What to expect from the NSA’s new cyber directorate
With less than two weeks until the National Security Agency new cybersecurity directorate officially starts its work, the organization’s leader said she plans to take a “come together” approach in its first 60 days in order to make the group as effective as possible.
The directorate’s leader, Anne Neuberger, said Sept. 18 at the Cybersecurity and Infrastructure Security Agency’s summit that her team will be made up of people with a variety of backgrounds, drawing from threat intelligence professionals, emerging technologies experts and nuclear command and control staff, totaling “several thousand” people.
Because of the size and diversity of backgrounds, the first step, she said, is to create “one community, one culture internally.” Diversity, she said, will be her group’s strength.
“We’re integrating that to operationalize intelligence to defend against threats,” Neuberger said, who noted that she’ll be working closely with the Department of Homeland Security and FBI.
Neuberger, who previously led the Russia small group at the NSA, said her latest group will be “transforming to work in the unclassified space.”
“We recognize that using threat intelligence, making it useful and effective, needs to be done in the way network defenders need,” Neuberger said. “And that’s where we’ll be transforming.”
The new NSA directorate, she said, will take lessons the NSA learned from defending decades-old systems and sharing those lessons beyond Fort Meade.
“The lessons we learn, communicate that into security standards so the broader commercial world ... can benefit from that" when securing systems for the long-term, Neuberger said.
The second step that Neuberger wants to take in her first 60 days is a pilot program on a “foundational technology” and bring together several new groups to work on a problem.
“How do we work in a new way, bring those communities together [and] operate in the unclassified space so that the advice is useful and applicable," Neuberger said.
Neuberger also said that the traditional means of notifying organizations that hackers have compromised their systems are “tempered” because of the speed at which adversaries now move through the network. The cyber directorate wants to solve that problem.
“We’re thinking about, together, what are the products we generate that bring together threat trade craft insights to help a network defender use that,” Neuberger said.
Gloss