html and take a look at Chapter 16.
Winn