NSA chief doesn't want to do cyber security solo
The National Security Agency doesn't want sole responsibility for running U.S. cyber security, the agency's director said Tuesday.
Speaking at the RSA security conference in San Francisco, NSA Director Lieutenant General Keith Alexander said that any effort to keep U.S. and government networks safe would be a group effort, rather than a centrally managed operation.
The question of who should manage the security of U.S. government networks has become a bit of a hot-button issue in recent weeks. In early March, former technology entrepreneur Rod Beckstrom quit his position as director of the organization chartered with coordinating federal cyber security, the National Cybersecurity Center, saying that the NSA had an oversized role and dominated national cyber security efforts.
In his March 5 resignation letter, Beckstrom said that the NSA's culture was too different from network operations and security culture, and that top-level government network security monitoring could represent a threat to the democratic process.
Alexander appeared to be addressing Beckstrom's criticism in his opening remarks at the conference. "We do not want to run cyber security for the United States government," he said. "That's a big job. It's going to take a team to do it."
The NSA director said that security guru Bruce Schneier was right, when just minutes earlier he had told the audience that "nobody" should be in charge of cyber security. "A top-down somebody's-in-charge model is not the right model," Schneier said.
In an interview Tuesday, Beckstrom said that he was happy to hear the NSA saying it didn't want to run U.S. cyber security, and was encouraged to see a discussion of the question of how much power the NSA actually wields. He said that agencies like the FBI and U.S. Department of Homeland Security, even the U.S. Department of Commerce, need to get more funds in order to take an active role in cyber security. "There needs to be a balance of power," he said. "I think the budgets are lopsided."
Last year, the Bush administration kicked off a cyber security initiative that was expected to cost as much as US$40 billion over the next few years. The NSA's budget is classified, so it's unclear how much of that money is being spent by the agency.
Clearly, the NSA has a major role to play, Alexander said. "We're technical people. We'll have the lead, I think, for the Defense Department and the intel community, for critical national security systems, but we need partnership with others," he said.
Alexander also called for cooperation from outside of the government too. "DHS has a big role in it, but perhaps most importantly today, we need to talk about your role in it and our allies and academia," he said.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
