Feeds

How to put "Stuxnet author" on your CV

"Malware is a legitimate occupation," suggests analyst

The essential guide to IT transformation

With Stuxnet outed as a government-sponsored project by none other that one B. Obama of 1600 Pennsylvania Avenue, the world has concrete evidence that states commission the coding of malware.

That evidence led Anton Chuvakin, a research director in Gartner's IT1 Security and Risk Management group, to ponder just what the coders hired to do the deed can say about it on their curriculums vitae.

“'Malware' … is now a legitimate occupation that you can put on your resume,” Chuvakin suggests, half-jokingly, before going on to offer this format for government-directed malware authors CVs.

“2006-2007: developed ‘attack software’ for XYZ government”

It's since been suggested to us, however, that Chuvakin's suggested may not be entirely suitable, given that anyone working on this kind of thing will be asked to sign a confidentiality agreement.

Such agreements, says Peter Acheson, CEO of recruitment company Peoplebank, “prohibit them from disclosing too much about the specifics of the technology and the project generally.”

Acheson therefore suggests that those among you whose careers have wandered in this direction “discussion of the specific tasks in terms of the project rather than references to the types of technology or what the specific project was designed to achieve” on your CV. That form of words, he feels, will get you credit for shady work without resulting in a window-less van arriving outside your home at dawn.

Acheson suggests the following hypothetical format to get malware gigs onto your CV:

2009– 011 – Department of Defence – Israel Project Director – Strategic Defence project. Worked on the development of strategic defence software for Department of Defence. Project had defence classification XYZ 123. Responsible for all aspects of overseeing development of the strategic software including management of 200 people.

“Often there will be some sort of ability to check participation on the project by talking to a Senior person in Defence about their involvement in the project,” Acheson adds.

Gartner's Chuvakin also raises, in his post, the need for new langauge to describe Stuxtnet and its ilk, and his suggestions may help you to craft suitably evasive CV entries.

“What do you call 'malware' working for the good guys?” he asks. “'Attack software'? 'Sabotage-ware'? 'Good malware'? We need a whole new language to describe what we are seeing now. This is 'one man’s terrorist is another man’s freedom fighter' all over again… “ ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Symantec security chap signs for CSIRO's ICT In Schools
Vulture South is closing in on our goal of 20 new recruits to help teachers and kids
A-level results: Before you smile at that jump-for-joy snap...
Uni-ditching teens are COMING FOR YOUR JOBS
How to promote CSIRO's ICT in Schools in your community
Vulture South is closing in on its target to find volunteers to help teach tech in schools
Everyone's an IoT expert but now there's a certificate to prove it
Cisco creates Certification of Things for industrial sensor-footlers
Facebook wants Linux networking as good as FreeBSD
Help The Social NetworkTM make the kernel better
LinkedIn settles missed overtime pay case: Will pay $6m to staffers
US Dept of Labor: It violated Fair Labor Standards Act
NICTA man explains why he volunteers for CSIRO's ICT in Schools
'I feel fantastic after the sessions - It's the best part of my job' says volunteer
The Register is HIRING technology hacks for the WORLD
Live on Earth? Want to be a Vulture? Enquire within
Pleased to meet you. I'm Joe Bloggs, MVP, vExpert, Cisco Champ
What a mouthful. Do customers care? Six title-holders quizzed
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?