Archive for the ‘NSA’ Category

KT McFarland to depart as deputy NSA, take ambassadorship to Singapore, official confirms – ABC News

Deputy national security adviser KT McFarland is expected to leave her position and accept an ambassadorship to Singapore, a senior administration official confirms to ABC News.

The move is the latest indication that National Security Advisor H.R. McMaster is taking full control over the National Security Council, following up on last week's decision to remove Steve Bannon from the principals committee.

McFarland is a former Fox News commentator brought on to the job by Trump's former National Security Adviser Mike Flynn, who resigned after reports that he misled Vice President Mike Pence about the nature of his conversations with Russian officials during the campaign.

McFarland is expected to remain at her post for the next two weeks before President Trump formally submits her as a nominee for the ambassadorship.

According to the same official, McFarland is "excited" to accept the position, and McMaster thought she did a great job as deputy national security adviser.

The official characterized the move as a "promotion," because instead of working as a deputy, she will be a leader in a "critical diplomatic outpost."

ABC News' Erin Dooley contributed to this report.

View post:
KT McFarland to depart as deputy NSA, take ambassadorship to Singapore, official confirms - ABC News

NSA awards UWF Center for Cybersecurity with designation – Pensacola News Journal

Joseph Baucum , jbaucum@pnj.com 8:00 a.m. CT April 10, 2017

University of West Florida students Ian Briggs, left, and Jessica Aguilar work on a computer program in the Battle Lab at UWF on Wednesday, April 5, 2017.(Photo: Tony Giberson/tgiberson@pnj.com)Buy Photo

The University of West Florida's role inevolving the Southeastas a power in cybersecurity workforcedevelopment will soon expand exponentially.

In a joint sponsorship betweenthe National Security Agency and the Department of Homeland Security, the university's Center for Cybersecurity has been designated as the National Center Academic of Excellence (CAE) Regional ResourceCenter for the Southeast region.

Only six institutions were given the regional designation. As part of the honor, the universitywill serve as the CAE Regional Resource Center for all colleges and universities in Alabama, Florida, Georgia, South Carolina, Tennessee and Puerto Rico.

"The goal of the National Security Agencys CAE office is to increase the number of qualified cybersecurity professionals by expanding the number of CAE institutions," said Eman El-Sheikh, director of theCenter for Cybersecurity."Our missionwill be to provide leadership to do that in the Southeast."

The university plans to host workshops and professional development activities in the local area and across the region in its role as a resource center. They include a CAE mentor and peer reviewer workshop in June at theNational Cyber Summit in Huntsville, Alabama, andaworkshop on securingsoftware development for faculty in Pensacola in the fall. It will alsocreate an online resource portal thatcolleges and universities in the Southeast can access.

At left, Dustin Mink, University of West Florida assistant director of the Center for Cybersecurity, and student Nathan Earley talk on Wednesday, April 5, 2017, in the UWF Battle Lab.(Photo: Tony Giberson/tgiberson@pnj.com)

With cyberattacksescalatingastechnology advances, a qualifiedworkforce in cybersecurity is critical. According to the Department of Homeland Security's National Initiative for Cybersecurity Careers and Studies, aboutone out of every five Americans havebeen victimized by cybercrime. Cyberattacks also cost the average U.S. company more than $15.4 million annually.

To ensure enough qualified professionals exist, El-Sheikh said the National Security Agency's goal is to increase the number of CAE institutions across the country. More than 200 colleges and universities across the U.S. and Puerto Ricoare already designated as a CAE based on their degree programs and close alignment to specific cybersecurity-related criteria and curriculum.

But a substantial amount more could benefit from earning the designation.

"Currently less than 5 percent of institutions have it, and in our world, that designation is a gold star," El-Sheikh said.

Martha Saunders, University of West Florida president, expects the university'sdesignation as a CAE Regional Resource Center to further its mission of being a community resource. She anticipatescybersecurity to change and be redefined dozens of times over the next few years, but she saidas changes in the industryoccur, the university will always play a handin developing the kind of workforce that is needed.

"There are lots of centers for cybersecurity across the U.S. that could have been picked, but they chose us," she said of the CAE Regional Resource Center designation. "I find that encouragingnot just for the university, but for the whole community."

Read or Share this story: http://on.pnj.com/2oReQhd

Read the rest here:
NSA awards UWF Center for Cybersecurity with designation - Pensacola News Journal

Yul Williams on fostering innovation at the NSA – Standard-Examiner

Special to The Washington Post.

