国家安全局试图为其继续进行网络安全操作而获得安全行业的支持。
NSA有两个关键任务:外国情报收集和信息保证。一个任务可以帮助另一个任务,因为一方收集的情报可以由另一个团队来改善政府网络和私营部门网络的保护方式。美国网络司令部兼NSA局长迈克尔·罗杰斯(Michael Rogers)在周二的RSA会议上说,美国国家安全局(NSA)将在21世纪作为NSA21或NSA的一部分,将其作为NSA21或NSA的一部分结合在一起。2020欧洲杯夺冠热门
The NSA needs to figure out how to fulfill its twin missions, but there are some core tenets which can't be ignored, he said. They include accepting that there is no one single answer to solve the problems plaguing information security, and accepting that technology alone can't fix everything. It's important to not forget about the human factor.
罗杰斯说:“国家依靠我们保护其安全和安全性,我们必须以保护公民的隐私和权利的方式来做。”
NSA wants to unify security offenses and defenses
The NSA21 reorganization plan goes counter to recommendations made by a presidential panel in December 2013 that the NSA should concentrate on foreign intelligence-gathering operations. Under the plan, publicly disclosed in early February, the NSA's spying and cyberdefense directorates would merge into a unified team responsible for both espionage and defending computer networks.
+不在节目中?See all the news as it happens+
总统小组建议在国防部内创建一个单独的机构,以确保政府网络并协助私营部门确保公司网络。
罗杰斯对国家安全局进攻和防守武器之间潜在的利益冲突淡化了行业的关注。相反,他敦促安全专业人员和技术公司与政府合作面对威胁。他说:“我们不会在政府和国防部特别解决这一问题。”“如果您有兴趣参加其中一些练习,我们有兴趣与您交谈。”
NSA看到迫在眉睫的安全噩梦
Adversaries are getting more aggressive, and it's only a "matter of when, not if," a foreign nation tries to attack United States critical infrastructure, Rogers said. he cited the December attack on the Ukranian power grid as an example of the kind of attack to expect against the U.S.'s critical infrastructure.
In fact, Rogers suggested the Ukrainian attack was partly a trial run for attacks in the U.S. and elsewhere, not meant to only disrupt Ukraine as part of the proxy war being raised by Russia in that country. He said they were interested in how the provider responded to the outage and were looking at how they could slow down the provier's recovery efforts. "This is not the last time we will see this, ant that concerns me," he said.
The NSA chief also mused about how attacks against data would evolve. At the moment, the focus is on just stealing data, but there will come a time when attackers will start manipulating data, software, or products, he said. Modifying data to show something other than what is expected can have far-reaching consequences, such as if bank accounts don't display the amount of money the customer believes there should be, or if businesses see their financial transactions not reflect what they expect to see.
What do you do when you can't believe the data?" he asked.
Rogers's final worry was about adversaries moving away from using online tools for recruiting and towards actual destruction. Currently, these adversaries use tools to recruit, spread ideology, and generate revenue. The next stage would be destructive attacks to disrupt the status quo. "What happens when those same actors use cyber as a tool for destruction?" he asked.
Rogers says little about the Apple-FBI stand-off
While Rogers was on stage,Apple and FBI were facing off在国会中,联邦政府试图迫使苹果设计绕过iPhone和iPads密码和加密保护的方法。
罗杰斯并没有真正涉及辩论,但指出:“我们发现自己正处于有些人想使用相同技术伤害的空间。”但是,危及的问题是“对我们国家的建构的基础”,重要的是每个人都必须共同努力以寻找共识。他说,与当前的情况相比,每个人都在互相大喊大叫的情况下,需要进行实际的对话。我们花了很多时间互相谈论我们无法做的事情。...现在是时候让我们所有人停止互相交谈并开始与彼此交谈了。”
这个故事“ NSA试图将罪行和防御在间谍努力中结合起来”,最初是由InfoWorld 。