Visa crackdown could increase susceptibility to hacking risks
The Trump administration’s crackdown on work visas could create a national security risk if technology companies aren’t able to bring in the talent they need to build rapidly evolving cyber defenses, a McAfee executive warns.
Shoring up information security to protect data from cyber attacks is crucial to many industries, including healthcare.
While technology companies welcome what they’ve heard from the White House so far on the Trump administration’s cybersecurity policy, there’s concern over moves to place “onerous restrictions” on the H-1B work-visa program that many of them depend on, says Steve Grobman, McAfee’s senior vice president and chief technology officer.
The U.S. Citizenship and Immigration Services agency has issued new guidelines requiring more information on computer programmers applying for H-1B visas to prove the jobs they’d perform are complicated and require advanced knowledge and experience. The agency said its goal was to combat “fraud and abuse” in the program, and the Justice Department warned employers applying for visas not to discriminate against U.S. workers.
The tech sector “has been clear that we need good talent in order to build the technology that the country requires in order to protect itself,” Grobman says. “If we impose additional barriers to hiring key individuals—in many cases from countries that are through H-1B visas—that’s going to limit not only McAfee but many of the other companies that are building the security products and technology that the country relies on.”
McAfee, which made its name in anti-virus software for home and business users, expanded its cybersecurity operations while it was a unit of Intel. This past week, it became a standalone company again after an investment by TPG Group, with Intel retaining a 49 percent stake.
Grobman said the immigration debate is “a national security issue if we can’t develop the technology to defend against the best technology that other nation-states are building or cyber-criminals are building. It’s going to place businesses and the government at greater risk.”
He said he’s having “good dialogue” with administration officials on major cyber threats and that they understand cybersecurity challenges the federal government faces, including fixing aging computer equipment and systems. He said he also agrees with the administration’s proposed policy of holding heads of agencies accountable for their departments’ cybersecurity, even if budgets are being trimmed, in the way that CEOs must answer to their boards about defending networks.
Companies seeking to install updates to products and services the government uses face long certification and compliance processes, he said, often making systems less secure.
In addition, “they don’t have the human capacity to get all of the technology they legally own into their environment” because there aren’t enough people to implement all the regulations, he said.
The government needs to think about building defenses from cyber-criminals increasingly looking toward harder targets like the federal government to steal or hold data “hostage” in exchange for ransom, Grobman said. Recent breaches and disclosures in other sectors are signs they’ve been successful.