NSA's Rogers makes the case for cyber norms

Michael Rogers

Adm. Michael S. Rogers said Iran "has demonstrated a clear ability to learn from the capabilities and actions of others."

Clearer international norms and concepts of deterrence can help prevent cyber conflicts from spiraling out of control, National Security Agency Director Adm. Michael Rogers told a crowd of cybersecurity professionals Feb. 23.

Those words might have sounded more familiar coming from a State Department official than the man in charge of the U.S. offensive cyber capabilities and its global intelligence-collection enterprise. But Rogers, citing conflicts in Georgia, Ukraine and Iraq, said nearly every recent war has had a cyber dimension to it, lending urgency to the need for "norms of behavior" and "concepts of deterrence."

A recently revealed NSA document underscores the potential of cyber espionage to escalate. The classified document, leaked by former NSA contractor Edward Snowden and published by The Intercept, reveals the NSA has been concerned that Iran’s cyber capabilities have improved because of a cyberattack against Iran itself. Tehran "has demonstrated a clear ability to learn from the capabilities and actions of others," the document states.

"Escalation is not something that is unique to the domain of cyber," Rogers said at a New America Foundation conference in Washington, D.C. "So, just as we have developed frameworks over time to help us address the issue of escalation in a more kinetic, more traditional world," the same will have to be done in cyberspace.

Rogers would not comment further on the Iranian revelation, nor a recent Reuters report attributing to the NSA a global cyber espionage program that has infected computers in more than 30 countries.

Asked to define a "cyber Pearl Harbor," a phrase used in 2012 by then-Defense Secretary Leon Panetta, Rogers replied: "An action directed against infrastructure within the United States that leads to significant impact -- whether that’s economic, whether that's in our ability to execute our day-to-day functions as a society, as a nation." He added that the hack of Sony Pictures Entertainment last November met that dire criteria. Movie studios fit into the U.S. government’s broad definition of critical infrastructure.

In succeeding retired Gen. Keith Alexander last year, Rogers became the second official to head both the NSA and the U.S. Cyber Command, the latter of which was formally set up in 2010. Cyber Command’s mission includes defending Defense Department networks and, when directed, carrying out attacks on foreign cyber assets. NSA’ mission includes global intellection collection and information assurance.

Some critics have taken issue with the two organizations' convergence. A technology and privacy review panel appointed by President Barack Obama in 2013 advised against having one official head the NSA and Cyber Command, but the administration rejected the recommendation.

Rogers defended the unity of NSA and Cyber Command as crucial to cybersecurity. "Given where U.S. Cyber Command is in its maturity and its journey right now, it needs the capabilities of the National Security Agency to execute its mission to defend critical U.S. infrastructure and to defend the department's networks," he said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.