by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : October 2013
CYBEREYE BY WILLIAM JACKSON "I NEED YOU," National Security Agen- cy Director Gen. Keith Alexander said sev- eral times to his audience at the National Press Club recently. He needs the support of industry and the public in order to protect the nation from cyberattacks and terrorism in the face of growing concern over his agency's wholesale collection of domestic data. Alexander also spoke about the need to migrate the Defense Department's 15,000 network enclaves to a more defensible architecture based on a thin, virtual cloud environment and about the need for legislation spelling out clear rules of engagement for protecting civilian cyber infrastructure and for cyber threat information sharing. But most of his talk focused on troublesome media leaks that threaten to hogtie the agency. Data culled from the nation's telephone and Internet carriers is crucial to thwart- ing foreign attacks, he said, but these programs are being threatened by what he called sensationalized and inflamed stories coming from the leaks. "Talk about the facts," he pleaded. "We need to get the facts out about why we need these tools." He then proceeded to give his lat- est version of the facts. But it is getting harder to trust him when his version has to be updated every month in the wake of new revelations about NSA activities. This is a shame, because it is getting in the way of the NSA's genuinely important work of gathering foreign intelligence and protecting the government's cyber infrastructure. "I promise you the truth," Alexander said back in July during his opening key- note address at the Black Hat Briefings. One of those truths was that "no one at NSA has ever gone outside the boundar- ies we've been given," in its collection and analysis of domestic data. Well, not exactly. Two months later, speaking at the Billington Cybersecurity Summit in Washington on Sept. 25, he acknowledged 12 willful violations of the agency's legal authority. However, "we held ourselves accountable and we re- ported it," he said. But not to the Ameri- can people or to Congress until after it was publicly reported in August. And then there were the 2,776 "incidents" that came out in the Au- gust release of declassified secret court records. These were just mistakes, he said in September, and "if we make a mistake, we self-report it in every case." "Self-reporting" at the NSA apparently means reporting to itself, because it didn't report this to the public or to Congress. Alexander, as usual, mentioned his 15 grandchildren during his talk. If you can't trust a guy with 15 grandchildren, who can you trust? But he seemed unusually subdued. It could have been the recent dental surgery that had left one side of his jaw a little swollen. But it also might have been the three months of stress from the drip, drip, drip of revelations from those leaks. Publicly defending an agency that has spent decades in the shadows must be unnerving. "We do the right thing in every case," he said. "We're trying to be more trans- parent." That would be easier to believe if he didn't have to update his version of the truth every month. • NSA WANTS TRUST, BUT HAS THE AGENCY EARNED IT? 34 GCN OCTOBER 2013 • GCN.COM During the recent Black Hat conference in Las Vegas, Lieber- man Software polled nearly 200 IT security pros on the subject of state-sponsored cyberattacks. The results weren't very comforting. FEARS OF STATE-SPONSORED ATTACKS 58% 74% 96% 62% 52% said they believe the United States is losing the battle against state-sponsored attacks. believe that the hacking landscape is going to get worse over time. are not confident that their IT staff could detect the presence of an attacker. are not confident that their own networks have not already been breached by foreign state-sponsored hackers. are not confident that their IT staff could detect the presence of an attacker.