Greg Bednarski, Chief of Cyber Policy and Strategy at the National Security Agency’s Cybersecurity Directorate, Emphasizes NSA’s Expanded Cyber Outreach
By Jorge González-García
Speaking at the January 2022 NSF-ISR Information Security Symposium, he talked about his agency’s increased efforts to engage private sector partners in efforts to protect against increasing cyber-attacks.
“We want the American people to trust us. And in order to trust us, they have to know us.” This is a quote shared by Greg Bednarski, Chief of Cyber Policy and Strategy of the National Security Agency’s Cybersecurity Directorate at the January 2022 NSF-ISR Information Security Symposium.
The words were spoken by Michael Hayden, former director of the NSA and CIA. They underscore the rationale for increased collaboration with private sector partners as part of the agency’s overall mission. Bednarski describes it like this: “Prevent and eradicate cyber threats to U.S. national security systems and critical infrastructure.”
A big job made more challenging in today’s interconnected world. The NSA is in the business of global signal intelligence gathering, analysis and encryption. Think internet and mobile phone communications in various forms zooming around the planet. A complex challenge, in contrast to the agency’s simple motto: ‘Defending our Nation. Securing the Future.’
NSA’s critical mission takes a lot of experts and a lot of money. It’s part of the Department of Defense and employs about 32,000 highly-trained staff at its sprawling complex located at the Army’s Fort Meade in Maryland. That’s where the vital work of global intelligence gathering, processing and encryption takes place.
Bednarski came to the NSF-ISR Information Security Symposium with a compelling message. “We’re going to have a director of cybersecurity and pull in everything that’s related to cybersecurity into that directorate. And the mission is to prevent and eradicate cyber threats to U.S. national security systems and critical infrastructure.”
This is not the inward-looking, low-profile NSA of years past. This is the outward-looking and collaborative NSA a new cyber landscape requires. Bednarski and his NSA team’s outreach effort is in direct response to the increasing risk of rising cyber threats. And it acknowledges a basic truth: The nation’s cybersecurity chain is only as strong as it’s weakest link.
“We have several advantages that we bring to this cybersecurity effort,” he says. “One is our people. We have a highly skilled, technical work force focused on preventing bad things from happening. Two, we make and break codes. And we break the codes of adversaries. And we are also an intelligence agency. All to protect vital national security systems.”
It’s important to remember that the agency’s two-fold mission also involves protecting the country’s critical infrastructure. A large part of which is managed by private sector partners. In Bednarski’s view, building active industry partnerships is not just helpful, but critical given the challenging worldwide cybersecurity environment.
“The NSA has always had two missions,” he explains. “One is the signals intelligence, electronic surveillance on other nations. The other used to be called information assurance but is now referred to as cybersecurity. And this is the part of the mission that we have really turbocharged over the past several years.”
Which is why Greg Bednarski, NSA’s policy and strategy chief, is reaching out to private sector members of the cybersecurity community. He knows a smart strategy for protecting U.S. security agencies and critical infrastructure has to include collaboration with tech industry partners. People have to know you first, so they can begin to trust you.
© Copyright, Jorge González-García, October 2023