RealTime IT News

NSA Honcho Advocates Security Collaboration

LAS VEGAS -- Last year, the FBI kicked off Black Hat with a keynote. This year, it was the NSA.

Tony Sager, chief of the vulnerability analysis and operations group in the Information Assurance Directorate for the National Security Agency (NSA), took the stage this morning at Black Hat to discuss what his agency is doing to secure the nation.

In stark contrast, Black Hat founder Jeff Moss took the stage in an adjoining keynote room to level some harsh words against the U.S. government for barring entry to one of the event's top speakers.

The government likes the security community, according to Sager, whose IAD is charged with identifying and neutralizing vulnerabilities found in the IT operations of the Department of Defense and other federal agencies.

Sager said he has been with the NSA for nearly 30 years and a lot has changed in that time with regard to the way the government looks at IT security.

In the late 1970s, providing security to the government was a monopoly business for NSA.

"Primarily the business of the NSA was producing things that would protect information in transit," Sager said. "When we found issues, we would just design away the risk in those days."

Fast forward 30 years, where there is now a global network that has both government and public information, good guys and bad guys. Sager said the NSA is now focused less on what the government does uniquely than on the security of commercial products.

For example, the government is shifting from building things to being more directly involved in sharing and collaboration on security information.

"The way we think about a vulnerability at the national level is that it's not any one problem -- it's everything physical, including signaling and operation," Sager said. "We think of it as full spectrum vulnerability finding."

Enlisting the help of others is a big challenge though.

"If you're going to change the world of information security, you need to change lots of things across the spectrum and include the practitioners, users, buyers, suppliers and authorities," Sager said.

The bottom line for Sager is that he wants to unite security experts to work together.

The NSA is working on something called the Security Content Automation Program (SCAP). SCAP, focused on compliance and security management, is evolving. .

"Interest has grown, standards are maturing and a lot of work is still to be done for building the framework for moving vulnerability information around," Sager said.

"If we're going to deal with this problem at the national level we need to organize the content and stop thinking about us as individuals and a big part of that is about standardizing the raw data."

Though Sager and his branch of the NSA wants to work with Black Hat, U.S. Customs and border control may be somewhat less willing.

Noted Black Hat presenter Halvar Flake was denied entry to the U.S. after landing in Detroit and was returned to his native land of Germany. According to a blog post by Flake, he was denied entry due to an issue with his H1B-Visa status.

Black Hat founder Jeff Moss said in his opening remarks to the conference that the Black Hat conference relies on foreign speakers.

"If they have a hard time getting into the country we'll all suffer," Moss said.

Moss added that he's nervous about the situation and urged Black Hat attendees to write letters to their members of Congress.

"This is the next danger I have to watch out for," Moss said. "We're a community and Halvar is not the kind of person we want to be keeping out the country."