NSA Cyber Chief Wants to Share Digital Threats Early and Often

The agency has historically been slow to share threat intelligence but accelerating that process would help the government get ahead of cyber adversaries, according to Anne Neuberger.

The chief of the National Security Agency’s cyber office wants to speed up the information sharing channels between her notoriously tight-lipped organization and its partners in the government and private sector.

By pushing out intelligence earlier and faster, NSA could help its partners get ahead of digital threats instead of playing clean-up after they fall victim, said Anne Neuberger, who was recently tapped to lead the agency’s new Cybersecurity Directorate. The office is set to officially open its doors on Oct. 1.

“Ideally [NSA is] sharing the threat information to prevent an attack, to prevent exploitation, rather than be part of the team that helps with incident response,” she said Wednesday at the Billington Cybersecurity Summit. “Bottom line, it’s recognizing the power we have to prevent an attack through rapid sharing.”

Announced in July, the Cybersecurity Directorate is charged with “preventing and eradicating” threats to the nation’s critical infrastructure. The office will bring the agency’s various cyber divisions together under one roof, with the goal of unifying the NSA’s offensive and defensive operations and making it easier to put threat intelligence to good use.

Sharing information with the national security community and broader government will be critical to that effort, but while those channels already exist, the NSA has historically been slow to use them, according to Neuberger. As the directorate gets off the ground, she said one of her primary goals will be creating a sense of “urgency” and ensuring partners can get their hands on information while it’s still relevant.

The office also intends to make more intelligence available at an unclassified level, which would allow groups share it more easily, Neuberger added.

Though the NSA isn’t explicitly responsible for defending the private sector against cyberattacks, federal contractors have become an increasingly popular target for cyber adversaries looking to get their hands on government secrets. In March, Navy investigators revealed the service and its industry partners are “under cyber siege” by foreign hackers, who have walked off with troves of military secrets in recent years.

Vendors must take responsibility for their own cybersecurity, according to Neuberger, but the government also can’t stand idly by while China and other adversaries walk off with American tech and intellectual property.

“We can’t expect every [defense] company to fully defend itself against every nation-state actor,” she said. “There has to be a balance between the two.”

To that end, she said NSA is exploring ways to increase information sharing with the private sector and also looking for strategies to help small companies quickly jumpstart their cyber capabilities.

In the years ahead, Neuberger said she would like to see more cooperation between leaders in the government and private sector on efforts to lock down the internet of things and address other emerging threats. And as the world becomes increasingly internet-connected, she said it will also be important to address issues tied to online identity and anonymity.

“The threat is significant, and as adversaries become more and more sophisticated, it demands it of us,” she said. “Bottom line: The solution is private and public sectors working together, figuring out what right looks like … and then committing to doing that rapidly, together.”