A World On WatchFrom terrorist attacks to international cyber-hacks, our daily lives are filled with danger and rumors. Lt. Gen. (Ret.) Ronald Burgess ’74 interviews Adm. Michael S. Rogers ’81, director of the National Security Agency and commander of the U.S. Cyber Command, about some of the challenges facing our nation.
By Suzanne Johnson
In May, while planning a story on U.S. Navy Adm. Michael S. Rogers, we decided there could be no one better to interview him than Lt. Gen. (Ret.) Ronald L. Burgess Jr. After all, Rogers, a 1981 Auburn graduate originally from Chicago, is director of the National Security Agency,
commander of the U.S. Cyber Command and chief of the Central Security Service. (“You never know where life is going to take you,” he says.) Burgess, a 1974 Auburn graduate who grew up in Opelika and recently retired from the U.S. Army, last held the post of director
of the Defense Intelligence Agency and commander of the Joint Functional Component Command for Intelligence, Surveillance and Reconnaissance. Currently, he is senior counsel for National Security Programs, Cyber Programs and Military Affairs for Auburn University. Who wouldn’t want to be a fly on the wall while these two experts talk shop?
Join us as we listen in.
GEN.BURGESS: How did you as a young man from Chicago come to find yourself at Auburn University?
ADM.ROGERS: I had always wanted to be a naval officer— literally since I was 10, 11 years old. As I came out of high school, I was trying to get in the Naval Academy and, quite frankly, my grades just weren’t good enough. (Laughs.)
I couldn’t get in. I thought, well, maybe I can get an ROTC scholarship with the Navy, but my grades still weren’t good enough.
I come from a very working-class family. When I was a kid growing up, my father worked three jobs, so I thought I would take out loans, pay for school myself, and then join the Navy. I had decided at the time I wanted to be in forestry. I love the outdoors. So I went to the International Organization of Forestry and said: What schools do you recommend? I went to the Navy and asked five schools that were recommended for forestry and offered ROTC.
Michigan was too big, Minnesota was too expensive, Washington was too far away from home, and the University of Illinois was way too close to home. So I went down to visit Auburn between my junior and senior year and talked to a guy named Bob Strong, and Mr. Strong starts talking to me about the Auburn family. And then he tells my parents, “If [Mike] wants to get down early and get a sense for Auburn before school starts, I’d be glad to put him up in my house.” I just thought, what an amazing place.
So one of my first takeaways from Auburn was that it’s always about the power of people. It was an amazing place that was focused on people. I loved the Auburn family idea. The power of the Creed really resonated with me.
GEN.BURGESS: So how did those four years—not only in Naval ROTC but also at Auburn—how did that prepare you for the military and for the place you find yourself in today?
ADM.ROGERS: When I was at Auburn, I was the battalion commander in the ROTC unit. I learned about leadership; it was the first major leadership position I ever had. It taught you all about how to build a strong team, how to keep people focused on a goal. You got to learn how to deal with a whole lot of different people with different motivation levels. I really enjoyed that.
And that’s why I like the whole idea of the Auburn family. It doesn’t matter where you are in the world. Somebody says Auburn, and I’m in a crowd and I’m giving a speech or I’m just talking to people, and I will just yell out “War Eagle” or “War Damn Eagle”! And you’ll get a group that come back: “War Eagle, War Damn Eagle!”
GEN.BURGESS: Now you find yourself as the director of the NSA and the commander of U.S. Cyber Command. I think the role of the NSA as an intelligence agency has never been more critical than it is right now. What are the biggest challenges facing your organization today in terms of its mission–in terms of the cyber side of the house, the signals intelligence side of the house?
ADM.ROGERS: First, let’s talk about what NSA does. There are 17 different segments within the United States intelligence community. NSA is the largest, and it has a global footprint because it has a global mission. We are a foreign intelligence organization. We do not collect intelligence within the United States.
We have two primary missions: First, we use signals intelligence as a vehicle to generate insights as to what nation-states, groups and individuals are doing outside the United States that are of concern to our citizens, our friends and our allies around the world. The second mission for NSA is to apply those capabilities to generate insights to help defend the computer network systems of both the Department of Defense, which NSA is a part of, and the broader U.S. government. We’re also partnering with others to help defend our private infrastructure. So we’re responding to the Sony security breach and other issues like that in the private sector. I never thought I’d be doing that as the director, and yet that’s the world we find ourselves in.
