INTELLIGENCE MATTERS - ADM MICHAEL ROGERS

CORRESPONDENT: MICHAEL MORELL

PRODUCER: OLIVIA GAZIS

Get Breaking News Delivered to Your Inbox

MICHAEL MORELL:

Michael, welcome to the show.

MICHAEL ROGERS:

Thank you.

MICHAEL MORELL:

It is great to have you on Intelligence Matters.

MICHAEL ROGERS:

It's great to be here.

MICHAEL MORELL:

This is the first time that you have been out of government in your entire--

MICHAEL ROGERS:

(LAUGH) My entire adult--

MICHAEL MORELL:

--adult life.

MICHAEL ROGERS:

--life.

MICHAEL MORELL:

Right? How are you (LAUGH) finding it?

MICHAEL ROGERS:

Oh, it's great. Now, don't get me wrong, I love the 37 years that I spent in uniform. And I'm very grateful for the opportunity I was given. But now on the other hand, I'm energized by the idea of new opportunities, a chance for me to learn, hopefully a chance for me as well to provide value to others and to do it in a team environment just like I did in the military and in the intelligence community. So I find it very energizing.

MICHAEL MORELL:

What do you miss already, if anything?

MICHAEL ROGERS:

I'll be honest. I spend little of my time thinking back. I'm much more energized by what's ahead of me. Like most, I think my experiences, it's the people, number one; number two, the mission. But on the other hand there's lots of other ways to serve, to try to generate benefit broadly for others. So I find that still good--

MICHAEL MORELL:

Yeah, that's exactly--

MICHAEL ROGERS:

--on the outside.

MICHAEL MORELL:

--what I say to people on the mission, right. That's what really I miss. I want to ask you to explain the three different roles that you had in your last job, right. So you were the director of the National Security Agency. You were the commander of the United States Cyber Command. And you were the chief of something called the Central Security Service, which I don't even know what that is.

MICHAEL ROGERS:

Well, I'd like to think the government (LAUGH) got value out of me.

MICHAEL MORELL:

So--

MICHAEL ROGERS:

One salary, (LAUGH) three jobs.

MICHAEL MORELL:

So can you explain (LAUGH) what each of those organizations are and what they do?

MICHAEL ROGERS:

Sure. So first, United States Cyber Command. It's the senior job, in the sense, that it's the reason why I was a four star, not as the director of NSA, but the four star came with being the commander of Cyber Command, a very traditional DOD operational military organization focused on three primary missions: number one, to defend and operate the Department of Defense's networks; number two, to generate the capacity for cyber in the department, but also to do the offensive things if you will within the department.

And we started during my time publicly acknowledging that the Department of Defense was involved in offensive cyber operations. And then lastly, if directed by the president or the secretary to defend critical infrastructure in the United States against cyber-attacks of significant consequence from foreign entities. So that was Cyber Command, a very traditional military organization.

So that is about 80% military, about 20% civilian. And it was at the level, as I departed, we ultimately became a combatant command which is the senior most level in the DOD. There were ten including Cyber Command. There were ten senior--

MICHAEL MORELL:

And physically that was--

MICHAEL ROGERS:

--operational organizations.

MICHAEL MORELL:

--at Fort Meade as well?

MICHAEL ROGERS:

Right, that was at Fort Meade as well in many of the spaces, also in other areas. Cyber Command operated in other areas within NSA infrastructure around the world. But we were a separate organization. Secondly the National Security Agency, largest intelligence organization in the U.S. government, about twice the size of the next largest element focused on using the power of technology in signals intelligence, a single discipline.

Unlike similar intelligence organizations, a single discipline designed to-- you looked at opponent communications, you looked at opponent radar systems, you looked at opponent digital data links in the telemetry for example associated with, you know, technical intelligence, weapons systems.

So we were a very traditional intelligence organization at the National Security Agency. What brought these two together in many ways was as the global telecommunications infrastructure shifted to more and more of a network-based approach, NSA found itself having to develop deep expertise in cyber networks to execute its mission.

As a result, over time NSA's mission also grew from a very traditional intelligence organization to, "So how do you develop the encryption for all government classified systems? How do you develop and defend networks?" When DOD decided to create this thing called Cyber Command, they wanted a very traditional operational military entity that could conduct military operations in cyber, they asked themselves, "Within the DOD, where is the center for excellence for cyber expertise?"

