Burned By Snowden, Former NSA Official Now Helps Finance Industry Avoid 'Insider Threats'

National Security Agency Deputy Director John Chris Inglis testifies before the House Select Intelligence Committee on the NS
National Security Agency Deputy Director John Chris Inglis testifies before the House Select Intelligence Committee on the NSA's PRISM program, which tracks web traffic and US citizens' phone records, during a hearing on Capitol Hill in Washington, DC, June 18, 2013. AFP PHOTO / Saul LOEB (Photo credit should read SAUL LOEB/AFP/Getty Images)

As the highest-ranking civilian employee of the National Security Agency, Chris Inglis was just as surprised as anyone else last year by the leaks from Edward Snowden, a contractor with a top-secret security clearance.

"99.9999 percent of the people that we've extended that trust to have more than met that good faith," he told HuffPost in an interview. "Snowden was a significant departure."

Inglis continued to lead the agency as deputy director for six months after the leaks, retiring on Jan. 10. Now he's working to sell the financial services industry on a tool to prevent the same sort of "insider threat" that so blindsided him at the NSA.

The World Wide Web didn't even exist when Inglis joined the agency. As its deputy director since 2006, his name was briefly bandied about as a possible successor to former director Keith Alexander last year.

Inglis said he misses the agency "for all the reasons I should," and that "the work that they do continues to have both an effectiveness and high moral purpose."

But now he's moving onto the next chapter of his life with three new positions: strategic adviser for a Los Angeles-based technology company, Securonix, which develops algorithms to detect insider threats; venture partner at the Paladin Capital Group, which invests in cybersecurity technologies; and teaching computer science at the U.S. Naval Academy in Annapolis, Maryland.

Securonix Chief Operating Officer Chris Bell said Inglis has already proved his worth since first meeting up with the company in February of this year. He even spoke at a financial services industry cyber-security summit in May, alongside the company's CEO.

"In the summer of 2013, in the fall, we saw a surge of interest around the topic of insider threat and data exfiltration, especially from commercial clients and markets, especially out of the financial services industry," Bell said.

"They really didn't understand the nature of the threat, as well as how to tackle some of the complex areas around privacy," he said. "We saw the opportunity now with Chris. There's no better person to sit down and explain the true nature of the threat."

Every NSA director or deputy director of the past twenty years has taken a job in industry, meaning Inglis has plenty of company in the revolving door between the agency and the private sector.

Alexander, the agency's director when the Snowden leaks began, now makes a living pitching cybersecurity consulting services to banks for as much as $1 million a month. His predecessor Michael Hayden is a principal at the Chertoff Group, a private security consulting firm. And Kenneth Minihan, who led the agency before Hayden, is now a managing director at the Paladin Capital Group, where Inglis will also have a role.

Headquartered in Washington, D.C., Paladin was founded in 2001 just as the post-9/11 boom in intelligence spending took off. It invests in companies with government defense contracts.

The presence of former high-ranking officials at these types of firms makes critics of corporate influence nervous. In June, Rep. Alan Grayson (D-Fla.) essentially accused Alexander of selling classified information in his new role consulting with banks. Ex-security officials' financial ties are rarely disclosed in television appearances.

Inglis maintains there are protections against conflicts of interest in his new roles, including a legally mandated "cooling-off period" during which ex-NSA leaders may not lobby their former agency, and terms written into his contract with Securonix.

"I have to be very careful that I'm not essentially selling my Rolodex, as it were, and attempting to wield inappropriate or any influence," Inglis said. "What I'm actually trying to do is generate good ideas and advice and counsel based on my experience."

At Paladin, he noted, he will be working for the investment firm, not for the government contractors in which it invests. Inglis said he takes care, even in private discussions, to make clear that he no longer speaks for the government.

"Understanding the role and the culture and ethos of defending these networks is a skill in its own right," Inglis said of his work at Securonix. "That's what these companies are looking for in people like me. Nothing more and nothing less."

Securonix's insider threat program is competing in an increasingly crowded field driven by growing government and corporate demand. The company has developed an algorithm "to mine activity logs in real time for anomalies." But others have created similar technology, including government contractor Lockheed Martin. Programs similar to those being developed to catch future Chelsea Mannings will also be deployed on the likes of Steven L. Davis, an engineer who emailed Gillette razor designs to competitors in 1997.

"Just think of the challenges of Wall Street, where the trillions of dollars that flow second by second as an exchange of wealth and treasure have to be done exactly right," Inglis said, illustrating the potential harm of such leaks.

But discerning whether an employee is a turncoat, an overachiever taking their work home, or merely disgruntled is difficult. As McClatchy reported last year, the government's push to find insider threats has led it to equate those who leak documents to journalists with traitors. Steven Aftergood, a senior research analyst at the Federation of American Scientists who writes frequently on the issue, says the parallel corporate efforts may have similar pitfalls.

Aftergood said the new algorithms "may be an inevitable response to concerns about leaks and theft of intellectual property, but they are also likely to generate new forms of anxiety in the workplace." He is worried about the potential for false positives and employees' ability to clear their names, and added that corporate whistleblowing could be made more difficult.

Inglis and Bell readily acknowledge the potential privacy concerns, repeatedly emphasizing controls on access to the "behavior profiles" of computer users generated by Securonix's algorithms. They also stress the need for human oversight.

But Inglis knows the pain of discovering a leak after the fact all too well -- and it's an experience he will draw on while pitching the company's products.

"You want to do that as it's happening, as opposed to when you hear on the news that your company's data has just been leaked," he said.



Edward Snowden