“The national security landscape of the country had changed. Our adversaries could achieve strategic impact by tactical actions,” Anne Neuberger, the directorate’ new leader, said Sept. 4 at the Billington Cybersecurity Conference. “Attempting to use influence operations to shake confidence in a democracy. Stealing intellectual property to gain potential military parity with the United States.”
As a result, NSA had to “really up its game”, Neuberger said.
“That’s what drove us to stand up the directorate, frankly, to set a pretty aggressive mission, which is to prevent and irradiate cyber actors from national security systems and critical infrastructure with a focus on the defense industrial base.”
The directorate was announced in July and is set to formally start its work Oct. 1. Neuberger said U.S. companies, critical infrastructure and the defense industrial base must get better support from the government’s largest intelligence organization. As a result, NSA leaders hope the new directorate provides better, and more contextual, threat information to private entities.
Neuberger, speaking Sept. 4 at the Billington Cybersecurity Conference, said NSA officials have heard that some of the information the agency provided – such as IP addresses and domain names – was a case of too little too late or didn’t include enough context for organs to defend themselves properly.
She explained that the NSA and the cybersecurity directorate want to arrive at a place where essentially offense is informing defense.
“Bottom line, it’s recognizing the power we have to prevent an attack through rapid sharing - and ideally at the unclassified level - so it can be easily used to defend a network,” she said.
The directorate’s other priorities include deepening the collaboration between communities that perform threat analysis, vulnerability assessments and mitigation to better understand threats.
When it comes to protecting the defense industrial base, which has been the subject of a significant amount of nation state espionage and intellectual property theft via cyber means, Neuberger explained the fine line NSA is trying to straddle.
One one hand, she noted, it can’t be expected that every defense industrial base company can fully defend itself against a nation state actor that invests time and resources. However, the government can’t be completely responsible to defend these organizations either.
“There is a balance between the two and we’re looking for, certainly, creative approaches to share threat intelligence but also ways to allow smaller companies to quickly jump their cyber capabilities,” she said.