NSA chief doesn't want to do cyber security solo
The National Security Agency doesn't want sole responsibility for running U.S. cyber security, the agency's director said Tuesday.
Speaking at the RSA security conference in San Francisco, NSA Director Lieutenant General Keith Alexander said that any effort to keep U.S. and government networks safe would be a group effort, rather than a centrally managed operation.
The question of who should manage the security of U.S. government networks has become a bit of a hot-button issue in recent weeks. In early March, former technology entrepreneur Rod Beckstrom quit his position as director of the organization chartered with coordinating federal cyber security, the National Cybersecurity Center, saying that the NSA had an oversized role and dominated national cyber security efforts.
In his March 5 resignation letter, Beckstrom said that the NSA's culture was too different from network operations and security culture, and that top-level government network security monitoring could represent a threat to the democratic process.
Alexander appeared to be addressing Beckstrom's criticism in his opening remarks at the conference. "We do not want to run cyber security for the United States government," he said. "That's a big job. It's going to take a team to do it."
The NSA director said that security guru Bruce Schneier was right, when just minutes earlier he had told the audience that "nobody" should be in charge of cyber security. "A top-down somebody's-in-charge model is not the right model," Schneier said.
In an interview Tuesday, Beckstrom said that he was happy to hear the NSA saying it didn't want to run U.S. cyber security, and was encouraged to see a discussion of the question of how much power the NSA actually wields. He said that agencies like the FBI and U.S. Department of Homeland Security, even the U.S. Department of Commerce, need to get more funds in order to take an active role in cyber security. "There needs to be a balance of power," he said. "I think the budgets are lopsided."
Last year, the Bush administration kicked off a cyber security initiative that was expected to cost as much as US$40 billion over the next few years. The NSA's budget is classified, so it's unclear how much of that money is being spent by the agency.
Clearly, the NSA has a major role to play, Alexander said. "We're technical people. We'll have the lead, I think, for the Defense Department and the intel community, for critical national security systems, but we need partnership with others," he said.
Alexander also called for cooperation from outside of the government too. "DHS has a big role in it, but perhaps most importantly today, we need to talk about your role in it and our allies and academia," he said.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
