Former NSA Chief Keith Alexander Is Profiting on Cybersecurity. But Is It Legal?

NSA general Keith Alexander

In his review of This Town, Mark Leibovich’s account of the machinations of Washington, D.C., Frank Rich noted that in 2008, Obama said, “When I am president, I will start by closing the revolving door in the White House that’s allowed people to use their administration job as a stepping-stone to further their lobbying careers.” Perhaps he should have extended the hard word to ex-apparatchiks going into security consulting?

When Keith Alexander, the director of the National Security Agency and head of the U.S. Cyber Command, announced he was retiring in 2013 and almost immediately added that he was going into cybersecurity consulting, no one was particularly shocked. Exiting administration officials moving to the private sector and monetizing the connections and knowledge they gained during their government days is unsavory, perhaps, but far from unusual. Eyes did water at the amount Alexander was purported to be asking for his advice, though—$1 million per month.

So, what does $1 million get you? Well, it’s still not entirely clear. In a recent interview with Foreign Policy’s Shane Harris (disclosure: Harris is a fellow at New America, which is a partner of Future Tense) Alexander said the company he co-founded, IronNet Cybersecurity Inc., will use an innovative approach to countering hackers. He told Harris that it employed “behavioral models” to take out hackers as they plan their attacks, rather than trying to catch them in the act. However, a national security expert Harris spoke with said that the behavioral model “is highly speculative and has never been used successfully.”

What’s sure to raise eyebrows even higher is Alexander’s announcement that he’ll be filing at least nine patents for this technology. Patents that you might presume were invented off the back of the intimate knowledge of cyber-attacks and potential cyber-threats that Alexander was exposed to during his almost nine years as director of the NSA. When asked why he didn’t implement this super-special hacker-catching method when running what is likely the world’s largest cyber-security body, Alexander told Harris that the key “aha” moment came from one of his new, unnamed business partners.

Back when Bloomberg announced that Alexander was asking a cool $1 million per month (later, the amount was said to drop to $600,000) to help banks and other firms keep their data safe, concerns were raised that the former director was capitalizing off his intimacy with classified information. At the time, Rep. Alan Grayson wrote a scathing letter to the Financial Services Roundtable and other bodies to whom Alexander was said to have offered his services, asking them to disclose their negotiations so that Congress could consider whether the former director was selling classified military and cybersecurity secrets:

Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander..

Read more:[41]