The decision was, "Hey, it's NSA," which although it's part of the intelligence community, is also a combat support agency within the DOD. And then lastly this thing called the chief of Central Security Service, it's really a reflection of history. Signals intelligence has been used from the strategic side to support our nation's leaders down to the tactical edge of the battle field.

In the Vietnam War era -- so it actually was created about 40 years ago -- there was a discussion about, "So how do we make sure that signals intelligence is applied at NSA not just to support our national commander in chief, if you will, but also to support those battlefield kinds of things?" And the argument was made at the time, "We need to create a structure where there's oversight and some level of control, if you will, of the military tactical investment in SIGINT."

The then director at the time actually tried to argue with the joint chiefs, "Well, I should control it all." The chiefs said, "Ah, we don't like that idea." So the kind of compromise was, "Let's create this Central Security Service and--

MICHAEL MORELL:

Gotcha.

MICHAEL ROGERS:

-- it'll give you --a role with the traditional DOD SIGINT capability.

MICHAEL MORELL:

Michael, you know better than anybody that there are those who believe that the leadership of NSA and the leadership of Cyber Command should be split, right. What's your view on that? Good idea, not so good idea? Why?

MICHAEL ROGERS:

So my thinking has evolved on this. I was part of those discussions when Cyber Command was first established. Boy, now we're coming up on ten years. Cyber Command's almost ten years old now. And I can remember-- I thought that it was very natural that two be aligned under one individual.

Because Cyber Command was the more immature, the newer, was trying to develop capability and expertise. And it leaned heavily on NSA to do that. For example, we embedded-- the decision was made by the department, "Let's save a lot of money." One of the ways to do that is, "Let's not go out and build new buildings, let's not create separate infrastructure. Let's take advantage of the investments that we've already made with NSA."

So we overlaid Cyber Command on that. We for example put Cyber Command's people, rather than build new buildings, we put them in existing NSA structures. As I became the director and the commander, over time as Cyber Command's capabilities developed, matured, and we had the real operational experience -- for example, of using cyber against ISIS -- I just came to the conclusion for me -- and there's others clearly who have a different view, and that's fine.

But as the guy who's actually done it and done it recently, my concern became, "So how does one individual be one of the ten senior-most commanders in the DOD and run the largest intelligence organization in the U.S. government?" I said, "This span of control is pretty significant."

Secondly, I was also concerned. Your perspective as an operational military commander at times is very different than your perspective as a intelligence leader. And sometimes the level of risk you're willing to run, the level of potential compromise you're willing to accept, very different. At Cyber Command, generally my attitude was, "We're here to conduct military operations. If potentially we might have to lose some measure of capability or the opponent may become aware of us," that didn't necessarily bother you. For example, ISIS.

MICHAEL MORELL:

Right, right, right.

MICHAEL ROGERS:

I wanted them to know, "Hey the U.S. government--

MICHAEL MORELL:

We're here.

MICHAEL ROGERS:

--the DOD--

MICHAEL MORELL:

We're here.

MICHAEL ROGERS:

--we're here." On the other hand, as an intelligence professional, as the director of the National Security Agency, in general, it all varies by situation. In general our job always was, "We want to get where we need to be. We want to access the data and the information we want. And we don't want anybody to ever know that we were there."

MICHAEL MORELL:

I want to shift a bit and ask about a couple of substantive questions, okay. First, I want to ask about how you think about the cyber threat and what we as a country need to do about it.

MICHAEL ROGERS:

So broadly, I would say this challenge is going to be foundational to the future. So this clearly is a long-term sustained issue we're going to have to deal with. So the take-aways from that for me are, "Don't look for a single quick technology-based fix." I just don't think it exists. This is about rolling up our sleeves and doing some hard work in a sustained manner with multiple components to it.

There are going to be technological things that we're going to do in terms of capabilities we're going to develop and implement. There are things we're going to need to do in terms of how we structure and build networks, how we structure and build systems that have remote connectivity, because those are potential sources of vulnerability.

We're going to need to think about, "How do you train a work force to operate in this kind of world?" One of the things, the points, I used to make in the DOD was, "Look, we have about 1.2 million active uniformed individuals in the Department of Defense." I said, "Of those 1.2 million, it's a relatively small subset that actually has their hands on a weapon at any one time."

