Gen. Keith Alexander, the most powerful cybersecurity official in the U.S. federal government, will step down next spring as head of the National Security Agency and the military's Cyber Command and retire from the Army after 40 years of service.
"He's served well beyond a normal rotation, having been extended three times since he became NSA's director in 2005," NSA spokeswoman Vanee Vines says.
Alexander has been under fire in recent months since the disclosure by former NSA contractor Edward Snowden of a number of classified government programs, many conducted by the agency, to collect information on other governments and amass telephone and Internet records of American citizens (see NSA E-Spying: Bad Governance).
"This has nothing to do with the media leak," Vines says. "The decision for his retirement was made prior, and agreement was made with the SECDEF (secretary of defense) and the chairman more than a year ago - to [retire] March 2014."
Bruce McConnell, the former top ranking cybersecurity official at the Department of Homeland Security, characterizes Alexander as a "grounding-breaking visionary," who shaped the future of cyberspace as a military and intelligence domain. But, McConnell says, "the policy and political implications of his vision have proven to be his major blind spot."
At a Senate hearing, Alexander said the leak has caused great harm to the nation (see NSA Won't Jettison Contractors, Yet). "The consequence of this is that our security has been jeopardized," Alexander said. "There is no doubt in my mind that we will lose capabilities as a result of this, and not only the United States but those allies that we have helped will no longer be as safe as they were two weeks ago."
Security expert and author Bruce Schneier defends Alexander, saying faulting the NSA and its leader for creating a surveillance effort to collect information on Americans would be the same as blaming the U.S. military for conducting the Iraq war. In a recent essay he wrote: "Alexander is performing the mission given to him as best he can, under the rules he has been given, with the sort of zeal you'd expect from someone promoted into that position."
The way the position is structured, the director of the NSA - the federal government's electronic spying agency headquartered in the Defense Department - also heads the Cyber Command, part of the U.S. Strategic Command, which synchronizes the defense of U.S. military networks.
"Keith was the right choice for the the combined job," McConnell says. "Now, the posts should be split. History teaches that the consolidation of authority across defense and intelligence lines can be dangerous, and this is particularly true in cyberspace."
Schneier, too, suggests the two jobs should be separated. "The posts are too different, and the potential for abuse is too great when they're combined," he says.
Richard Stiennon, chief research analyst at the advisory firm IT-Harvest and author of the book "Surviving Cyberwar," shares that point of view, adding that the next NSA leader should refocus its mission to emphasize the agency's original purpose of intercepting and analyzing electronic signals transmitted by the nation's adversaries. "The overriding concern with tracking down terrorists must be displaced with understanding capabilities and intent of major powers," he says.
The transition to a new NSA leader, Stiennon says, could provide an opportunity for the president and Congress to redefine the agency's mission and "investigate how things became so bad, rein in the rogue agency and establish new systems of transparency, oversight and accountability."
Alexander's term was extended in 2009; again in 2010, when the Cyber Command was established; and a third time earlier this year (see Gates Defines Military Cyber Command's Role). "The process for selecting his successor is ongoing," Vines says.
Although not officially announced, NSA's deputy director Chris Inglis is expected to retire by early next year.
The departure of Alexander will give President Obama, with approval of the Senate, a chance to select the most powerful cybersecurity official in government. One of the names surfacing as a possible successor is Vice Adm. Michael Rogers, who heads the Navy's Cyber Command.