Many cybersecurity specialists working for the NSA and GCHQ tend to get burned out, and then head to the private sector. It provides a unique opportunity to hear more about some of the efforts the US government have employed to conduct organized cyberespionage against foreign governments.
For regular Internet users, it doesn't matter whether it's the government or a foreign cybercriminal, cybersecurity must be appreciated and not overlooked. As former government programmers and security experts abandon their government jobs in favor of the private sector, companies want to rely on technology advice from intelligence officials - providing valuable insight into how governments are conducting increased surveillance.
"Whether they're cybercriminals or state sponsored actors, I think a lot of times they can get into a network using a less sophisticated approach or a variant of a known piece of malware... it's a lower risk operationally for them," said Jim Penrose, former NSA employee and part of the department's Tailored Access Operations (TAO) group. "They don't want to fire silver bullets unless it's absolutely necessary; like a zero day or something like that, or a previously unseen piece of malware. Those are really high quality and you want to save those for a time when it's absolutely critical."