I said, "Yet, for those 1.2 million, literally every one of them has been given access to a keyboard. And if they're on a keyboard and they're on a system, they now become both a potential opportunity, but they're a potential point of vulnerability." And there are some implications about how we train work forces, how we create them, from general knowledge all the way to the high-end kind of cyber warriors.

And then lastly, one of my take-aways from my experience is, we've got to step back and ask ourselves, "How do we need to look at what the role of the government versus the private sector is in this new world that we're in."

MICHAEL MORELL:

And how do you think about that?

MICHAEL ROGERS:

So for example, I think it is very unrealistic to expect individual companies or states for example, if you look at the election scenario. So you tell me how an entity at that level is supposed to stand up to an organized nation-state's focused effort in the case of a Russia or a China, for example, to penetrate their systems, to either manipulate, drive outcomes, or to gain access to insight data to extract it.

By the same token, thinking that, "Well, don't worry, private sector, the government's going to do this all," when much of the infrastructure and much of the data, much of the means to do this reside in the private sector, I think, is totally unrealistic. So I think cyber forces us to re-look at some of the assumptions and kind of broad structures that we've put in place over time.

It doesn't recognize geography. It doesn't recognize, "Well, what's government infrastructure versus what is private infrastructure?" It wasn't created that way. And it doesn't work that way. So I think we have got to re-look at some things.

MICHAEL MORELL:

So are the cyber capabilities of our adversaries, getting much, much better? Getting close to where we are? How do you think about that?

MICHAEL ROGERS:

So getting much better. The first comment I would make is I can't think of a major-- I look at major by economy, military power, political power, however you want to define what a major nation in the world is. I can't think of a major nation that is either, number one, not investing in this capability, or two, is decreasing their level of investment. Quite the opposite. I see the trend. And everybody is investing in this.

MICHAEL MORELL:

Are we staying ahead?

MICHAEL ROGERS:

Well, I phrase it this way. It's interesting. Everybody has a different strategy. So if I look at the Russians for example, cyber is a strategic tool for them. And they tend to be precise. If I look at the Chinese, they run a spectrum -- not surprising for a nation of 1.3 billion people where manpower is not necessarily the constraint that it is in some systems.

They tend to look at a strategy that involves both a high number of people involved in this as well as very targeted, kind of strategic approach to doing it. But they tend to span from the battlefield all the way up to the economic, you know, nation-state kind of thing. I find them very interesting.

And at the same time, you look at a North Korea. You know, you see a nation-state using cyber as a tool to in some cases participate in almost criminal-like activity. When you're isolated globally like the North Koreans are, when you're under sanction and you're trying to figure out, "How are we going to generate revenue?" Well, stealing crypto-currency, going after banks, the kinds of things you normally associate with a criminal entity. And you're watching nation-states engage in these--

MICHAEL MORELL:

Ransom ware.

MICHAEL ROGERS:

--kinds of behaviors. It's just like, "Wow, this is different."

MICHAEL MORELL:

So Michael, your views on the role of offensive cyber for defensive purposes. I remember sitting in the sit room and we would beat ourselves (LAUGH) on this question. And I always thought we didn't take enough risk in this area. And I just wonder what your thoughts are.

MICHAEL ROGERS:

So as a person who participated in these debates in the sit room, in the Oval at times with, "What as the government, you know, are we looking at?" I said, "Look, I tend to believe that broadly the projection of force should be done through a government." I'm a Westphalian kind of guy in that degree. I think broadly a nation-state is the best mechanism to do that.

Secondly the analogy I used to use was-- and some days it felt like, you know, we're the sheriff and we're out on the street in the Old West town and we're trying to stop what's going on. And the analogy I used to use is, "The last thing I need is more people coming out on the street with guns and starting to shoot."

And I also, when I would talk to the private sector, particularly general counsels, and I would say, "Well, talk to me about potential-- what liability concerns do you have if you engage in this behavior and there's second and third impact. And now you're potentially being sued." Bottom line though, it really gets down to how do you define offensive versus kind of defensive response. I think there's some things that we should look at doing in the defensive response kind of area. I get a little uncomfortable if we're really getting into the true offensive.

MICHAEL MORELL:

If we're moving first.

MICHAEL ROGERS:

Right. Where I'm going, "Ooh, I don't think is best served with a private entity, if you will."

MICHAEL MORELL:

Keeping up with the cyber discussion, what do you think the prospect is for developing international norms in cyber space? Or are we stuck in this Wild, Wild West?

