‘This isn’t IAD 2.0’: NSA’s new Cybersecurity Directorate plots its mission

The National Security Agency has started to lay the groundwork and select the leadership for a reorganization of its cybersecurity activities.
NSA, National Security Agency, RSA 2019, china nsa hacking tools, NSA cybersecurity directorate, ghidra vulnerability
(Scoop News Group photo)

The National Security Agency has started to lay the groundwork and select the leadership for its new Cybersecurity Directorate, which will be focused on fusing together signals intelligence with the agency’s cybersecurity protection mission, CyberScoop has learned.

Neal Ziring, who most recently served as the NSA’s technical director for capabilities, will be the Cybersecurity Directorate’s technical director, an NSA spokesperson tells CyberScoop. Dave Frederick, the NSA’s chief of strategic counter cyber operations, will be the new deputy director, an NSA spokesperson said.

In his most recent role, Ziring was responsible for acting as a liaison to both private industry and other government agencies. Ziring previously served as the technical director of the agency’s defensive operations directorate, the Information Assurance Directorate (IAD). Frederick was responsible for coordinating defensive and offensive cyber missions.

NSA Director Gen. Paul Nakasone announced the new Cybersecurity Directorate earlier this week. It will be run by Anne Neuberger, the former co-chief of an election security task force that is responsible for thwarting interference in U.S. elections.


The reorganization comes in part because Nakasone thinks the NSA has lost its focus on cybersecurity following previous reorganizations, the general said Tuesday in remarks at a conference.

A 2016 initiative, known as NSA21, saw the agency’s Signals Intelligence Directorate — responsible for spying on foreign targets — with the IAD. But the NSA intends to treat the buildup of the new Cybersecurity Directorate as a “merger and acquisition,” pulling on several directorates for its talent pool, according to the spokesperson, and not recreating IAD.

“This isn’t IAD 2.0,” the NSA spokesperson told CyberScoop. “We’ve been working on making sure that that’s clear to the workforce that we’re not just recreating something that existed three years ago.”

Who will work at the new directorate

Beyond the roles of director, technical director, deputy director, and chief of staff — which CyberScoop is told will be announced soon — Neuberger and her team still have a lot of personnel questions before the directorate starts operating in October.


The NSA has not determined the number of people that will comprise the directorate in all, although it will be “sizable,” according to the spokesperson, for instance.

Additionally, the NSA has yet to determine which personnel will join the ranks of the Cybersecurity Directorate and where they will be pulled from, an NSA spokesperson said. Some workers may be transferred out of the NSA’s Directorate of Operations.

The spokesperson says it is possible that the new directorate may rely on talent from the Computer Network Operations team (formerly known as Tailored Access Operations), which is focused on computer network monitoring, intelligence collection, and infiltration.

“What elements of [the Directorate of Operations] are integrated into the new directorate are still to be determined,” the spokesperson said. “It’s too early to tell what’s moving from where.”

The agency still plans to keep the Directorate of Operations up and running, the spokesperson says.


Capitol Hill’s reaction

Sen. Mark Warner, D-Va., told CyberScoop that although he is supportive of the new directorate’s goal, this reorganization came as a surprise so soon after another reorganization.

“Having just undertaken a major restructuring, I was surprised to see another significant realignment of resources so quickly,” Warner, vice chair of the Senate Intelligence Committee, told CyberScoop.

Sen. Marco Rubio, R-Fla., a member of the Senate Intelligence Committee, told CyberScoop he supported the move, noting that adversaries have been enhancing their cyber capabilities’ development as of late.

“Foreign adversaries are using increasingly capable cyber weapons to target [the] U.S. government and critical infrastructure,” Rubio said. “All elements of government, including our state and local governments, must better position themselves to defend against cyberattacks.”

Latest Podcasts