Mathematics applies to the just and unjust alike.
They call this the attack surface. The bigger the surface, the harder it is to defend.
Although the government is projected to spend $65bn on cybersecurity contracts between 2015 and 2020, many experts believe the effort is not enough.
The Coverity Scan reports from 2011, 2012 and 2013 showed the open source and proprietary projects having very similar defect densities when compared to similarly sized projects. The proprietary projects don't seem to get much added benefit from having more experienced "eyes," and the open projects don't seem to get much added benefit from having more "eyes." Other differences "level" the outcomes.
Jeff Williams, chief technology officer at Contrast Security:
Are they going to pay market salaries, not government salaries for this expertise?
The pay scale for the new Defense positions starts at $42,399 and goes up to $132,122. Under the arrangement, the Pentagon can skip the process of rating applicants based on traditional competitive criteria. Instead, the department can offer jobs based on the candidate's unique skills and knowledge. The special qualifications include the ability to analyze malware, respond to incidents, manage cyber fire drills and detect vulnerabilities, among other things.
Charles Dunlap, a retired Air Force JAG general:
Some of those [non-uniformed] people might not realize it, but they are belligerents, they are targetable, and they are targetable in the same basis as active duty military.
We don't even have the right words.