NSA Official Says Cybersecurity Starts At The Top

Information management, not hygiene and patching, is the most important piece of cybersecurity according to NSAs vulnerability analysis chief.

Strategic Security Survey: Global Threat, Local Pain

(click image for larger view and for full photo gallery)
The path to improved cybersecurity starts with better enterprise-level information management, Tony Sager, chief of the vulnerability analysis and operations group at the National Security Agency, said Tuesday in a keynote presentation at a government cybersecurity conference.
Spending 90% of the money on things like hygiene and patching is all wrong, Sager said at the federal governments annual Security Automation Conference. You have to solve the problem at the enterprise level, at the best practices, at the configuration management level. The future of cyber-defense is really about information management.
Sagers organization manages NSAs red and blue teams of security pros that probe and prod government networks for security holes. It also develops NSA security guides, works collaboratively with other agencies on wider security standards, and helps carry out the military academies annual Cyber Defense Exercise. Broadly, the groups mission is to look for vulnerabilities and develop security standards.
In his own organization, Sager is trying to drive this point home by teaching red teams that their purpose isnt just to get better at hacking into networks and systems but to translate the problems they find into the language that IT pros and managers use to secure their networks broadly. We send them in, turn them loose -- and theyre really good at what they do, theyll find a problem -- and they’ll tell you exactly how to stop them from coming in next time, but thats not going to solve the problem, he said. Whatever solution they offer will be undone next patch Tuesday or next time someone twists a knob somewhere.
Sager said that information sharing is vital in terms of protecting networks everywhere. If its happening to you, then chances are that it happened to someone else yesterday and will happen to someone else tomorrow, he said, implying that the old norm of hiding successful attacks because of fear of embarrassment or lost business isnt productive. There aren’t that many new surprises. Its just not communicated well from place to place.
He also said that its important to think about cybersecurity from frames of reference that typical cybersecurity professionals dont normally think about. Think about the trouble ticketing system or the licensing system, for example, he said. If VMs are crashing at a much higher rate than they were last month or obscure versions of programs are being run, might that indicate that something is going on?
Sager also noted that his closeness to NSAs cybersecurity work enables him to see a lot of bad guys, and that his observations have led to a few more ideas about how to stop malicious hackers. The ability to manipulate and raise uncertainty of the bad guy is a critical piece of defending networks going forward, he said. Our goal is and should be to raise their cost, raise their uncertainty and force them into decisions they dont want to make in order to have them expose themselves.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
NSA Official Says Cybersecurity Starts At The Top