MICHAEL ROGERS:

So part of the strategy had been-- you know, I was part of both the Obama team and the Trump team. And part of the strategy particularly with the Obama team, and it kind of continued into the Trump arena, was, "Can we develop a set of norms that we can then build around a broad set of accepted behaviors?"

Because certainly I thought one of the challenges was many nation-states have come to the conclusion that there's little risk for some pretty aggressive-- look at the Russian efforts against the 2016 election cycle. And I thought the challenge for us is, "How do we change that risk calculus?" How do we convince other actors out there, nation-states, criminals, non-state actors there are certain things you just don't want to do?

The kinds of norms in espionage for example that over time we have developed, "Hey, if we do this, it's going to trigger a response. However, this is within the accepted norms of behavior. We could do this at an acceptable level of risk." We thought we might do this in a kind of international consensus. But the challenge very quickly in some ways got to be the U.S. view always was, "Cyber is a global commons in which the broad discretionary capability of the academic world, of industry to develop capability resulted in a broader good for the world around us. Increased knowledge, greater economic production, and that that was a good."

The authoritarian states of the world had a very different view and said, "Look, information and the cyber dynamic should be viewed as an extension of a state's ability to control its territory. This is what the authoritarian states would argue, "It is broadly accepted that every nation has the right to control who enters, who leaves, under what conditions. It should be the same with cyber. I should have a level of control and oversight."

That was not the U.S. position. We clearly argued, "No. We're not interested in trying to use cyber as a tool to control the information and the flow of this knowledge and economic energy." We thought, "No, that's not what you want to do." Because there was this kind of dichotomy of views, we just could never really get to a global consensus.

MICHAEL MORELL:

Yeah, yeah. You mentioned the Russian attack on the election which evidently happened in 2018 again. And you said several times publicly that you don't think we've done enough to deter Putin. What do you think we should do?

MICHAEL ROGERS:

So we're certainly moving in the right direction. We have publicly acknowledged. I was very happy that were publicly acknowledging that the activity was happening. I said, "Look, everybody knows it's there. But I think there's value in the government publicly acknowledging this."

Number two, I think we need to make sure that we're synchronizing between the statements and the actions of our senior most leadership and the policies that we're developing. So if we're doing one thing but saying another, that's not particularly effective. If you're the other side and you're thinking, "Well, I see them doing this. But on the other hand the things they're saying suggest, well, maybe things haven't really changed."

I also think we need-- and for example it's one of the reasons why we made the decision, "Let's publicly acknowledge that we're using cyber against ISIS offensively. I thought there was value in the United States acknowledging it has cyber capability, acknowledging that in considering what it should do in response to the actions of others, it is prepared to look at a full range of options.

Cyber's just one of them. It's not always the right answer. And just because someone comes at us via cyber doesn't mean we should just respond in kind. But I thought there was value and believe there's value in publicly acknowledging, "We are developing a set of capabilities. We will be very measured in how we employ them. We will employ them in a legal framework just as we do kinetic force. But if you engage in these types of behaviors, we are prepared to use this as a potential response tool."

MICHAEL MORELL:

To deter.

MICHAEL ROGERS:

To deter, along with other things.

MICHAEL MORELL:

Right, right, right--

MICHAEL ROGERS:

Economic, political, and other things.

MICHAEL MORELL:

Let's switch gears again to some of the issues you had to deal with in managing and leading NSA, the insider threat. So you come to NSA after the Snowden issue which you then had to deal with. And since Snowden, NSA has had its share of insider threat problems. How would you characterize the insider threat problem broadly, not just in NSA, but broadly as a problem? Is it getting worse? Does this tell us something about millennials? Does it tell something about technology? Does it tell something about all of that, right? How do you think about that?

MICHAEL ROGERS:

So first I would say, if you look at the cases, not just at NSA, but CI more broadly across the government, first this isn't about a particular demographic. It's not just millennials. It's not boomers. It's not a single demographic in terms of age, in terms of sex, in terms of, "Well, is it a uniform? Is it a civilian? Is it government, civilian versus contractor?"

In the immediate aftermath of Snowden, for example, I would often get from our oversight, "See the take-away here is you can't trust contractors." That's not my take-away from this. I would not argue that that's the argument to make. I don't see it that way.

So the first point I would make is this isn't about labeling a particular group or demographic as, "Ah, that's the problem." Number two, I think part of it is getting organizations, not just leadership, but the working individuals within an organization to acknowledge that this is a challenge that we have to admit is there. And we have to deal with it. And as employees, we have to be prepared to accept that we're going to do some things that might appear cumbersome, that might not be our first choice, but given the importance of the data and the information that in the execution of our jobs, the citizens of this nation grant to us, that we are going to acknowledge there's a higher standard that we have to meet. And that will involve at times some level of inconvenience.

"Hey, why am I being searched when I'm leaving work? Why are you looking at my backpack? Why do you make me do a polygraph? Why do you make me come in and do a periodic security update? Why is there a dog in the work space?" My attitude is it's because of the importance of the data and the mission we've been given. And that's part of the contract with have with the citizens of our country as well as our friends and allies.

Then lastly I would argue I thought there were three keys. We need to harness the ability to understand what is happening in our networks with the ability to understand the behavior of our work force with the ability to tie all this together in a way that we can use this data and this knowledge and insight to attempt to get ahead of problems. The most frustrating thing to me was dealing with it after the data had already been removed. I thought, "That's not what the focus should be."

MICHAEL MORELL:

It was always interesting to me whenever we had a problem like this and you went back and looked at the person's behavior prior, right. You just saw it. It was there as clear as day.

MICHAEL ROGERS:

Right. You know, coming in late. Or they were doing things that weren't really associated with their jobs. Or, boy, they asked a lot of questions that had nothing to do with work. Or they just didn't have great interpersonal skills and seemed to get angry at everyone at times. No.

MICHAEL MORELL:

Most people don't know that Snowden actually worked at C.I.A. before he came to the contractor and worked for--

MICHAEL ROGERS:

Well, then came to NSA.

MICHAEL MORELL:

--NSA. And he had serious problems at C.I.A. that weren't flagged on for the contractors you know. So government agencies can ask its employees to do those kind of things, right. It's tougher for the private sector. But what advice would you give to a CEO about how he or she should think about the insider threat insider their organizations?

MICHAEL ROGERS:

So I think there's some things that translate well. So for example, in DOD, in government computer systems, we have a user banner that says, "Hey, you have agreed. By using this system, you're agreeing to some standards of behavior." I would encourage every company.

MICHAEL MORELL:

That transfers.

MICHAEL ROGERS:

--You should all be doing that. And the positive thing is that gives the employer, and it gave the government, some legal authority that when it came to, "Hey, I have the means, and you have agreed to the means, for me to review your online behavior when you're at work using, you know, employer-provided systems." I think that's very reasonable whether you're government or whether you're in the private sector.

Number two, the things about how do you potentially pay attention to people as they're coming and going from work. I think that translates very well. I think the biggest challenge in terms of what translates from what's acceptable in the government to what's a challenge on the outside is this idea that as citizens we have the rights to express our views as we believe.

And that includes what kind of social media footprint we have. That -- every citizen has that right. And I think one of the challenges on the outside is how do you respect the privacy and inherent rights of the individual with the challenge of trying to understand, "So are you exhibiting behaviors? Or are you expressing views that would seem to suggest--

MICHAEL MORELL:

So you're a threat.

MICHAEL ROGERS:

--you're a threat and you're trying to undermine what you're doing at work?" And that's a really hard and delicate balance. I acknowledge that.

MICHAEL MORELL:

Mike, the Russia investigation. So I have to assume -- and I'm not going ask you to comment on this -- so I have to assume that NSA collected information relevant to that investigation.

MICHAEL ROGERS:

(LAUGH) Yes.

MICHAEL MORELL:

And I have to assume you passed that to the F.B.I. and the special counsel's office.

MICHAEL ROGERS:

Yes.

MICHAEL MORELL:

But there were media reports that the president asked you personally, right, to influence the outcome of the investigation or what you said publicly about it. And I wanted to give you the opportunity to comment on that.

MICHAEL ROGERS:

So I go by exactly what I said when I testified before the Senate Select Committee on Intelligence. I had a classified discussion with the president of the United States around this particular topic. I'm not going talk about that in a public forum. However, as I said under oath before Congress -- there shouldn't be any doubt in anyone's mind.

I was never directed. I never did or in never any way -- I never felt coerced, intimidated, threatened about having to do something. And if I ever came into a subject that had nothing to do with any particular administration, this was my position every time, every day that I was in government service and particularly as the director of the NSA and the commander of Cyber Command, I am not going to do something that I believe to be illegal, immoral or unethical.

