President-elect Donald Trump was briefed Friday on the findings of the intelligence community that Russia was behind hacks of the Democratic National Committee and Hillary Clinton’s staff during the election campaign. Trump has repeatedly cast doubt on the intelligence community’s conclusion that Russia meddled in the election process.
It comes a day after three of the country’s top intelligence chiefs - Director of National Intelligence James Clapper, Undersecretary of Defense for Intelligence Marcel Lettre and NSA Director ADM Michael Rogers – testified before the Senate Armed Services Committee on foreign cyber threats.
The Cipher Brief’s Leone Lakhani spoke to Corin Stone, the Executive Director of the NSA, about the hearing, the roadmap to fight cyber threats and the evolving role of the NSA.
The Cipher Brief: The nation’s top intelligence officials – including Admiral Rogers — gave testimony to the Senate Armed Forces Committee, and one of the issues they talked about is the way forward in tackling cyber crime. How does the NSA fit into the broader constellation of agencies in the toolkit of response that the President has at his disposal?
Corin Stone: The NSA obviously is a big part of the toolkit. Each agency has a role to play. We’re not a law enforcement agency. We’re not a homeland security domestic agency. We obviously provide foreign intelligence and help inform on the threats that we need to defend against.
The President needs to use all of the authorities in his toolkit to actually defend U.S. interests. We’re very closely linked with all of the other agencies that play these roles and we work day in, day out – on a literally hourly basis – to make sure that they know what we know as far as threats…so that information can then be proliferated more broadly both at the federal government level, and at the state, local and private sector level as well. That framework and construct continues to evolve as we learn more.
We have two sides to the NSA. We have the foreign intelligence side, which is critical to understanding what the threats are facing this country. Then we have the information assurance side – our experts who help in cyber defense and know how to secure networks and make sure that people can actually defend themselves.
I think the dual insight brings a specialty from NSA; we try to make sure we’re providing that information to other agencies that have more direct contact with the private sector.
TCB: We heard Director [of National Intelligence] James Clapper say that he has received “expressions of concern from foreign counterparts” about what’s being “interpreted as disparagement of the intelligence community” from President-elect Donald Trump. How important is it for the executive branch to respect the findings of the intelligence community, even if it doesn’t ultimately agree?
CS: The intelligence community is an arm of the U.S. government and is here to serve the executive branch and the legislative branch, the government, and the American people. To the extent that the intelligence community has insight, they’re valuable and that should be used by our government and by all the branches.
TCB: How do you view your role as the Executive Director of the National Security Agency? And how do you see that role changing, given the growing challenges in national security, especially in the cyber realm?
CS: Essentially the Executive Director is the number three at the National Security Agency. The director, the deputy director and myself form a senior leadership team. As the number three, I need to be able to stand in for the director or the deputy director on any topic. That can be an internal or personnel issue, a counter-terrorism or cyber defense issue, or any number of topics where it rises to the level of the director. I need to be conversant on that and be able to step in for them in any meeting, any fora in the intelligence community or on the Hill. We try to be as interchangeable as possible.
That said, I do have an Intelligence Community focus because of my background, being from the DNI [Director of National Intelligence]’s office. I take the lead on much of the collaboration with the other deputies and Executive Directors around the Intelligence Community on things like budget impacts on the Community as a whole, joint duty and ensuring people can move easily around the community and take different assignments.
When Admiral Rogers arrived, he looked around and said “I’ve got a background and knowledge in cryptology, my deputy director also does. I’d like a different perspective from the outside.”
TCB: In terms of insider threats, post-Edward Snowden’s leaks, how have changes in surveillance laws impacted the NSA? Is the NSA able to collect the information it needs to inform policymakers of threats facing the country?
CS: There’s been one major change in the law so far. That involved Section 215 of the USA Patriot Act, so the bulk telephone metadata program expired.
We are now operating under the USA Freedom Act. As you know, that changed the method that we use to obtain the call detail records. Instead of collecting and maintaining five years’ worth of records from the providers, under the USA Freedom Act, we apply to the Foreign Intelligence Surveillance Court. We then get permission to ask the providers to give us the relevant information directly, so the phone companies retain their own call records. We don’t collect them in bulk anymore, and we’re able to get specific information related to international terrorism that we need. So it does preserve the critical capability that we need under the national security program, but also better protects privacy and civil liberties of everyone.