I try to remind people that the NSA is focused on very specific missions that are driven by law and policy, and we always comply with the law and policy. We have a duty not only to generate insights to help protect our citizens, but we have a requirement
to recognize and defend their privacy and their rights as individuals. We cannot arbitrarily collect [intelligence] against anyone anywhere in the world. It doesn’t work that way. It’s illegal, and we can’t do it.
Part of our challenge in the post-media-leaks environment is to help educate the nation and have a broader dialogue about what NSA does and doesn’t do. NSA does not indiscriminately collect [intelligence] against U.S. citizens in the United States or around the world. NSA does not arbitrarily decide on any given day, well, today we’re going to collect against Bob, or Bill, or Betty, or Linda. It doesn’t work that way. We’re focused on generating insights to help defend our nation, not to try to systematically undermine the privacy of our citizens or their rights.
GEN.BURGESS: You talked about the entities that make up this United States intelligence community. And as those of us that have served know, our world fundamentally changed on 9/11 in terms of our focus, in terms of how we went about our business and our resourcing. All of that changed. So since 9/11, what are the challenges in cyberspace as you focus on that terrorism problem set?
ADM.ROGERS: Increasingly we’re dealing with this set of adversaries who employ the same systems and capabilities that you and I employ in our personal lives. They’re using the same programs on the same hardware using the same data paths that you are. Pick your email service provider, pick your social network app—they are using the same methods to communicate.
So part of our challenge is how do we generate insights as to what they are doing? And how do we access those communications paths, realizing that when we do this we’re going to encounter many people who are using the same path and the same software and hardware for very valid purposes, whether it be communicating in their personal lives or conducting business?
We operate in foreign space. We’re a foreign intelligence, not a domestic collection, organization. We’re not the FBI, which has responsibilities in the United States as a law enforcement entity. That is not us. But I’m the first to acknowledge that as we do our job in the digital world we’re all living in, we are going to encounter U.S. persons. How do we do that in a way that defends and supports the rights of those individuals and their privacy while at the same time enabling us to generate the insights that the nation needs to ensure those same individuals’ safety and security?
In the aftermath of the media leaks, I remind people the same document that talks about the importance of our rights as citizens also talks about the responsibility of the state to provide for the safety and well-being of its citizens and to defend the nation. So we’ve got to figure out how to make sure those very important principles outlined in the Constitution are addressed as we’re dealing with this incredibly complicated world in which—good and bad—we’re all out there driving on the same information highways.
GEN.BURGESS: You got your start in cryptology when you started in this field?
ADM.ROGERS: That dream I had when I was 10 or 11 of being in the Navy? I did it for about six years and then I decided to try something else. So I decided cryptology, this specialized field of intelligence, is what I would get into.
GEN.BURGESS: So how do you, as the director, keep an agency abreast of or, actually ahead of, technological changes?
ADM.ROGERS: We spend a lot of time partnering with other organizations in the private sector to talk about what they see coming in technology. What are you working on now that we won’t see in the marketplace for another two to five years? What are the broader trends that we think are going to shape the digital world we’re all living in five years from now? How do we, the NSA, try to get ahead of that, realizing that most of the technology we are trying to deal with is not developed by the government but by the private sector?
Relationships with the private sector are incredibly important. This is one area where I appreciate that, hey, we’ve got
an Auburn grad in the form of [Apple CEO and 1982 graduate] Tim Cook. I’ve had conversations with him where I say, “Hey, Tim, we come at this problem set from very different perspectives sometimes. I realize we have different roles, but I value your
perspective. Tell me what you see. What do you think is shaping the world in terms of the digital communications that we’re dealing with? What does the future look like?” And I try to do that with a variety of individuals.
It’s not unique to NSA. I would argue that at United States Cyber Command, my other primary responsibility, we try to do the same thing. Cyber Command’s mission is a little different. It is a very traditional military operational organization. And its mission set really is focused on both defending and operating the Department of Defense’s communications and digital networks, as well as its weapon systems, platforms and data sets.
In November of 2014, the North Koreans launched a destructive malware designed to destroy data and the hardware associated with Sony’s laptops and desktop computer systems. And it worked. Sony had a loss between the theft of intellectual property and physical damage in the tens of millions of dollars. Not an insignificant event. And Cyber Command was part of the response to that, partnering with others.
