Advertisement

Ex-NSA chief welcomes more U.S. offensive operations in cyberspace

The U.S. says the gloves are off, and former NSA director Rogers is pleased.
Michael Rogers
Former NSA Director Michael Rogers speaks Nov. 27, 2018, at the Center for Strategic and International Studies in Washington, D.C. (CSIS)

Former National Security Agency director Michael Rogers has welcomed the Trump administration’s willingness to use cyber-operations to deter foreign adversaries, adding that the United States’ previous reluctance to do so was counterproductive.

“My argument when I was [in government was]: “We want to keep the full range of options and capabilities available,” Rogers said Tuesday at the Center for Strategic and International Studies.

“One of the things that frustrated me at times was: Why are we taking one element just straight off the table?” said Rogers, who left the administration in May for the private sector.

“I just thought, boy, if you’re in Moscow or Beijing, you are loving this approach to life because it doesn’t really change your risk calculus,” Rogers added. While NSA director from 2014 to 2018, he also led U.S. Cyber Command.

Advertisement

Presidential Policy Directive 20, which then-President Barack Obama signed in 2012, had installed an intricate inter-agency legal and policy process for approving cyberattacks. Critics of PPD-20 said it unnecessarily delayed offensive operations, while advocates said it accounted for all of the potential repercussions of a cyberattack.

As part of a more combative approach to cyberspace, President Donald Trump rescinded the document in August. A “very different” policy framework is now in place, which includes the necessary interagency coordination but allows operations to be “conducted in a timely fashion,” White House national security adviser John Bolton said in September.

Asked at CSIS about the current U.S. approach to cyberspace, Rogers said, “I think we’re going in the right direction.”

During Rogers’ tenure at Cyber Command, the command forged a partnership with the U.S. financial sector through an information-sharing program known as Project Indigo. U.S. banks shared cyberthreat data with the command, keeping the government informed of nation-state hacking aimed at the sector.

Nonetheless, Rogers said that public-private coordination to boost digital defenses has been a challenge. “I still think one of the big pieces missing in this is how do we bring the government and the private sector together,” the retired admiral said.

Advertisement

Last month, Rogers joined the advisory board of venture capital firm Team8, which was founded by former senior Israeli intelligence officials. Ex-NSA officials criticized Rogers for lending his expertise to a firm closely associated with a foreign government.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts