The transformation of the NSA from a secret service to a public cyber crime fighter

The National Security Agency, once so secret that the NSA acronym was jokingly referred to by Secret Service insiders as “No Such Agency,” is out of the shadows.

The NSA’s director of cybersecurity, Rob Joyce, even appeared in New York recently International Cyber ​​Security Conference to warn of the new dangers that artificial intelligence will pose as an agent of increasingly sophisticated espionage, terrorist attacks and criminal activities.

Joyce and other NSA leaders now speak regularly in public, unclassified forums about the NSA’s offensive and defensive cyber missions. Organizationally, the NSA now works openly with other defense, law enforcement, and homeland security agencies to openly discuss foreign efforts to penetrate US and allied intelligence networks, threaten our critical infrastructure, and disrupt supply chains us.

In the highly classified world of US intelligence, it has been eye-opening for us, as former intelligence officers, to witness this transformation as an agency once shrouded in secrecy is engaged as a public relations operation. However, we recognize that this level of transparency is exactly what American industry leaders and the general public need to know to develop active whole-of-society defenses in an era of nation-state threats to our private sector.

Our most challenging adversaries – notably China and Russia – have broadened their cyber focus to include ever larger parts of the allied private sector beyond the traditional defense industrial base (DIB), into many areas of critical infrastructure. , financial services, law firms and academia where they can either steal proprietary information or secure vulnerabilities for future exploitation.

Early in our own careers, there were some little-known organizations in the NSA utility buildings hiding in the puzzle of the acronym soup. One was dedicated to building the cyber operations capabilities needed to fight terrorists and maintain allied geopolitical advantage, and another focused on protecting US national secrets through information security. Even for officers with full top secret clearances, the prevailing mantra when it came to working with or for these organizations was “Don’t call them, they’ll call you.”

This kind of hiding in the shadows has changed dramatically over the past decade, as the NSA increasingly uses special operations to inform and engage with the public about threats.

Today’s NSA Cyber ​​Directorate operates with a strikingly different approach. Of Cyber ​​Collaboration Centerled by Morgan Adamski, provides advice and threat intelligence to both cleared and non-cleared cybersecurity professionals worldwide.

The breadth and depth of the Intelligence Community’s collaboration with industry was recently demonstrated in its public messages on VOLT TYPHOON, China’s business to try to establish cyberspace positions at private utility companies throughout the United States.

The gravity of the NSA lifting the veil of secrecy to work with public agencies like the Cyber ​​Security and Infrastructure Security Agency (CISA) helped to increase trust across the public-private divide at both the interpersonal and organizational levels. In addition, the women and men of the NSA’s Cyber ​​Directorate have contributed their deep expertise in cyber operations to co-authors deep analyses about how VOLT TYPHOON actors try to stay hidden in our infrastructure.

Providing system integrators and other defense vendors with the necessary tools to navigate necessarily byzantine regulations such as Cybersecurity Maturity Model Certification (CMMC) process and labyrinthine cybersecurity technology marketsof the NSA Defense Industrial Base Cybersecurity Services Program contributes to the economic growth and stability of the complex defense supply chain, while ensuring that suppliers are protected by reliable and secure solutions.

These unprecedented degrees of sharing and collaboration, not only with affected organizations, but also with the American public who rely on the infrastructure these organizations provide, can and must continue.

We believe that working together to develop cyber security and cyber resilience of the entire society is the only way to address the threat actors that strike at the services that support our national security and economic well-being.

As the scope and versatility of threats to the US continue to expand, we urge not only the NSA but also the broader Intelligence Community to work with the threatened sectors and the security industry at large to develop holistic solutions to our most pressing security challenges. We propose three possible initiatives:

1. Expanding government partnerships with industry.

The Intelligence Community should expand its outreach efforts beyond critical infrastructure sectors to build a more robust security framework capable of preventing and responding to emerging threats, even in under-resourced industries. Outreach and sharing should include not only threat intelligence, but also development of best practices and prevention architectures that make affected domains more resilient to Any threats that may occur. As our adversaries become more agile, we believe that expanding both the number of domains involved and the areas of cooperation that build on the good work of the Intelligence Sharing and Analysis Centers (ISACs) established by CISA is critical to keeping safe foundations and increasing trust between the public and private sectors.

2. Collaborate on future threat assessments and open source intelligence (OSINT).

As the amount of publicly available and commercially available information continues to grow exponentially, intelligence agencies and the private sector can work together to form a common understanding of the threat landscape. This collaboration can shed light on a hidden threat environment through shared knowledge and enhance both classified and open source intelligence (OSINT) collection efforts, while developing privacy standards required of all participants to preserve government stocks , protecting proprietary business information and maintaining individuals’ privacy rights. The need to balance ethical, political, and legal parameters in OSINT is why we support the professionalization of the discipline both inside and outside of government.

3. Creation and participation in Common Technical Assurance Frameworks.

As the security of the technology ecosystem becomes increasingly important, the Information Community should actively engage with CISA and industry in assurance frameworks such as CISA’s Secure by Design initiative. This focus should go beyond simple pad hygiene to include more robust preventative technologies. The Intelligence Community’s expertise in testing and securing the world’s most secure networks can provide valuable insights and lessons for federal civilian agencies and commercial organizations seeking to apply assurance-level principles to their technology.

We welcome the new transparency and openness around the previously secretive national instruments of power cultivated by the National Security Agency in recent months and look forward to continued cooperation with all our colleagues in government and the commercial sector to strengthen global security.

We, along with many of our unnamed colleagues who have transitioned between federal service and the private sector, remain committed to making a positive impact on America’s national security and supporting our nation’s global allies in partnership with agencies that must come out of the shadows. In short, we can’t wait for the dance ahead.

Adam Maruyama is Field Chief Information Security Officer at Garrison Technology, a deep technology cybersecurity company. He is a former US intelligence officer. Andrew Borene is Executive Director…

Read the original at

Related Posts