Keith Alexander Wants $1 Million Per Month For 'Cybersecurity' Consulting

from the hence-the-FUD dept

In May, we wrote about how ridiculous it was that former NSA boss Keith “collect it all” Alexander was now launching a cybersecurity consulting firm. After all, it’s difficult to think of anyone who has done so much to undermine cybersecurity as Keith Alexander. Now Bloomberg is reporting that he’s offering his “services” for the cut-rate price of $1 million per month. Yes, I’ll repeat that:

Keith Alexander wants banks and other companies to pay him $1 million per month to help them with their “cybersecurity.” At that price, I’d hope that he’s just selling them the location of the backdoors he ordered to be placed in all of their hardware and software. And idiotic banks are apparently willing to pay, rather than going with the much, much cheaper option of hiring an actual security expert:

Joining a crowded field of cyber-consultants, the former National Security Agency chief is pitching his services for as much as $1 million a month. The audience is receptive: Under pressure from regulators, lawmakers and their customers, financial firms are pouring hundreds of millions of dollars into barriers against digital assaults.

Either way, given that Alexander stands to profit quite nicely from his own undermining of cybersecurity, it’s obviously no wonder at all that he’s spent the past month exaggerating the “threat” of what’s out there, often taking it to ridiculous levels.

While Alexander is doing the exact same thing as his predecessors, pay attention to the various media coverage of Alexander in the coming months and years. He’s going to appear on TV and in newspapers and magazines a lot. And he will frequently be quoted spewing FUD about threats and how dangerous it is out there. And in almost none of those cases will any of the press covering him highlight the fact that Alexander stands to profit massively from keeping big banks and other companies scared shitless, so they hire him for $1 million a month to “protect” them from this threat that he both helped to create… and is now overhyping.

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Keith Alexander Wants $1 Million Per Month For 'Cybersecurity' Consulting”

Subscribe: RSS Leave a comment
Violynne (profile) says:

Iron Knee(tm*) alert.

Snowden is often accused of taking documents he’s holding for the “highest bidder” willing to grant him asylum, most notably from Alexander.

Yet, now that Alexander is free-lance, what better way to capitalize by selling that same information for $1 million per month.

Want to bet Alexander won’t be deemed a traitor for giving out the same exact information? It’s a sucker’s bet, so please help me get rich off a scam, too.

* not really trademarked.

Anonymous Coward says:

Re: Re:

If Snowden paid the market-value for the documents he took it would have been all fine. The damage to USA that NSA has been talking about is primarily the value of these informations on the markets. Hell, this is what liberalism is all about: Everything has a price and people not willing or able to pay up has to live without.

Snowden didn’t pay up so he is a thief of the multibillion dollar league. A damn communist and therefore a traitor!

observer says:

Re: Snake Oil

He’s trying to sell himself as a security expert because of his NSA connections, but think about it. The NSA let an ordinary (albeit highly intelligent) systems administrator get the better of them so comprehensively that they’re not even sure to what extent he got the better of them! I wouldn’t trust anyone connected with them to secure my garden shed. They might have the best tech (and if they don’t, you’ve got to wonder where their budget is going) and might even have some competent people working there, but overall? Not so much.

Rich Kulawiec (profile) says:

The security approach taken by banks

I’ve observed that most banks are willing to spend incredible amounts of money on consultants and software and hardware and audits and all kinds of stuff…while failing to do the simplest, easiest, cheapest, most fundamental things that would actually yield the biggest security wins.

One example out of hundreds: does your bank train its customers to be phish victims? Look at the most recent email message that they’ve sent you. Does it have any URLs in it?

If yes, then they’re idiots. If no, then congratulations: you’re a customer of the precious few banks with at least a modest clue about security.

John Fenderson (profile) says:

Re: The security approach taken by banks

Things I learned when doing software development for a major bank:

1) Banking is all about the customers trusting the bank. As a result, banks will spend a lot of money doing things that make it appear to customers that they are safe and secure.

2) Banks don’t care as much about hardening their systems against attacks as people think they do. It’s actually not that hard to rip off a bank through their computer systems.

3) The one thing that is hard is getting away with ripping off a bank. It’s certainly possible, but takes more brains and effort than most thieves have at their disposal.

4) Thefts happen all the time, and most of them are never reported to the public (by design). Banks just take the insurance money and make the affected customers whole, often without the customers ever knowing that they’d been ripped off in the first place.