I don't care who you are. I'm just not going to do it. Now, if that means you feel you have to replace me, I don't have a problem with that. But I have never felt that in my time as the director or as the commander, I never felt that I was directed to do something that I believed was illegal, immoral, or unethical. And when there were things that I thought were starting to potentially get close, I said flat out, "Nope. We're not going down that road."

MICHAEL MORELL:

Great.

MICHAEL ROGERS:

And then I said, "Why."

MICHAEL MORELL:

Great. So the third issue I wanted to talk about is your work force at NSA. Did you get the people that you needed, talent that you needed to conduct the missions that you needed both at NSA and at Cyber Command?

MICHAEL ROGERS:

Right. So you never have enough, particularly given the level of technology and, you know, capability within that work force. I mean, as important as all this technology is, what I used to remind people at the National Security Agency, as well as those we supported within the broader government, as well as in the Department of Defense, as well as our Congressional oversight, "Don't let there be any doubt in your mind. What is the true edge of the National Security Agency and why it is able to do these amazing things in the service of our nation is not just because of the technology. It's because of the capabilities of these men and women."

Put another way, if we had to start all over again, if you gave me enough money, we could rebuild the technology in some small handful of years and the infrastructure.

But if you removed the work force, it would take us decades to try to replicate this level of knowledge, this level of experience, this level of insight. So because the skills are so increasingly readily transferable to the private sector-- boy, I can remember-- I was a signals intelligence officer, you know, for 33 years in the government.

On the trivia side, the first professional full-time SIGINT officer to ever actually become the director of the nation's largest signals intelligence organization. And that's just because the Navy does things a little differently than the other services, not better or worse. It's just a different model.

If you look though at the things and the capabilities, ten years ago my memory was when people would leave the NSA or leave the military, they'd go work as contractors for government associated businesses. You look over the last, I would argue, five years in particular, now they're leaving to go do start-ups. Now they're leaving to go to IT sectors, Google, Microsoft, other major ones. Now they're going to banks to do security, investment companies to do security. So the amount of opportunity for the work force has never been--

MICHAEL MORELL:

Do you envision a future--

MICHAEL ROGERS:

--broader.

MICHAEL MORELL:

--where people leave, come back?

MICHAEL ROGERS:

Yeah. One of the arguments that I tried-- because we went through-- you may have heard of NSA 21. We went through the largest reorganization probably in 20 years. And one of the tenets of that was the model for NSA historically had been, "You come to us and you tend to stay with us."

We had a retention rate, even among our highest technical areas in the, depending on what you were doing, anywhere from about 92% to 96%. I mean, the private sector looks at you -- I would be out at Silicon Valley. And they would look at me and go, "In even your highest technical area, you retain 92% of your work force?" That's our model.

MICHAEL MORELL:

Good and bad.

MICHAEL ROGERS:

Because it's the mission, right.

MICHAEL MORELL:

Yeah, yeah, yeah.

MICHAEL ROGERS:

It's the mission that drives it. Not that that isn't true on the outside. But I just came to the conclusion, I'm not sure that that model optimizes us for the future. I would like to see us both continue to encourage really motivated individuals to stay with us for their entire adult working life. But by the same token, I'd like to create an environment where people could leave us, come back.

I'd like to create an environment where we could bring people in from the outside and say, "Look, you've done great things out there. I like your experience and your background. I realize you're not ready to say, 'Well, I want to join the government and I want to start as a GS-7 or a GS-3.'" How can we bring them in at a higher level--

MICHAEL MORELL:

Right, right, right.

MICHAEL ROGERS:

--so they can afford to do--

MICHAEL MORELL:

Absolutely.

MICHAEL ROGERS:

--that.

MICHAEL MORELL:

I wanted to shift a bit to your career which you've talked about a little bit. So you were groomed by the Navy to be an intelligence officer. You were groomed by the Navy to be a SIGINT guy, to be a cyber guy. Is that a choice that you made, they made, you made together? And why?

MICHAEL ROGERS:

So I started my Navy career as a very traditional maritime officer. I was a surface warfare officer. I spent my time at ships at sea. I did that for about five years. And then I made the choice, "I want to stay in the Navy, but I'd like to try something different." In part because I just didn't like some of the leadership behaviors. Again, I'll be very honest. I didn't like some of the leadership behaviors I was seeing.

