The National Security Agency has a recruiting problem.
Rocked by the Edward Snowden disclosures and facing stiff competition for top talent from high-paying Silicon Valley firms, the nation’s cyber spy agency is looking to recruit a new generation of college hackers and tech experts. And through one new program, the agency is cultivating students as young as eighth grade.
The man the NSA has turned to for help solving its recruiting problem is an avuncular 32-year NSA veteran named Steven LaFountain, who has been tasked with building up a “cyber curriculum” for tech-savvy students at 20 to 25 American universities–and making sure a steady flow of top minds continues to go to work for the nation’s technical surveillance agency. Officially, it’s known as the Centers of Academic Excellence in Cyber Operations program.
Recently, CNBC sat down with LaFountain in a conference room at NSA’s National Cryptologic Museum, next to the agency’s sprawling headquarters in Ft. Meade, Maryland, to talk about recruiting in the post-Snowden era.
What follows is an edited transcript of that conversation.
CNBC: So explain the impact of the Edward Snowden disclosures on your ability to recruit.
LaFountain: Actually, I don’t think it’s been damaging to our ability to recruit talent, in that many of the students that I talk to, anyway, that I interact with, they’re interested in the tech. They’re not bothered by, let’s say, the politics of things like that. They’re interested in the technology. They want to get into cybersecurity. They want to learn what we do here.
CNBC: How do you prevent yourself from being the guy who recruits the next Edward Snowden?
LaFountain: That’s a good question. We have other processes … security process that look into backgrounds and polygraphs and all that, and hopefully that will prevent that. You know, when I’m recruiting, I’m looking for the technical talent. I’m looking for the people that have the right mind-set, that question things. That don’t just say, ‘That’s how it’s supposed to work, so it works that way.’ You’ve got to question: ‘How can I get it to do things it’s not supposed to do?’ That’s really what the whole cybersecurity business is about.
CNBC: Post-Snowden, the analysis was that part of the challenge for the NSA was that this generation of technologically-savvy students shares a different ideology than previous generations of boomers and Gen-Xers. These young folks today are much more libertarian, they’re much more of the information-wants-to-be-free mind-set. Are you finding a different mind-set among the 20-somethings that you’re recruiting now?
LaFountain: There certainly is that mind-set out there. And it’s been out there probably all along; it’s just more prevalent and more prominent today. More noticable. But there are lots of students out there that I think aren’t bothered by the politics of things. They do understand the need to protect information. Some people will always believe that there’s a conspiracy, but you know there is a need to protect information so that the government and the agency can do its mission.
CNBC: How tough is it for you guys to compete with Silicon Valley? How do you convince those guys to come here and work for a government salary instead?
LaFountain: Well, I think there’s a number of reasons why students come here. Some of them, you know, want to do good for the nation, they want to come work here or in some other government entity. Many of them realize that they come here and they can get some incredible experience very fast. So in our STEM [science, technology, engineering and math] areas, in our high-tech areas, we have a higher-than-average attrition rate. Because they come here, they build the skills, and then they’re very, very employable outside. And so I’ve been in offices at the agency over my career here where we’ve had a 30 percent turnover rate every year because the skills are just that valuable. And then they go out and they go join the gold rush, as you say, and make the money. But a lot of them stay.
CNBC: How do you compete with that?
LaFountain: Well, some of it is the work that we do here. The work is very exciting, very interesting. Some of the work we do here you can’t do outside. When I first came to the agency 32 years ago, I never expected to still be here today.
CNBC: On this college recruiting program that you’re launching, you’re now seeing the first wave of graduates hired by the NSA. Where do you see this program in five years?
LaFountain: Well, in five years I think we’ll be fully where we want to be. I think we’ll have the number of schools that we want in the program. The program requires that schools re-designate as a center of excellence every five years. So we’ll have gone through the first wave of that, and I think that we’ll see that the original schools will strive to continue to be designated as centers of excellence for cyber operations. And I think — I hope — that we will see the pipeline of students that we’re expecting coming to NSA, going to cybercommand, going to FBI, going to the places that need the skills that we’re trying to build.
CNBC: What are the ethics of cybersecurity?
LaFountain: Well, largely it’s just being a good citizen in cyberspace. Right?
CNBC: But part of what you’re trying to do at the NSA is steal information. I mean, that’s what the NSA is for.
LaFountain: Well, we want to have people that have those skills, but you want to make sure that it’s applied in a legal manner, right? We have a legal authority to do that, to gather foreign intelligence, but our people need to understand that, okay, so you can’t go and do that in your personal life, right? You can’t do that against family, against friends, against neighbors. You’ve got to still be a model citizen in cyberspace.