National Security Agency Director Michael Rogers told a crowded room full of corporate executives Tuesday that they play a role in strengthening the entire country’s cybersecurity posture.
“I spend a lot of talking with the private sector, as a result of the missions assigned to both U.S. Cyber Command and the NSA, and when I would talk to the C-suite, one of the things I would normally ask is: Talk to me about some of the conversations you’re having with your CIO, with your CISO, talk to me about how you as a leader are setting basic expectations,” Rogers told the audience.
In a conference hosted by the Wall Street Journal, the head of America’s most powerful spy agency explained that the Sony data breach incident — widely believed to be orchestrated by hackers affiliated with North Korea — accurately showed how private organizations can work together with the U.S. government to both mitigate damages and recover from a cyberattack.
“From a cyber defensive standpoint, probably 60 to 65 percent of the total activity can be discerned as criminal,” Rogers said, “it is individuals looking to access systems for access to personal identifiable information, which they use to generate revenue, it includes stealing intellectual property.”
The NSA director’s public appearance is the first since President-elect Donald Trump bested his Democratic challenger Hillary Clinton in what some have called the biggest upset in U.S. history. Outside press, beyond WSJ’s own team, were not permitted into the main conference area where the talks took place to ask questions.
With a new administration on the horizon, national security experts have voiced concerns about how the NSA and larger intelligence community will function under a Trump administration. While on the campaign trail, the President-elect called into question the U.S. intelligence community’s effectiveness and at one point also said the NSA possessed copies of scandal-laden emails once written by Clinton.
It remains unclear how Trump’s White House will foster greater collaboration between the private sector and U.S. government in cyberspace, including the sharing of threat intelligence and law enforcement requests for user data. Existing collaboration is “not where we need it to be or want it to be,” Rogers summarized.
“Clearly we’re going to have to wait and see what the future holds,” Rogers said regarding the power shift in Washington. “My concern is I don’t want it to get to the point where it takes some significant calamity to drive us to a conclusion. We’ve got to do something different than we’re doing now. The ultimate solution in my mind is how you bring the public-private partnership forward.”
On Tuesday morning, former House Intelligence Committee Chairman Rep. Michael Rogers, R-Mich., announced his resignation from Trump’s national security advisory group, tasked with staffing the next administration with top security advisors. Vice President-elect Mike Pence is now leading that group. The two Rogers’ are close friends.
“Cyber doesn’t recognize these arbitrary lines we’ve drawn,” NSA’s Rogers said Tuesday. “I think it is totally unrealistic to expect the private sector to withstand the literal onslaught of activity directed against them by nation states and other actors. Likewise, I don’t think it is realistic to say, ‘Well, the government is going to do this.’ Because the challenge with the government doing it is: if you want me to defend something then I can’t do it from the outside. I can’t defend a network unless I have access to that network structure — it is like fighting with one hand tied behind your back.”