Politics keeps the U.S. from securing private-sector networks, says former CIA chief Robert Gates

Gates, also a former U.S. Secretary of Defense, also regaled the IT audience at the Gartner Symposium/ITxpo with tales of old tech, including helicopter pilots having to grab film capsules before they hit the ground.

ORLANDO, Fla. -- A person who had access to the nation's deepest secrets, Robert Gates, the former CIA chief and U.S. Secretary of Defense from 2006 to 2011, is lot more open in retirement.

Gates had the crowd at the Gartner Symposium/ITxpo laughing over his observations about IT and applauding at some of the things he believes in.

On stage here, for instance, Gartner analyst Richard Hunter fired off questions, asking at one point whether Edward Snowden, the former security contract employee who in 2010 took thousands of classified documents, was a "traitor or hero?"

"Traitor," said Gates, prompting applause from the audience of IT managers, who routinely deal with their own insider and outsider threats. As the applause faded, Gates added: "And he hasn't been given sanctuary in Russia for nothing."

Gates, whose military career extends back into late 1960s, regaled the audience with some ancient technological stories.

For instance, before the era of digital photography, the U.S. sent satellites with cameras and Kodak film to take pictures. Once the film was used up, the satellite would eject a film-bearing capsule, which deployed a parachute on its way to the Pacific Ocean.

It was the job of the pilot of a Lockheed C-130 Hercules to use a hook to capture the capsule before it hit the water. "Woe to the pilot who missed the canister," said Gates, to audience laughter.

When digital photographic capability arrived in the 1970s, the intelligence agencies faced new problems, namely managing and analyzing the volumes of data. Problems of this sort helped propel IT spending by defense, sometimes to dead ends.

"I have wasted more taxpayer money on IT than anybody in history," said a smiling Gates to an applauding audience.

On a more serious note, Gates argued that the U.S. has the technological capability to help protect private-sector networks, but policy disagreements and politics are preventing it.

Gates divided cyber threats into four areas. There is the collection of data for national security purposes, something the U.S. has been doing since the Civil War when it tapped into telegraph lines.

The second threat is acquiring information for economic advantage. There are two dozens countries that do this, said Gates. "Until the Chinese really got busy at it, the best in the world probably were the French."

But Gates said the U.S. and U.K. do not engage in this type of economic spying. "We do not collect information to advantage our domestic companies," he said.

The third area is simple cyber crime, and fourth is cyber as a defensive weapon: Disabling networks, denial of service and other attacks.

Gates says the Department of Defense does a "pretty good job" defending its networks in the .mil world. The areas most at risk are .com and .gov networks.

In 2010, working with the Department of Homeland Security, Gates said they developed a plan to allow DHS to appoint a deputy director at the National Security Agency, The deputy director would have ability to task the NSA to protect a private network when under attack from a foreign source. President Barack Obama approved the plan.

But once other agencies and lawmakers learned of the NSA plan, opposition arose and it was never implemented. Business cooperation was needed as well.

This approach was needed, argued Gates.

"Those who are waiting for a domestic agency to be created to protect our domestic networks have a long wait. It's not going to happen. There is not enough money. There is not enough human capital. There's not enough time to build a domestic NSA," said Gates.

Gates said, "As with, it seems, everything else, because of the politics of the issue we're kind of nowhere" in utilizing government resources to protect private networks.

Join the CSO newsletter!

Error: Please check your email address.

More about GartnerHerculesKodakNational Security AgencyNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Patrick Thibodeau

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts