NSA to establish new Cybersecurity Directorate to boost defense

The National Security Agency is creating a Cybersecurity Directorate to better protect the country against cyberthreats from foreign adversaries, NSA Director Gen. Paul Nakasone said Tuesday.

Anne Neuberger will be the intelligence agency’s first director for cybersecurity. The directorate is slated to be operational Oct. 1 of this year, an NSA spokesperson told CyberScoop.

The move is intended to allow the NSA  — which is part of the Department of Defense — to better provide information gleaned from signals intelligence to agencies and the private sector in order to protect national critical infrastructure, the spokesperson said. Nakasone made the announcement in New York at the International Conference on Cyber Security.

“It’s a major organization that unifies our foreign intelligence and our cyberdefense mission, and it’s charged with preventing and eradicating threats to national security systems and the defense industrial base,” the spokesperson said.

While discussing the new directorate Tuesday, Nakasone said that over the course of other reorganizations in recent years, the NSA has lost its focus on cybersecurity. In 2016,  the agency merged its Signals Intelligence Directorate, which handled spying on foreign targets, and its Information Assurance Directorate, which handled more defensive operations. In 2000, it merged two directorates to create SID in the first place.

“We have two missions. One of them is, foreign intelligence focused on signals intelligence, the other one is cybersecurity. For many years NSA had been very, very active within this cybersecurity element — intel information sharing,” Nakasone said. “Over the past couple years, as we did a number of different reorganizations, one of the things I think we lost was that emphasis on cybersecurity.”

Civilian agencies — such as the Department of Homeland Security’s cybersecurity division — have been expanding their own efforts to communicate more effectively with the private sector as well.

Neuberger most recently served as one of two co-chiefs of the task force jointly created by the NSA and Cyber Command to thwart Russian influence and cyberthreats against elections. The group, previously known as the “Russia Small Group” is now known internally as the “Election Security Group,” the spokesperson said, in part to reflect a changed focus: In addition to tracking and responding to potential Russia-based threats, it is tracking activity involving China, Iran, North Korea, and terrorist groups.

One of the Cybersecurity Directorate’s jobs will be updating the NSA’s website as a one-stop-shop for vulnerability information, the spokesperson said.

Specifically, the NSA intends to post its own research, such as its open-source engineering tool for malware known as GHIDRA, and threat warnings, such as its most recent warning for Windows users to patch against the security flaw known as BlueKeep, on its site in a unified way, according to the spokesperson.

“As part of the rollout of Cybersecurity Directorate we’ve upgraded our cybersecurity page on the NSA.gov, and within that the hope is that private … companies and individuals can better learn about advisories that we put out with regard to possible vulnerabilities,” the spokesperson told CyberScoop.

This comes as Cyber Command is working increasingly on communicating vulnerabilities to the private sector. As part of Cyber Command’s efforts to upload malware samples to information-sharing platform VirusTotal, the Department of Homeland Security released its own private warning to industry in advance of Cyber Command’s release earlier this month, as CyberScoop first reported.

As far as coordinating better among government agencies goes, Neuberger will pull from lessons learned coordinating with partners and government agencies at the Election Security Group, the spokesperson said. Under Neuberger and Brig. Gen. Timothy Haugh’s leadership, the group had been coordinating with task forces at the CIA, the FBI and DHS.

Neuberger discussed election security on a panel Tuesday at the ICCS forum concurrent with the announcement of her new role.  The Wall Street Journal first previewed the announcement.

The NSA would not comment on who will take reins at the Election Security Group.