To get a jump on the cyber crime world and cyber criminals, you need help from experts in the industry. These people need to be at the bleeding edge of technology. They have to understand what technologies the criminals are using and what their vulnerabilities are. And they have to know how to combat these attacks through real-world experience.
Relying on government-backed cyber centres and people who have taken cyber security courses at University will not solve the cyber crime problem. The intellectuals and the government employees do not have the skill, the expertise or the front-facing knowledge that a true cyber-professional can bring to the table. I class a cyber-professional as some who knows the problems through firsthand experience and is not afraid to say they do not have all the answers, but will find out or ask someone who does.
There are some good people in both academia and government, but the moment they move into this area, their hands-on experience stops. They are not experts in cutting-edge cyber crime because they are no longer immersed in the problems and solutions that need to be created at the coalface. Couple this with the arrogance that some people acquire when they get into high-ranking positions, and we are looking at someone who doesn’t know what they don’t know.
When people join academia as instructors or professors, they spend more time teaching and less time learning from their own mistakes. They lose the ability to see past their own experience and capabilities. This arrogance culminates in an attitude of “my way or the highway,” and they fail students who have a difference of opinion. But at least most academics are intelligent. In government circles it is even worse. “C” level executives have incredible levels of arrogance. They fail to see, listen to or discuss information or ideas outside their own capabilities. Because of the attitudes prevalent in these areas, both of them hinder rather than help the development of cutting-edge technologies.
I have met some of the most capable fighters of cyber crime in the world. They are clever, persistent and tenacious. They fight cyber crime because they want to. These are the white hats. They have a high sense of morality and drive. And almost none of them are employed by government departments or high-end universities.
They would not get employed in government or academia because they would not pass the high level of scrutiny required. Most of them would not get a normal restricted clearance for government work. And their credentials might not be the kind that look impressive to an academic hiring committee. Academia and government urgently need these types of professionals—they just don’t know it. We need this level of skill if we want any chance of defeating cyber crime.
Of course, not all computer security experts with high-level jobs are complacent. There are some very good people who will not allow academia and government service to blunt their expertise. These are the ones who do not deliver the normal rhetoric that we see and hear in the media. These are the people who are still working, still involved and still fighting the cyber criminals in their own area. We need more of these people.