And I thought, "If this is what I have to do or have to become to one day be a commander officer of a ship at sea, I'm not doing this. I'm just not. I don't believe that this is the right way to lead others, that there's other alternatives." As a result I said to myself, "How can I keep going to sea but be a Naval officer?" And so I looked at both Naval intelligence and Naval cryptology. I might have been an intel officer. Instead I became a cryptologist. The reality is--

MICHAEL MORELL:

So what's the difference between those two?

MICHAEL ROGERS:

So intelligence officer of the United States Navy, look at every intelligence discipline, human intelligence, communications intelligence, technical intelligence. And they use all of those sources to broadly put together a comprehensive picture to help operational commanders understand what's the nature of the environment they're operating in, how is their opponent structured, and how might their opponent react to things that we might do. And what is the opponent going do in the future?

Cryptology is much more narrow, much more specialized. You use a single discipline, signals intelligence to attempt to generate that kind of insight. And you feed that information into this broader analytic effort. So for example, you tend not to do as many briefings and other kinds of things as an intel officer might do.

On the other hand, you tend to be at the tactical level a little bit more kind of out on the edges, because you're out there, particularly with the state of technology at the time, you had to go where the signal was. Which meant you found yourself physically in some really interesting environments in a lotta places where you don't acknowledge that--

MICHAEL MORELL:

And then keeping up with that technology--

MICHAEL ROGERS:

--we ever were.

MICHAEL MORELL:

--as it develops.

MICHAEL ROGERS:

Right. So I enjoyed that. So I went into signals intelligence thing, quirk of fate. One day I go to see both organizations, Naval Intelligence and Naval Cryptology. And I say, "Here is my background. This what I've done. I'd like to potentially look at shifting. Would my background be applicable? How might I be used if you selected me for that?"

And the attitude of the one, eh. The other however -- I didn't know them. "We think your background has great applicability. Hey, we think that you could do some really interesting things if you joined us. And oh, by the way, could we help you with your package?" Because you had to put a package together. You had to go before a selection board. You actually had to compete to change.

And so I ultimately ended up going in that direction. And this is probably more detail than you want. But this is something I talk about with individuals, particularly officers and sailors. I had a very traditional career then as a Naval cryptologist up until the time that I made captain -- or colonel in the other services. Historically in the United States Navy, we had never had a cryptologist go beyond two-star.

And we only had one or two of them at any one time. As I became an 0-6, I go to the joint staff. That's the organization that supports the chairman of the joint chiefs and the secretary of defense in helping to both formulate military direction, but also to help translate it out to the operational commanders and their organizations that actually--

MICHAEL MORELL:

This is where we first met--

MICHAEL ROGERS:

--do matter--

MICHAEL MORELL:

--in the situation room.

MICHAEL ROGERS:

--which is where we met. As I was doing that, I found myself increasingly pulled out of my traditional cryptologic or SIGINT work. I had gone to the joint staff to do computer network attack and computer network defense work. And suddenly I found myself -- I'm the executive assistant to the director of operations on the joint staff, not the director of intelligence. I'm working for the director of operations in the middle of two wars in Iraq and Afghanistan.

Then I get pulled up to the director of the joint staff, that three-star who oversees the entire organization for the chairman. I was the EA, the executive assistant, to two different individuals in that job. And then I got hired by a chairman who says to me, "I want you to be my strategic thinker."

MICHAEL MORELL:

Who was that?

MICHAEL ROGERS:

General Peter Pace, 16th chairman of the joint chiefs of staff and the first Marine ever to become the chairman. So I was given this opportunity that just traditionally my specialty don't get. And then when I become an admiral, make one star, I'm sent out to the Pacific to be not a SIGINT guy. Now I'm sent out to do a J-2 job, a director of intelligence of Pacific command which again somebody in my specialty had only done, I think we'd done this twice before.

And then finally I get pulled out of that and I'm brought back to be the J-2, the director of intelligence for the joint chiefs of staff. So I found myself living in a very traditional operational world, that's where I started. And then I got pulled back in as an 0-6. And then as I was a one- and a two-star, I found myself doing very traditional intelligence roles that traditionally a guy like me wouldn't do.

You put all of that together, and I can remember being told as an 0-6, "You know, Mike, we're going to make some investment in you in terms of where we send you. You have to deliver. But we think we're going to need cyber expertise, operational perspective, and deep intelligence knowledge over time. So we're going to try to groom you to do those kinds of things." So I was very fortunate.

