UNIVERSITY PARK, Pa. — During a visit to Penn State’s University Park campus in November, retired Navy Admiral Michael Rogers, former director of the National Security Agency and former commander of the U.S. Cyber Command, sat in front of a packed auditorium of about 200 people and posed a question that would resonate throughout the evening’s discussion:
“What are the implications of technology on national security? What is this ecosystem that we’ve created?”
A guest of the Center for Security Research and Education (CSRE), Rogers brought his vast experience and insight to the Lewis Katz Building, home of Penn State Law and the School of International Affairs, for an engaging question-and-answer session with the audience, which included Penn State students, professors, administrators, and local community members. The wide-ranging conversation that ensued touched on a host of complex national security issues brought on by the digital age—including the threat of cyberattacks by foreign countries, large-scale data collection and the balance between security and privacy, the use of cryptocurrency to fund criminal organizations, and the role of social media as a vehicle for disinformation and radicalization, to name just a few.
Many of the questions focused on individual issues such as the NotPetya cyberattack, North Korea’s hacking of Sony, and the Trump administration’s cyber strategy. These specific cases, however, led to a larger conversation about what an effective cyber deterrence model should look like.
One of the biggest differences between traditional, Cold War-era nuclear deterrence and modern cyber deterrence strategies, Rogers said, is that “we are no longer just talking about nation versus nation; ubiquitous technology is readily available to both state and non-state actors.”
An added—and important—complication is that, as a global society, we have not yet determined a universally agreed-upon definition of what constitutes an “act of cyber war.”
With these difficulties in mind, Rogers proposed a shift away from the passive approaches to cyber strategy that the United States has traditionally relied on. Although he cautioned that war should always be a last resort, he argued that we must change the current dynamic and dialogue with countries such as China, North Korea, and Russia.
Part of the answer, Rogers said, lies in developing a robust set of responses that are proportional to the initial aggression—much like how we weigh military options in response to traditional acts of war and other kinetic attacks.
“The key is to convince [both state and non-state actors] that the price they will pay is greater than the value of the cyberattack,” Rogers said.
With so much talk about the digital dangers facing us as a nation and as individuals, it was perhaps inevitable that someone would ask the question: What is the biggest threat to U.S. national security?
Instead of responding with a cut-and-dried answer, Rogers challenged the audience to think about global issues more broadly and to appreciate the nuances of cybersecurity, international affairs, and the rule of law.
“I encourage you to look at the world as a spectrum of opportunities and challenges,” he said.
Rogers assumed his duties as director of the NSA and commander, U.S. Cyber Command, in March 2014. In these roles, he participated in the most significant national security issues facing the nation. He retired in June after a 37-year career in the Navy in which he also served as commander, U.S. Fleet Cyber Command / U.S. 10th Fleet, and director for intelligence for both the Joint Chiefs of Staff and U.S. Pacific Command.
The Center for Security Research and Education (CSRE) reflects Penn State’s commitment to focusing the full range of interdisciplinary academic endeavor on the threats facing our world today.
CSRE has two primary focus areas. First, because security challenges consistently have social, scientific, and technological dimensions, CSRE brings scholars from diverse disciplines together to pursue holistic, interdisciplinary research and solutions. Second, because public understanding enhances security, CSRE works with Penn State faculty and outside experts to educate policy-makers, the media, the public, and Penn State students on the critical security issues of the day.