The National Security Agency (NSA) unveiled an ambitious reorganization that pulls together the agency's offensive and defensive operations.
The new framework, called NSA21, rejected recommendations of a government report published two years ago. The President's Review Group on Intelligence and Communications Technologies recommended that the NSA to focus exclusively on foreign intelligence, in light of privacy concerns following revelations by former NSA contractor Edward Snowden.
In addition to a consolidation of the NSA's surveillance and offensive cybersecurity operations, the structure “will enable us to consolidate capabilities and talents to ensure that we're using all of our resources to maximum effect to accomplish our mission,” said NSA Director Mike Rogers, in an address to the NSA last week that was made public on Monday.
Security industry executives applauded the move. “I was thrilled to see the NSA come to this conclusion,” said Lior Div, CEO of Cybereason, an endpoint detection and response platform, in speaking with SCMagazine.com. He believes the move will “certainly” streamline operations, but noted that he sees a stronger reason for the framework beyond the stated goals of NSA21. “If you really want to prevent attacks, you need to understand the logic and planning of an attack,” he said.
Div, who served as a team commander in the Israeli military's famed cyber security group, Unit 8200, believes the essential skills required to prevent attacks can only be gained by working directly on offensive operations. “If the individuals responsible for defense don't understand offense, they have no chance,” he said.