Yul Williams is the technical director for the National Security Agency/Central Security Service, working with computer scientists, mathematicians and engineers to develop new technologies in the cybersecurity field that will assist the agency in its intelligence operations. In a conversation with Tom Fox, Williams described an NSA idea incubation technique that has led to many innovations. The conversation has been edited for length and clarity.

Q: What is your main area of focus at the National Security Agency?

A: My work is centered on cybersecurity, and its mostly of a defensive nature. We are trying to gather ideas from the workforce that we can develop and implement to enhance our overall mission. Our CYBERx incubation model provides a venue where anyone in the workforce can present concepts to an audience of senior leaders that may have the potential to affect the manner in which we conduct business.

Q: If I am an NSA employee and I have an idea, how do I get it to you?

A: We developed a crowdsourcing tool that is available to the NSA workforce. The workforce can look at the idea submitted and vote for or against it. They can leave comments saying why an idea is great or that it has been tried before. Afterward, a group known as the Innovators In Residence reviews the idea and decides how we can bring it into the incubation stage.

Q: What happens next?

A: We guarantee the idea champion will have an audience within four weeks with the Innovators in Residence, which will make the determination whether the idea should move to the next stage. The group makes a list of all the good and bad things about the idea. The focus is mostly on the negative comments because they surface the institutional fears as to why the idea hasnt been implemented before. Our emphasis is on proving why those fears are unfounded. If the idea champion cannot overcome those concerns, the idea dies on the spot. We refer to this concept as a fast failure, and it limits the energy expanded on ideas with low mission potential. If the idea has merit, the group helps the idea champion develop a pitch that can be used to convince the organization of the value of the idea to the bottom line.

Q: What happens if an idea passes that phase?

A: The idea champion is given an audience with the RIP or the Resource Investment Panel that is made up of NSA senior leaders who run organizations and have staff. Instead of giving funding for the first round of development, we ask the RIP to loan a resource to the project. For example, a resource may be an analyst who might have skill in microelectronics or optoelectronics. Once the RIP concurs, it provides resources to the idea champion who then has up to five months to conduct experiments. During that phase, the idea champion must periodically meet with the RIP and explain the experiments status. If all of the requirements are satisfied, the idea champion meets with the same panel, now called the Strategic Investment Panel or SIP. The SIP must come to a consensus about turning the idea into a product and deploying it.

Q: How many ideas on average go through this process?

A: There are around 117 ideas percolating in the crowdsourcing process.

Q: Can your approach be adopted by other agencies?

A: I would strongly encourage other federal agencies to adopt an incubation model. I am shocked at the amount of interest employees have in lending their ideas to make us a better agency. You should see the passion that people bring to the table and the pride they have when their idea makes it to the end of the incubation model or is even considered. We dont attribute failure of an idea as a personal failure. We celebrate that the person was willing to step away from what they do on a daily basis and take an idea through the process.

Q: Tell me about your management philosophy or management style.

A: My leadership style is to respect the professionalism of the people I work with. I learned long ago that if youre working with low-skilled people, it is more direction-oriented. In this environment, we have very professional people, so you want to leverage what they have to offer and challenge them to do things that they did not believe were possible. I find that people always exceed their own expectations.

Q: Have you learned any important leadership lessons during your time as a manager?

A: One of the lessons I learned is to always seek out others who have more experience in areas where you may be lacking so you can consider a wider range of ideas. It is important to confer with a diverse set of people who you can bounce ideas off of and those that help you to grow as a professional and as a person.

- - -

Fox is a guest writer for The Posts On Leadership blog and the vice president for leadership and innovation at the nonprofit, nonpartisan Partnership for Public Service.

nsa-innovate-qanda

Keywords: Yul Williams, NSA, cybersecurity, innovation, fast failure

Excerpt from:
Yul Williams on fostering innovation at the NSA - Standard-Examiner

Alleged NSA hack group Shadow Brokers releases new trove of exploits – TechCrunch


TechCrunch
Alleged NSA hack group Shadow Brokers releases new trove of exploits
TechCrunch
Shadow Brokers, the group behind last year's release of hacking exploits allegedly used by the National Security Agency, has dropped another trove of files. In a Medium post today, the hacker group offered up a password giving free access to files it ...

See the article here:
Alleged NSA hack group Shadow Brokers releases new trove of exploits - TechCrunch

NSA cyber-defense chief: ‘I have never been more busy’ – FedScoop

This report first appeared on CyberScoop.

The man responsible for leading the National Security Agencys defensive mission says his team is fielding more calls than ever from agencies across the government.

