The article uses the Russia election situation as an example, but one doesn't need a clearance -- or any classified information, for that matter -- in order to prevent a large number of these recent "hacks" or, at the least, make the attackers work much harder to be successful.<p>When companies can't even be bothered to install security updates on public-facing applications or web sites (cf. Equifax), is anyone really surprised that they're being broken into and having all their private data stolen?<p>In my experience, these public/private information sharing "partnerships" are heavily weighted in the government's favor. That is, the private companies share their detailed, specific data with the government but the information that the government shares with the private companies is laughable. When I was on the "receiving end", it was typically bulletins and notifications that were vague and lacked enough detail to actually be useful or actionable (and even those were limited with regard to distribution).<p>It's been a few years since I was involved with that stuff so perhaps things have changed. I would be really surprised if they have, though.<p>In addition, it seems to me that this is a good way for the government to get these tech companies to "go along with" some of their "requests". Oh, you have some private data that the government would like to have access to but you don't want to turn it over? Or, the government has a "black box" they want you to install in your network but you don't want to? Boy, it sure would be a shame if your employees' security clearances got denied, wouldn't it?
For those in this thread that are confused what the tech companies could be looking for with these cleared people, let me give you an example. I used to work for a company that ran DNS services for public utilities i.e. "critical infrastructure". Every week we would get a classified list of "bad" domains (usually domains that malware would phone home to) from a 3 letter agency and we would notify the utilities if we saw any DNS requests for those domains from any of their computers. Only cleared personnel were allowed to see the list or touch any of the computers that saw the list in any way.<p>A tech company that wanted to work with a 3 letter agency to see such a list in order to protect their own infrastructure would need cleared personnel and a SCIF (the windowless air-gapped rooms that cleared people work from) to even talk to the agency about a list.
This article makes the asinine inference that hiring a ts worker somehow magically grants you access to ts data. Sf86 makes it perfectly clear: you can be tried for treason up to and including capital punishment for leaking state secrets at the ts level. The information is on a need to know basis and requires the company be certified by disa, NSA, and cleared to have a compartmentalized government facility that includes an FSO and yearly dod inspections. The government also chooses you for classified work and sensitive data. Not the other way around.
> The average annual salary for a systems engineer working for the U.S. government with a security clearance is about $119,000...<p>In other words, the <i>average</i> USG systems engineer is roughly a GS-14 Step 6 based on 2017 Rest-of-US locality...GTFO with this garbage.
Article is wrong if you had clearance you don't get to transfer it if you move to a civilian job is my understanding.<p>So is there an equivalent to List X companies in the USA who are allowed put staff through clearance.<p>And for TS clearance I doubt that any dual national other than those because of birth circumstances will be getting clearance any time soon which sucks for SV company employees who are immigrants