Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US

#### [CSO](/security/cso/)**8** Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US=========================================================================================**8** Plus AI in the infosec world, why CISA should know its place, and more———————————————————————-[Iain Thomson](/Author/Iain-Thomson ‘Read more by this author’) Sun 23 Mar 2025 // 13:04 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US) [](https://twitter.com/intent/tweet?text=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US&url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US&summary=Plus%20AI%20in%20the%20infosec%20world%2c%20why%20CISA%20should%20know%20its%20place%2c%20and%20more) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) Interview Russia appears to be having second thoughts on how aggressively, or at least how visibly, it attempts to influence American elections, according to a former head of the NSA.> I wonder if the Russians have said to themselves, ‘Look, we think there’s a return to be made, but perhaps being overly aggressive … overly visible isn’t in our best interest’Mike Rogers is a retired US Navy admiral who was head of the surveillance agency and US Cyber Command between 2014 and 2018; his Navy career spanned decades. Since leaving the service, he has held roles in the commercial security space, and is now operating partner at Israeli security investment group Team8.He spoke to *The Register* this month about American politics and adversaries including Russia; the effect of AI on the threat landscape; and the balancing act between government and commercial security.***The Register* : In 2018 you [testified](https://www.theregister.com/2018/02/27/nsa_russia_election_hacking/) in front of Congress that we could face a repeat of election interference by foreign powers because recommendations were not followed? How did things look to you in the 2024 election?****Rogers:** First of all, the good news is that it doesn’t appear that the Russians, or other nations, have accelerated or significantly increased in either level of effort or the breadth of capabilities being applied on election influence. That doesn’t mean they’re not making an effort, but if you looked at 2016 and you argued it was an indicator of the future, yeah, it hasn’t quite worked out that way. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cso&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z-BaXLAaK-cNNLYbqH5LFwAAAoc&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0)I suspect there’s a variety of reasons, mainly that governments have been much more focused on election security. I wonder if the Russians have said to themselves, ‘Look, we think there’s a return to be made, but perhaps being overly aggressive isn’t in our best interest. Being overly visible isn’t in our best interest.’ ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cso&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z-BaXLAaK-cNNLYbqH5LFwAAAoc&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0)Now, no one should take from this that I’m saying you don’t have to worry about election security, absolutely not. I’m just highlighting that I am a bit surprised that it hasn’t been a little bit more aggressive.***The Register* : We’ve recently seen [layoffs](https://www.theregister.com/2025/03/12/cisa_staff_layoffs/) at the US government’s Cybersecurity and Infrastructure Security Agency, aka [CISA](https://www.cisa.gov/about), and it’s an organization the NSA works with regularly. What’s your view on the future of the agency?** ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cso&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z-BaXLAaK-cNNLYbqH5LFwAAAoc&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0)**Rogers:** The right answer is, we should downsize them and tell them, ‘Hey don’t investigate disinformation and misinformation efforts as part of your mandate. We think you’re focused on the wrong thing. We don’t think that should be a primary focus.’ I think that’s the message that CISA is receiving at the moment.CISA was a great organization, well, is a great organization. It does an awful lot. They inform enterprises and individuals about what the coming threats are. Can they not just get back to pure security?* [Deputy boss of Homeland Security says CISA needs to be reined in](https://www.theregister.com/2025/02/26/dhs_cisa_doge/)* [Homeland Sec: Election trolling none of CISA’s concern](https://www.theregister.com/2025/01/18/cisa_election_security_isnt_political/)* [Infosec was last item in Trump’s policy plan, yet major changes are likely on his watch](https://www.theregister.com/2025/01/22/trump_cyber_policy/)* [So, Russia no longer a cyber threat to America?](https://www.theregister.com/2025/03/04/russia_cyber_threat/)***The Register*: There were reports, now denied, that US Cyber Command was halting efforts against Russia. What’s your take on that?