US spy agency gains support for cyber security role
DHS not up to task, Congress told
Agentless Backup is Not a Myth
The United States' top intelligence official argued last week that the National Security Agency should become the nation's cyber defender, adding his voice to the growing murmur of support for the agency's future role in cyberspace.
In comments before the US House of Representatives' intelligence committee on Wednesday, the Obama administration's Director of National Intelligence, Dennis Blair, stated that the current lead agency on cybersecurity, the US Department of Homeland Security, has not stepped up to the plate, while the NSA "has the greatest repository of cyber talent." Blair acknowledged that the NSA has to gain the trust of the American people and show that they can be held accountable, but that the capabilities of the agency make them best suited to the role of protecting US networks against cyber attacks.
"I think that (the NSA's) capability should be harnessed and built on as we're trying to protect more than just our intelligence networks or our military networks as we expand to our federal networks and to our critical infrastructure networks," Blair said, according to transcript (pdf) of the remarks. "And, the reason is that, because of the offensive mission that they have, they're the ones who know best about what's coming back at us and it's defenses against those sorts of things that we need to be able to build into wider and wider circles."
Blair's comments are not the first time that the National Security Agency has been suggested as a logical lead for the nation's cybersecurity defense efforts. Paul Kurtz, a consultant and advisor to the Obama administration's transition team, also recommended that the NSA take on a greater role in securing cyberspace in comments at a recent security conference. However, the NSA has suffered a public black eye for allegedly collecting data on and tapping the communications of US citizens in the name of fighting terrorism.
In his comments, Blair — the nation's third Director of National Intelligence — argued that the agency and Congress have to work to improve the NSA's reputation and underscored the increasing importance of cybersecurity.
"Our information infrastructure is becoming both indispensable to the functioning of our society and vulnerable to catastrophic disruption in a way that they previous, analog, decentralized systems were not," he said. "Cyber-systems are being targeted for exploitation, and potentially for disruption or destruction, by a growing array of both non-state and state adversaries."
The lion's share of Blair's comments focused on the intelligence communities role in the fight against terrorism, nuclear non-proliferation and unrest caused by current economic conditions.
This article originally appeared in SecurityFocus.
Copyright © 2009, SecurityFocus
COMMENTS
Ok, I appreciate the fact that the DHS is not up to task,
But I *really* wouldn't put the NSA in charge of it. They have a complete conflict of interest. They're job is spying. They want things to be *insecure*. Look how they complained over the RSA thing. Now you are saying you should put *those guys* in charge of keeping America secure? I don't know, they know their stuff, but to ask someone to simultaneously be an aggressor and a defender sounds like they will do one or both jobs poorly. Lets let the NSA be the NSA, and assign cyber security to some new department, *not* DHS. Oh yeah, and break up DHS while you're at it.
NSA remained indepedant?
I thought NSA got folded into DHS Along with about 23 (?) other organisations.
My first thought on discovering this stat was how would they decide where to hold each cities Xmas party, let alone which site to consolidate around.
Part of NSA's remit (is there charter still secret?) is described as (i think) data security, in the same way that GCHQ supplied secure voice links (speech @ 2400bps in 1960 was quite clever).
But would you trust them not to take a backup copy of our code/database/access codes? No malice you understand, just being cautious.
The least bad option if you think you need serious security.
No thank you
When the guys and gals at No Such Agency start saying "trust us we'll do a great job and promise not to abuse our power" I get very nervous. Not to say that they aren't very qualified to help with these security matter because they are, to a degree that no other agency save maybe Christians In Action are. However at the end of the day they are still a government spy agency and as such I trust 'em about as far as I can toss the Washington monument.
IT infrastructure monitoring strategies
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Data control in the cloud
Cloud based data management
Agentless Backup is Not a Myth