At the broader policy level, we’re always in a dialogue with policy makers, the judicial branch and the public about our authorities and how they should be implemented. Of course there’s also a constantly changing technology environment.
It’s important to understand that we undertake our activities and our mission in response to requirements that we get from the intelligence priorities established to support the President’s objectives. We don’t create our own requirements and priorities.
We have very talented, agile and innovative people here at NSA. Our workforce is amazing and they allow us to make the most of we can do and meet the priority needs within the available legal framework that we have.
It is our duty to make sure that policymakers understand what we think we can and can’t do within our legal authorities and within our framework. Then they decide whether that gives them what they need, or whether they need to seek changes to our authorities. But while that’s a constant dialogue, at the end of the day the law dictates what we can do.
TCB: There’s been criticism of the NSA in terms of intruding on privacy and civil liberties. What kind of steps has the NSA taken to alleviate that kind of criticism?
CS: We’ve hired a full time civil liberties and privacy officer. She is a direct report to the director. Her job is to specifically address the issue of privacy and civil liberties on all operations: assessing our activities, making recommendations, training the workforce about the many unique civil liberties and privacy issues we encounter.
She’s also our coordinator with the Privacy and Civil Liberties Oversight Board, and they have a very active relationship with us. She’s also led a bunch of engagements with what we call civil advocacy groups and academics, who bring in external concerns. We give them a series of briefings on what we do and allow them to meet with folks and ask questions, and that helps us become a little bit more accessible to the public.
I have found that a lot of the concerns that have been raised about the NSA in the past were because there aren’t a lot of facts out there about the NSA. People don’t understand what we do and that’s not through any fault of their own. It’s because we’re an intelligence agency and we weren’t built to be transparent, so we haven’t been.
But now, we’ve published a series of reports, describing the civil liberty and privacy safeguards that are built into our operations in a couple of different areas under Section 702 of the Foreign Intelligence Surveillance Act, under Executive Order 12333 and our implementation of the USA Freedoms Act. They describe the technical safeguards, the oversight mechanisms and the auditing processes that we perform to mitigate these concerns.
The last thing I would mention is PP28 – the Presidential Policy Directive — which follows the theme of transparency. Not only is PP28 an unprecedented level of transparency with regard to how we’re going to conduct our mission and protect civil liberties and privacy, but we also made our procedures related to PP28 public as well. And that’s pretty new for us.
TCB: One of the challenges that’s been a point of discussion in the intelligence community is the improvement of cooperation between the public sector and private sector in tackling some of these evolving threats. Is full cooperation a realistic goal? How is the Agency trying to respond to those concerns?
CS: It depends on how you define “full.” I think really strong cooperation and collaboration is critical, and does happen in many ways. The private sector is responsible for certain things like critical infrastructure. The public sector is responsible for other areas. We have to communicate foreign threats, and understand and deter foreign threats. So we have to work together.
In the world that we live in, neither the government nor the private sector, is strong if we’re working alone. We have to actually inform each other and work together. We’re just connected in ways that ways that maybe we haven’t been in the past, and we’re vulnerable in ways that we haven’t been in the past.
It’s unrealistic for the private sector to withstand the types of activities being directed against them by actors to include nation states, and it’s also totally unrealistic to say that the government should just protect everyone. We can’t defend a network without being inside a network. And neither we, nor the private sector want us inside every network, and so we have to be working together.
We believe strongly that industry is the nation’s innovation engine on which our economy depends, and our national security depends on a strong industry. We know that companies need to compete globally and we all benefit from their innovation. We, in particular, get an enormous amount of IT and services from industry, so we need access to the latest state-of-the-art technology. In some cases, we help drive commercial advances. We have cooperative research with companies and academia. We spin out technology that can be better leveraged and commercialized by the private sector.
We also obviously have serious mutual interests in cybersecurity and making sure that we have solid and secure networks. NSA has a huge, rich history in information assurance. That’s the side of NSA that doesn’t come to light that often. But it really should.
We publish guidelines and promote best practices through a variety of mechanisms. We participate in the National Institute of Standards and Technology cybersecurity framework, which helps to protect critical infrastructure. We’re constantly trying to help the private sector defend their networks in a way that is meaningful to them, without actually being the ones who have to defend it.
To listen to our special "15 Minutes" podcast with Corin Stone, click here.