Four former heads of the National Security Agency (NSA) and US Cyber Command talked about the US government's offensive cybersecurity strategy This article explores government offensive cybersecurity. . The panel came after President Donald Trump released his cyber strategy earlier this month, which put offense and deterrence first.
The 50-minute talk covered a lot of ground, including how the US's view of offensive cyber has changed over time from a secretive idea to something that is now public. It also talked about how the NSA became the basis for US military cyberwarfare, how the private sector's role is changing and growing, and the idea that the country needs offensive capabilities to protect itself.
"Whatever the president says [the red line] is, that's it at the end of the day," said Paul Nakasone, who was followed by Keith Alexander as head of Cyber Command. "Because it is, we have to be the best at it," Alexander said. Alexander said that as a commander, "you need to give the president and the National Security Council flexibility to respond."
Rogers said that the situation "frustrates the hell out of me personally," and he added that the government and the cybersecurity industry don't work together very well. "We need political leadership that works with the private sector to get where we need to go," he said. "And neither can do it alone."
It simply isn't there. "After CISA had to lay off a lot of workers (like other federal agencies) and the Cyber Safety Review Board was effectively shut down shortly after Trump's inauguration, it's a question worth asking. "I see a private sector with a lot of network owners who are very motivated and focused.
Rogers said, "I see a government that doesn't want to spend political capital to really make big changes in cyber." "Think about it: we're the biggest economy in the world." He went on to say, "We don't have a single federal data privacy framework."
