Former NSA director credits focus on election security for deterring Russia

Former NSA head Mike Rogers observed a possible shift in Russian election interference behavior towards a less aggressive and visible approach. Rogers speculated that the Kremlin might believe that it is not in their best interest to be overtly aggressive in meddling with American elections. This observation comes after Rogers served as the head of the surveillance agency and US Cyber Command from 2014 to 2018, emphasizing the need for a balance between government and commercial security.

Addressing the issue of election security, Rogers noted that, despite efforts from foreign powers like Russia, there has not been a significant escalation in interference during the 2024 election compared to previous instances. He credited the increased focus on election security by various governments as a factor that may have dissuaded Russia from intensifying their meddling efforts. Rogers remarked that although election security remains a concern, he had expected a more aggressive approach from adversaries.

In a discussion about the future of the Cybersecurity and Infrastructure Security Agency (CISA), Rogers implied that CISA should reconsider its primary focus. Rogers suggested that CISA should prioritize cybersecurity over investigating disinformation and misinformation efforts. He commended CISA as an organization that informs enterprises and individuals about upcoming threats, proposing a return to their core mission of cybersecurity.

Regarding reports that US Cyber Command may have halted efforts against Russia, Rogers highlighted the importance of persistent engagement as a strategy to gain insights into adversarial activities outside the United States. By collaborating with other nations, Rogers believes that the US can enhance its awareness and understanding of cyber threats. He stressed the significance of continuous engagement to prevent cyber-attacks on US networks.

Reflecting on the role of the government in cybersecurity matters, Rogers acknowledged the government’s unique capabilities in intelligence gathering, expertise in cybersecurity, and regulatory influence. He argued that achieving national and international cybersecurity resilience requires government involvement, although he cautioned against the government assuming full responsibility. Rogers emphasized the government’s potential to incentivize outcomes and regulate cybersecurity efforts to mitigate threats effectively.