The National Security Agency has lost hundreds of hackers, engineers, and data scientists since 2015, many to the private sector, according to current and former U.S. officials. The numbers are worrisome considering the agency’s highly skilled personnel are responsible for gathering a significant amount of intelligence that makes up the president’s daily briefing. The agency is the largest producer and gatherer of intelligence among the U.S. intelligence community.
The NSA employs a civilian workforce of about 21,000 tasked with monitoring the communication networks of terror groups, foreign governments, Russian, North Korean, and Chinese hackers, and they also protect the classified networks that transmit and store the most sensitive intelligence data. While some employees are retiring – the result of a hiring boom in the 1980s – many are leaving for more flexible and higher-paying jobs in Silicon Valley and for private contractors in the D.C. area. “Some synonym of the word ‘epidemic’ is the best way to describe it,” said Ellison Anne Williams, a former senior researcher at the NSA who left in 2016 to start her own data-security firm, Enveil. More than ten of her employees also came from the NSA, she told the Washington Post. “The agency is losing an amazing amount of its strongest technical talent, and to lose your best and brightest staff is a huge hit.”
The Post notes that NSA officials report a 5.6. percent attrition rate among its STEM professionals, but the rate is closer to nine percent among hackers and analysts who staff the agency’s watch center monitoring for cyber attacks. The NSA attrition rate is low compared to the private tech sector and although the agency is filling its vacancies, new personnel tend to lack the experience of those who have left. The experience deficit can and does impede the agency’s core mission of collecting and swiftly analyzing intelligence data.
Administratively, the NSA is undergoing a reorganization. Agency director Michael S. Rogers, a Navy admiral, who also leads the Pentagon’s Cyber Command, has merged the NSA’s Signals Intelligence and Information Assurance directorates – the organizations tasked with spying on foreign targets and defending classified networks against spying, respectively- into a Directorate of Operations. “This traditional approach we have where we created these two cylinders of excellence and then built walls of granite between them really is not the way for us to do business,” Rogers said in February 2016, as he announced the agency’s new organization model, NSA 21 (NSA in the 21st Century). “We’ve got to be flat,” he told an audience at the Atlantic Council. “We’ve got to be agile.”
For those who still work at the NSA, a recent number of breaches and hacks targeting the agency’s hacking tools are a concern. Employee morale has not recovered since 2013 when former contractor Edward Snowden leaked details of the agency’s surveillance of American citizens. Another former contractor, Harold T. Martin III, was arrested in 2016 for stealing roughly fifty terabytes of data from the agency. New security precautions and restrictions on accessing data, on top of an internal search for would-be leakers have contributed to an environment of suspicion. “It comes down to death by a thousand cuts,” a former employee told the Post, adding that people “tend to quit in packs. One person hits their breaking point, and once they leave, the dominoes start falling.”