****Rogers:** I’m not in the government now, but I will only say during my time we have those kinds of conversations, both in terms of what assistance we can provide, but also what can we learn. It’s one of the premises behind Cyber Command — persistent engagement.We gained so much more insight, so much more knowledge of the adversary when we’re watching and interacting with that adversary in areas other than just the United States, and we create a greater sense of awareness, knowledge, insight, by partnering with those nations going forward while we’re doing it.So we argued that at Cyber Command and it has been adopted as a strategy. It’s been that way now for six, seven years, that there’s a lot to be gained by persistent engagement. Just sitting in the United States waiting for the adversary to come after our networks never works.***The Register*: What do you think is the role of the government in IT security matters?****Rogers:** I believe that the US government has a role in cybersecurity. Now you can get into a debate about what that role looks like, which is all very fair. You can’t achieve cybersecurity at a national and an international scale, you can’t achieve the level of cyber resilience we need as a society without the help and focus of the government.I don’t think the answer is the government does everything. But on the other hand, the government does have some unique roles. ![schneier](https://regmedia.co.uk/2025/02/06/schneier.jpg?x=174&y=115&crop=1)Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy’s still screwed————————————————————————————READ MOREThink about its intelligence capabilities. Think about the deep expertise that it has within its different organizations around cybersecurity. Think about the government’s unique role in terms of regulation, think about the government’s ability to incentivize outcomes. Those are all important things that are very unique in some ways to the government and should play an important role in a cybersecurity strategy for a nation. [](https://regmedia.co.uk/2025/03/11/rogers.jpg)![Mike Rogers](https://regmedia.co.uk/2025/03/21/handout_mike_rogers.jpg?x=648&y=475&infer_y=1 ‘Mike Rogers’)Ex-NSA boss Mike Rogers … Credit: Scott Wagner***The Register*: You are in the commercial sector yourself now. What’s your key focus at Team8?****Rogers:** We started to get into fintech, healthcare and investment. I think with healthcare, just look at the way that segment is growing. I think in the United States it’s something like 20 percent of GDP – we’ve got an aging world.I think the view was also that much of the work we’re doing in cybersecurity might also have applicability in the fintech world as well. And so, you know, we started to get into fintech several years ago.I think you see a broad awareness among companies, whether it’s in fintech or other sectors, that security is a fundamental dimension of the business model that you have to account for. The challenge, to me, is to say okay, if that’s true, then what’s the best strategy to execute it? What’s the appropriate level of investment, what’s the right risk? ![A combination of ex-NSA Rob Joyce, President Xi, and Elon Musk](https://regmedia.co.uk/2025/03/05/shutterstock_elon_xi_joyce.jpg?x=174&y=115&crop=1)Ex-NSA grandee says Trump’s staff cuts will ‘devastate’ America’s national security———————————————————————————–READ MORE***The Register*: What are your thoughts on AI and its role within information security? Because we’ve seen an awful lot of hype over this, but very little action?****Rogers:** So the offensive application, I think, has been greater than the defensive application so far. What I’m hoping is that changes over time, and that as we become more comfortable with this technology, as we develop a set of regulatory and procedural frameworks that increase our level of comfort in terms of its application, and get more aggressive, I think that’s how it’s going to work out. That’s certainly what I hope personally.You see AI being used to generate code. There is no doubt about it, for example, and I have seen it used more that way by the penetrators than I have the defenders.Now I do see over time, AI is going to fundamentally change the way we write code. I just think it’s going to enable us to do it at a scale and speed that far surpasses the current structures. And so I see us doing it very differently over time, and that’ll have a disruptive effect on our workforce, the skill sets, who we hire for what jobs and so on. ® **Get our** [Tech Resources](https://whitepapers.theregister.com/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US) [](https://twitter.com/intent/tweet?text=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US&url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US&summary=Plus%20AI%20in%20the%20infosec%20world%2c%20why%20CISA%20should%20know%20its%20place%2c%20and%20more) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [Government](/Tag/Government/)* [NSA](/Tag/NSA/)* [Security](/Tag/Security/) More like these × ### More about* [Government](/Tag/Government/)* [NSA](/Tag/NSA/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybercrime](/Tag/Cybercrime/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Federal government of the United