Dangerous, highly capable hackers and a desire by agencies to adopt cloud technology have increased the workload forInformation Assurance chief Paul Pitelli and his office, which he says is sort of like the Geek Squad for defense in government.

Pitelli is acareer professionalwho has served in the NSA for more than 20 years as the secretive spy agency transformed into what it is today a highly sophisticated technology behemoth with an array of federal responsibilities, including both signals intelligence and protecting sensitive government systems. With the recent retirement of former Information Assurance Directorate head Curtis Dukes, a renown computer scientist and intelligence community icon, Pitelli took on an increased role in an ever important effort to ensure that the Defense Department and broader government arent hacked.

Well get a wide range of calls from Hey were trying to set up a whole new [information technology] environment and that could be the White House calling, Pitelli said.

A big focus in recents years for Information Assurance, according to Pitelli, has been helping a variety of different federal agencies establish secure cloud data storage processes.

I have never been more busy, Pitelli told CyberScoop in an interview Thursday after he spoke at the McAfee Security Through Innovation Summit.We are getting calls because they all need help. Everyone wants to take advantage of cloud services, thats sort of one thing were getting called for, but its also traditional issues because our nation is being constantly attacked. Were one of the few agencies that get to see when and how the adversary starts operating.

Federal lawmakers have increasingly encouraged agencies in recent years to adopt cloud data storage technologies as a way to both save costs and phase out old on-premise servers.

Because of the economics of cloud services theres so much incentive [for agencies] to migrate many of their capabilities, Pitelli said. A lot of people in government want the NSAs help.

Nobody in government wants to be the next to suffer a hack like the2015 data breach that exposed federal employee information held by theOffice of Personnel Management, he said.

So were getting a lot of calls where its basically, Hey we want to make this move, but how do we do it well? Pitelli said.

Turnoverat the White House also adds to the Information Assurance divisions current workload.

With a change of administration, you know, they typically take a fresh look. And for us thats an opportunity because it allows us to sometimes make an [IT] environment better, Pitelli said. The cyber dimension is adding, on one hand, what you can call issues or events, but I think can be opportunities.

Historically, Fort Meades defensive efforts in cyberspace have been overshadowed by the spy agencys more offensive-centric, intelligence gathering mission set. This is evident from a labor perspective, given that the NSAs Signals Intelligence workforce remains much larger than the Information Assurance unit.

An overwhelming majority of budget dollars are allocated to offense rather than defense, former intelligence officials say, and thats resulted in an agency that is known almost exclusively for digital espionage rather than cyber-defense.

Dukes, former IAD head Debora Plunkett and departing NSA Deputy Director Rick Ledgett recently voiced their concerns that the NSA should be focusing on defense more than it has in the past.

Roughly 90 percent of the U.S. government cybersecurity spending is used to fuel offensive operations, Ledgett told Reuters.

I absolutely think we should be placing significantly more effort on the defense, particularly in light of where we are with exponential growth in threats and capabilities and intentions, Plunkett, who oversaw the NSAs defensive mission from 2010 to 2014, recently told Reuters.

Defense under NSA21

The trios comments come amid an expansive reorganization effort by the NSA, instituted by agency Director Michael Rogers, that works to combine what was once called the Information Assurance Directorate and Signals Intelligence Directorate into a single, joint entity.

Although Rogers plan, known as NSA21, is intended to streamline operations, it has also spurred new concerns that the spy agencys defensive mission will receive even less resources in the future.

When the NSA goes through a change a lot of that discussion goes on because theres a big difference between offense and defense as far as the budget and so that was one of the big concerns that some folks vocalized, said Pitelli, I see a need, a bigger need for cybersecurity not just at NSA but for everybody.

The dual impact of NSA21s rollout and Dukes recent retirement has caused some confusion in government.

I know Curt voiced concerns that as we make this move [towards NSA21] there can be this perception that Oh well who do I call? And if they dont know who to call the question is, Well where did it go? Curt was really one of the great, visible icons of Information Assurance and he retired and so there is that time right now where we are waiting to find out whose going to be given the mantle next, Pitelli said.

Pitelli declined to specifically discuss the NSAs budget but said he would like to see Congress broadly allocate greater resources for cybersecurity writ large, across the entire government.

I will go so far as to say I would hope that the government not just at NSA, but the government really tries to allocate additional funds for the cybersecurity information assurance mission, Pitelli said. Alot of times people have lumped in their information assurance budgets with their IT budgets and the challenge I think youre seeing now is that we havent kept up with the budgets of cybersecurity.

Original post:
NSA cyber-defense chief: 'I have never been more busy' - FedScoop