National Security Agency Director Dodges Cybersecurity Questions

2015-02-23T180129Z_1023486919_GM1EABK1TK601_RTRMADP_3_USA-CYBERSECURITY
Admiral Michael Rogers gave vague answers to technology experts about agency activity. Joshua Roberts/Files/Reuters

"[W]e have got to be willing as a nation to have a dialogue," said the National Security Agency (NSA) director to a conference of technologists and security experts in Washington, D.C., on Monday. But when members of the audience asked U.S. Navy Admiral Michael Rogers questions, the interactions only illuminated the fractured relationship between the technology industry and the intelligence community.

Recent reports allege that the NSA embedded spy software within the products of top hardware manufacturers and, in partnership with its British counterpart, stole the encryption keys of a major SIM card producer. When asked about these government-led security breaches of top technology companies, Rogers dodged the question by saying, "Clearly I'm not going to get into the specifics of allegations. But the point I would make is, we fully comply with the law."

He was similarly short when Yahoo Chief Information Security Officer Alex Stamos, asked if Rogers shared the same belief as FBI Director James Comey that technology companies, such as Apple and Google, should build defects into their devices' encryption so the government can access customers' data. "That would be your characterization," he said with a smile. Rogers continued, saying that despite technologists' claims that building vulnerabilities makes the whole system weak, creating government access is "technically feasible" and should be done within a framework. "I think we can work our way through this," he concluded without elaboration.

What Rogers did make clear, however, is the fact that he believes U.S. Cyber Command is lagging behind in terms of building its cyber defenses and creating a framework for when and how to engage. "We're not mature, and we're clearly not where we need to be," Rogers said. "I just think, between a combination of technology, legality and policy, we can get to a better place than we are now."