States](/Tag/Federal%20government%20of%20the%20United%20States/)* [Firewall](/Tag/Firewall/)* [Government of the United Kingdom](/Tag/Government%20of%20the%20United%20Kingdom/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Insider Trading](/Tag/Insider%20Trading/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [Sector](/Tag/Sector/)* [United States Department of Defense](/Tag/United%20States%20Department%20of%20Defense/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US) [](https://twitter.com/intent/tweet?text=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US&url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Ex-NSA%20boss%3a%20Election%20security%20focus%20helped%20dissuade%20increase%20in%20Russian%20meddling%20with%20US&summary=Plus%20AI%20in%20the%20infosec%20world%2c%20why%20CISA%20should%20know%20its%20place%2c%20and%20more) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/03/23/nsa_rogers_russia/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) **8** COMMENTS #### More about* [Government](/Tag/Government/)* [NSA](/Tag/NSA/)* [Security](/Tag/Security/) More like these × ### More about* [Government](/Tag/Government/)* [NSA](/Tag/NSA/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybercrime](/Tag/Cybercrime/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Federal government of the United States](/Tag/Federal%20government%20of%20the%20United%20States/)* [Firewall](/Tag/Firewall/)* [Government of the United Kingdom](/Tag/Government%20of%20the%20United%20Kingdom/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Insider Trading](/Tag/Insider%20Trading/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [Sector](/Tag/Sector/)* [United States Department of Defense](/Tag/United%20States%20Department%20of%20Defense/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### Ex-NSA grandee says Trump’s staff cuts will ‘devastate’ America’s national securityVideo Would ‘destroy a pipeline of top talent essential for hunting’ Chinese spies in US networks, Congress toldPublic Sector18 days -| 57](/2025/03/05/us_government_job_cuts_nsa/?td=keepreading) [#### Consumer Reports calls out slapdash AI voice-cloning safeguardsStudy finds 4 out of 6 providers don’t do enough to stop impersonationAI + ML13 days -| 7](/2025/03/10/ai_voice_cloning_safeguards/?td=keepreading) [#### RIP Mark Klein, the engineer who exposed US domestic spying ops after wiring it upAT-&T engineer, and the Deep Throat of the network age, dies at 79Networks8 days -| 38](/2025/03/15/rip_mark_klein/?td=keepreading) [#### AI puts value in data. So how do we get it out?How HPE is helping to manage storage complexitySponsored Feature](/2025/03/20/ai_puts_value_in_the/?td=keepreading) [#### China’s Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targetsUpdated They’re good at zero-day exploits, tooPublic Sector18 days -| 17](/2025/03/05/china_silk_typhoon_update/?td=keepreading) [#### Microsoft isn’t fixing 8-year-old shortcut exploit abused for spying’Only’ a local access bug but important part of N Korea, Russia, and China attack pictureResearch5 days -| 41](/2025/03/18/microsoft_trend_flaw/?td=keepreading) [#### Too many software supply chain defense bibles? Boffins distill adviceHow to avoid another SolarWinds, Log4j, and XZ Utils situationSecurity3 days -| 10](/2025/03/20/software_supply_chain_defense/?td=keepreading) [#### CISA pen-tester says 100-strong red team binned after DOGE canceled contractUpdated Election infosec advisory center also shutteredPublic Sector12 days -| 163](/2025/03/12/cisa_staff_layoffs/?td=keepreading) [#### Judge orders Feds rehire workers falsely fired for lousy performanceVeteran of Oracle vs Google Java trial fumes over ‘gimmicks’ and ‘sham’ argumentsPublic Sector10 days -| 107](/2025/03/14/government_jobs_ruling/?td=keepreading) [#### Court filing: DOGE aide broke Treasury policy by emailing unencrypted databaseMore light shed on what went down with Marko Elez, thanks to NY AG and co’s lawsuitCSO6 days -| 121](/2025/03/17/doge_treasury/?td=keepreading) [#### This is the FBI, open up. China’s Volt Typhoon is on your networkPower utility GM talks to El Reg about getting that call and what happened nextCyber-crime11 days -| 20](/2025/03/12/volt_tyhoon_experience_interview_with_gm/?td=keepreading) [#### Expired Juniper routers find new life — as Chinese spy hubsFewer than 10 known victims, but Mandiant suspects others compromised, tooCyber-crime11 days -| 5](/2025/03/12/china_spy_juniper_routers/?td=keepreading)

Related Tags:
Playcrypt

Play

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 923 – Administration Of Human Resource Programs

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 92 – Public Administration

NAICS: 922 – Justice

Public Order

Safety Activities

Impersonation

Associated Indicators:

Threat Intel Solutions

Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US

Search

Popular Posts

Dangerous runC flaws could allow hackers to escape Docker containers

Lost iPhone? Don’t fall for phishing texts saying it was found

NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features

Categories

Pages

Archives

Tags

Follow Us