MICHAEL MORELL:

So you mentioned the firsts in your career, right. The first information warfare community officer to make the rank of vice admiral, the first restricted line officer to command one of the Navy's fleet commands. So a lot of firsts here. Does that say something about where the Navy's going and where the military's going and the importance of cyber? Or does it say just something about you personally, or both?

MICHAEL ROGERS:

No. I don't take it as anything to do with me. I was very fortunate. And much of this is all about timing. I had a set of skills and experiences that seemed to grow in value over time as opposed to being looked at as, "Boy, that's the past. That's not really the future," Number one.

Number two, it points out I always thought that the thing I loved about the military was, it was the ultimate meritocracy to me. As I got more senior, they didn't care about what was my pedigree, what was in my background. Nobody asked me, "Did you go to the Naval Academy?" I didn't. I tried to get in and failed miserably.

They just looked at me and said, "So what do you bring to the table? What kind of expertise, skill set do you have? And can you generate value at these increasingly senior levels? And if you can, we're willing to invest in you. And if you can't, hey, thanks very much. But it's time to go home." So it's less about me. Because I would also highlight, while I was the first, it continues.

We now have people with my background at the three-star level in the United States Navy. The other thing I liked was I also was able to do things, you know, at a four-star level as a joint individual. I really liked the fact that I could do both service in joint things.

MICHAEL MORELL:

Mike, I'm gonna ask you one more question. You've been terrific with your time. There's a stereotype of the NSA work force, you know, guys with pocket protectors, et cetera, et cetera. What would you want the American people to know about the men and women who serve at NSA and who serve at Cyber Command?

MICHAEL ROGERS:

So number one, they are incredibly motivated. Number two, they are very mission-focused. Number three, they represent the values of our society. They are just like the men and women that they defend and serve. They have the same values. They live the same kind of lives outside of work. They're us, they're U.S. citizens. I know that was frustrating in the work force at times because they would think to themselves, "We would never engage in those kinds of beh-- that's not who we are. You wouldn't--

MICHAEL MORELL:

When they read the paper.

MICHAEL ROGERS:

Right, project those values. That's not us." I'd also say, look at how tireless they are. As you saw in your, you know, career at the Central Intelligence Agency, you put them against a problem -- and one of my challenges as a leader, and I used to say this to leadership in the work force -- one of the characteristics of this work force, they will literally destroy themselves physically, their health, their marriages, their relationships.

They will be so work-focused and so committed to the mission that if we're not careful, they're going to eat themselves up. And remember, we want them for the long haul, not just for one crisis, not just for one tour or job. We want them for decades if we can.

And so we need to be able to help them sustain this high level of effort, this high level of motivation over time. And so when you have to sometimes say to somebody, you tap 'em on the shoulder, "You've been here for 20 hours. And this is the third day in a row I've watched you do this.

MICHAEL MORELL:

Go home.

MICHAEL ROGERS:

"You need to go home."

MICHAEL MORELL:

Go home.

MICHAEL ROGERS:

Or, "Hey, look, we're going to bring somebody in. They can handle this. I want you to come back. Take a day and a half. I'll see you." Or, "Get away for a while. Or, I'll see you a in few days, a week." As a leader, you just have to realize that. Because people aren't machines. They just don't keep running perpetually.

MICHAEL MORELL:

Mike, thanks so much for being with us.

MICHAEL ROGERS:

Well, thank you.

MICHAEL MORELL:

It's been great to have on you on the show.

MICHAEL ROGERS:

Thanks very much. And if I could just to the men and women of the intelligence profession, both who have previously served as well as those who continue to serve today, it was an honor to be part of that team. I look at the work that those motivated men and women continue today to do in the service of our nation. And I continue to stand in awe and just want to say thanks.

And, you know, lastly we're in a tough time right now. We're divided. Life is very divisive and very divided right now in many ways as a society. And the challenge I always thought for us as intelligence professionals is, we must retain our focus on mission and our values. And we cannot get sucked into those political things.

Those are important things that others should appropriately address. And I urge every employee whether you're a civilian or in uniform, you should all exercise your rights. You should all push for what you believe in. But remember: we don't do politics.

MICHAEL MORELL:

Absolutely right. Couldn't agree with you more. Thank you.

MICHAEL ROGERS:

Thank you, Michael.

* * *END OF TRANSCRIPT* * *