Former head of the NSA General Keith Alexander is under scrutiny following revelations that in negotiations with the financial industry, his security company has asked for consultancy fees ranging from $1 million to $600,000.
Last year, former NSA contractor Edward Snowden leaked confidential documents to the media which detailed the US government's surveillance activities, ranging from wiretapping to mass data collection. This not only damaged the general public's trust in the government, but caused an international relations storm. President Obama promised reforms, but the damage was done — and the NSA has been in the hot seat ever since.
Alexander weathered most of the storm, but eventually retired in March from both the NSA and US Cyber Command to set up a cybersecurity firm, IronNet Cybersecurity Inc.
US officials have previously claimed that cybercrime is the "top threat" facing the United States — overtaking terrorism as a priority — but this doesn't take away the fact that cyberdefense is now a very lucrative business as companies and organizations scrabble to protect themselves from frequent and often devastating cyber campaigns.
This month, it emerged that Alexander was pitching his company's services to financial institutions for as much as $1 million a month. In an interview, Alexander said "it would be devastating if one of our major banks was hit, because they’re so interconnected," and so has met with large banking trade groups to offer his firm's services.
According to Bloomberg, Alexander offered the Securities Industry and Financial Markets Association, known as Sifma, advice for $1 million a month — a price that later dropped to $600,000 in private negotiations.
However, IronNet Cybersecurity has come under scrutiny because of these high consultancy fees, and Representative Alan Grayson (D-FL) is pushing for a formal investigation into the activities of the former NSA chief.
There is no evidence of any wrongdoing by the former intelligence chief, but in letters to Sifma (PDF), Grayson notes such excessive fees are likely to be seen as unreasonable, and questions whether Alexander would have any information of this value for the financial industry without disclosing secrets learned through his governmental work. Grayson writes:
Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony.
I question how Mr. Alexander can provide the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information he acquired in his former position he literally would have nothing to offer to you.
Grayson is not the only one interested in discovering what exactly is on offer for $600,000 a month. Security expert Bruce Schneier writes:
Think of how much actual security they could buy with that $600K a month. Unless he's giving them classified information.
The Representative has asked for Sifma to send him copies of all documents relating to negotiations with Alexander so Congress can investigate whether or not he is "selling military or cybersecurity secrets to the financial services industry for personal gain."
Last year, the former intelligence chief said that cyber threats are "only going to get worse," and admitted that US cybersecurity advancements fell behind the sophistication of today's cyberattacks. In order to keep up, the general said that different skill sets — including networking, communications and data storage — should be combined.
This could have been part of the reason behind Alexander's decision to launch his own security company — or perhaps the challenge of security consultancy was a better alternative to the constant heat and pressure the NSA has been under over the past year.