GEN.BURGESS: You mentioned Tim Cook with Apple. Because it’s an ongoing dialogue on the front page of the newspapers right now [following the terrorist attack in San Bernardino and the conflict over access to the terrorist’s iPhone], can you talk a little bit about the inherent conflicts that arise between data encryption and privacy and the requirements of national security? You know, help people understand that a little bit.
ADM.ROGERS: Clearly, I think, this is an issue of significant consequence to us as a nation and one where, from my perspective, you want our citizens to sit down and be part of the dialogue. I would argue that you don’t want intelligence organizations like NSA dictating this or deciding what the right answer is. Likewise, I don’t think you want private industry unilaterally deciding this. [The privacy versus security debate] is something that, collectively as a nation, we’ve got to decide what we are comfortable with.
As I’ve said, technology is doing amazing things for us in our everyday lives, and yet we live in a world where some want to use that same digital environment as a vehicle to generate harm and threat to our citizens and those of nations around the world. You saw how technology was used in Paris and Brussels to coordinate between groups in France or in Brussels and those back in Syria.
The challenge is realizing that as a nation we have these two incredible imperatives. The privacy and the rights of our citizens are foundational to our very concept as a nation. It’s not by chance that the first 10 amendments to the Constitution are the Bill of Rights, and the Bill of Rights doesn’t talk about or begin by focusing on the power of the government. The Bill of Rights focuses on the inherent rights of each and every individual.
And yet those same documents also talk about the role of the government in ensuring the safety, security and well-being of the citizens and of the nation. We’ve got to figure out, in this new world that we find ourselves in, how to do both. A challenge for us now is that technology has gotten way in front of our legal frameworks and our policy frameworks and we’re trying to catch up and have this dialogue about, what’s the right answer here?
The reason I’m interested in this dialogue happening now is that history would seem to suggest that in the aftermath of a major disaster—think 9/11—our emotions are up and we’re feeling the sense of loss and damage. That sometimes drives you to make choices you later regret. I don’t want to regret the choices we make here. We need to have that dialogue now. We need to figure out the right structure for us to put in place to deal with this admittedly very complicated issue.
GEN.BURGESS: So, we’ve talked a little bit about the world. We’ve talked about the technology. I mean, clearly, it’s all very complex and intricate. And you’re engaged every day in an ongoing set of issues because that’s the world in which we find ourselves. But you’ve just announced a major initiative here at NSA. Tell us a little bit about that initiative and what the American people ought to take from what it is you’re doing.
ADM.ROGERS: I’ve run these two organizations for just over two years now, but as I sat back after I’d been in the job about a year, I said to myself: How do we make sure that NSA 10 years from now is positioned to continue to generate those kinds of insights to help defend the nation? The world around us is changing. And we’ve got to change with it.
So I challenged the team to spend some time thinking about the world of 2025.
We spent about 10 months asking ourselves, what does the world of 2025 look like? What are the mission sets we’re going to be expected to execute? What are the skills we need to execute those missions? What are our citizens’ expectations going to be? And how do we generate that insight, again, in foreign intelligence and in information assurance or computer network defense?
We put a whole team together from across the organization that generated a little over 200 recommendations. We’re in the midst of implementing those changes. We call the overall program NSA21—NSA in the 21st century. We just started three months ago, and it’ll take us about two years. There are changes associated with our structure. There are changes associated with our priorities. There are changes associated with our ethos and our culture. This is probably the biggest set of changes that we have implemented at NSA since just before 9/11. I’ve always believed that as a leader, part of your job is not only to ensure that you are excelling in whatever the mission is today, but you are also asking yourself, how do I as a leader help position this organization for the future? I don’t want to wake up one day and be part of the team asking ourselves, “What happened? We used to be the best. And now we’re just good.”
I don’t want to be just good. The nation needs us to be better than just good. To do what the nation expects of us and what the nation needs from us, we have to be great at what we do. I want NSA to continue to be great. And I know the men and women of NSA are committed to that goal as well.
Special thanks to Lt. Gen. Burgess and his staff at Auburn, and Adm. Rogers’ staff in Washington, D.C., for their assistance in setting up the interview. See interview photos: auburnmagazine.auburn.edu.