Rogers: NSA, Cybercom Need
Partners to Aid Cybersecurity
By Cheryl Pellerin, DoD News,
Defense Media Activity.
Washington D.C. — (DoD
News) — July 28, 2015 — U.S. Cyber Command and the National Security Agency
have capabilities critical to helping the nation’s public- and private-sector
entities during and even before a cyberattack, but both agencies need partners
to do so, Navy Adm. Mike Rogers said recently.
Rogers, commander of Cybercom and director of NSA, was
speaking July 24 at the annual Aspen Security Forum in Aspen, Colorado, during a
discussion moderated by David Sanger, chief Washington correspondent for the New
York Times. The admiral also took questions from the audience on war, crime and
security in cyberspace.
Cybercom is especially interested in trends in cyberattacks
and cybercrime -- even those occurring in the private sector -- because the U.S.
government has designated 16 areas in the private sector that have implications
for the nation’s security, Rogers said.
These include energy, transportation, financial services,
food supplies and communications, and may be especially vulnerable to
cyberattack because they use open-source software or hardware, third-party
utilities and interconnected networks, according to the Congressional Research
Defend Industry, Defend the Nation
“What DoD said was, we believe that the nation is going to be
turning to us to help defend it in the midst of a potential crisis and as a
result we will generate capabilities that we could potentially apply, if
directed, against portions of those 16 segments,” he said.
The DoD Cybersecurity Strategy that Defense Secretary Ash
Carter released in April quantifies the kinds of private-sector attacks DoD will
respond to as “cyber events of significant consequence,” Rogers added, making
the point that “the government is not signing up to” defend everything.
In the end, the admiral said, “it is all about our ability to
create partnerships. It is the ability of the private sector and the government
to team together to generate better outcomes for the nation, not just for us but
our allies as well.”
Another important part of the strategy involves help from NSA.
Warnings and Indications
“We have said that NSA will use its foreign intelligence
mission to generate insights as to what key cyber actors around the world are
doing,” Rogers said. The idea is to get ahead of the problem by getting insights
at the point of origin rather than waiting for the attack, the admiral said.
These insights could provide indications and warning to the government and the
private sector before the attack originates, Rogers said.
“This is what you're going to see,” he said, referring to
what NSA can tell a private-sector company that will share the right kind of
data, “this is how you can best structure your defense to defeat it.”
Between NSA and U.S. Cyber Command, Rogers said, “we try to
do all of that with the private sector.” But he reminded the audience that
Cybercom is just one part of a broader enterprise, naming the Department of
Homeland Security and the FBI as two of the command’s biggest partners on cyber
“One of the reasons why the partnership is so important --
using NSA resources to monitor and guard U.S. networks -- that's not our
mission,” Rogers said, “and it's against the law … but on the other hand I do
want to create a partnership where we're able to share information with each
An example, he said, was the Sony Pictures Entertainment hack
in November 2014 sponsored by North Korea.
After the hack, Sony went to the U.S. government for help, he
said, and the government determined that the hack was a criminal act.
The FBI was designated as the lead agency, Rogers said, “and
the FBI turns to NSA and says, ‘We could use your analytic help, will you
partner with us in working with Sony?’”
The admiral said Sony cooperated completely with the
government during the investigation.
“We said, ‘In order to generate the insights we need, here's
the kind of detail we need.’ Sony did everything we asked. We were able as a
result to generate insights relatively quickly about what we were seeing,” he
But Rogers was frustrated with the situation. “This [cooperation] is great,”
he said, “but the horse was out of the barn … Why can't we have this kind of
dialog prior to the attack?”
(Follow Cheryl Pellerin on Twitter:
Related Videos :
Commander Discusses Missions During Security Forum
Related Stories :
Military, Federal, Private-Sector Partners Key to Cyber Guard 15
Related Biographies :
Navy Adm. Michael S. Rogers
Related Sites :
Special Report: The DoD Cyber Strategy