Banks actually are a very safe place to put your money, but for different reasons than people imagine. It might get stolen, but the bank will replace it. The end effect of all of this is to make banking more expensive than it has to be.

Mike Masnick (profile) says:

Re: Re: Re: The security approach taken by banks

I agree, $12 mil a years is nothing, even for a small bank, $1Mil a months sounds actually cheap!

I guess it depends on how you want to spin it.

But what value are they actually getting for that $12 million? Perhaps if it were a known computer security expert, then, sure. But what value do you think Alexander really provides to a bank?

DannyB (profile) says:

Re: Re: The security approach taken by banks

Banking is all about the customers trusting the bank.

This is why banks need to spend money on good graphic designers that can make their web page give a good impression of safety and security.

Green checkmarked bullet points and green/gold safety shields go a long way. (This also works for anti-malware products — even if they do nothing. Example: many phony Android security anti-malware apps. In practice, android, iOS and linux malware is rare, and thus news. Windows malware is greeted with a yawn.)

John Fenderson (profile) says:

Re: Re: Re: The security approach taken by banks

Exactly. Perception is more important than reality (the TSA didn’t invent this concept!). Banks are likely betting that hiring Alexander will bolster the perception. In that view, it might be money well spent.

It’s unlikely that banks thing that hiring Alexander will actually let them increase security.

Anonymous Coward says:

Re: Re: Re:2 The security approach taken by banks

Banks are cooperating with law enforcement and undoubtably NSA. In that context he may be able to lower those costs in a sustainable manner. I don’t think banks will use as divisive a character as Alexander in a commercial context. At least not with common customers.

When it comes to security I don’t think he is worth much. Just because you can split a car into pieces, doesn’t mean you can repair one. And that is assuming he has learned a lot from his department. It is not easy for a military type to accept inferiority on any subject and especially not to a subordinate. Usually leadership skills in these positions entail avoiding technical subjects and trusting the person is somewhat capable of his craft, while the leader learns to translate from geek to language, military or language, legal or language, political.

Anonymous Coward says:

Re: The security approach taken by my credit union

If no, then congratulations: you’re a customer of the precious few banks with at least a modest clue about security.

No, I’m not a mere customer for a for-profit bank; I’m a member of a non-profit credit union with an immodest clue about security (Strict Transport Security (i.e., forced TLS), multi-factor authentication, no unsolicited emails (and no URLs in solicited emails)).

Why should I want to help pay for some asshole bankster’s/CxO’s next yacht? Instead, the credit union president (whom I voted for) receives reasonable compensation (no multi-millions), and I benefit from greater interest in my checking account than in any banks’ saving accounts (and no fucking fees).

Banks are for suckers (especially post-2008) and capitalists’ whores. The only non-suckers/whores in a bank are its owners ? at a credit union, every member is an owner.

Michael (profile) says:

Re: Re:

He will easily get companies to pay that much.

The executives that can make a decision to spend $1m/mo on a cyber-security consultant are a relatively small group, but many of them are highly divorced from technology. Just think of how many stories of them having their emails printed and read to them you have heard.

I worked for one of the largest media companies in the world and the CEO never touched a keyboard. He did, however, go to the country club with other crazy rich CEO’s and they would go into the locker room and measure. Getting the bragging rights of “my systems are protected by the former head of the NSA” – right up their alley.

Anonymous Coward says:

I knew global spying was really about economic espionage and getting dirt on politicians in order to influence their political policies.

Whoever controls the global spying machine, stands to profit handsomely from it. Just like Keith Alexander is about to profit from it. He knows the ins and outs of how the global spying machine works.

Global spying has always been about profits. Terrorism is just the “pretext” used to hide the global spying machines true purpose.

David says:

The deal is real

If the local Mafia offers your shop fire insurance at a premium, you take it. Or you leave town.

Personally, I prefer the message it would send if every business left the U.S.A., a whole country run by an organized crime syndicate calling itself “government” and considering itself above the law.

But that does not actually happen. A few people leave, a few people have their shops burn down. Most pay.

I have little doubt that Alexander will provide excellent foresight regarding just which shops will happen to burn down next.

SolkeshNaranek (profile) says:

Douchebags that serve the Kool-Aid, and the dochebags that drink it

It is too bad taxpayers and citizens ultimately foot the bill for banks that listen to bullshit spewed by idiots like Alexander.

I seem to recall during the financial crisis banks “needed” to pay their high ranking officers exorbitant salaries to keep the best and brightest working for them.

If these best and brightest are listening to the likes of Alexander, then someone at the helm (of those banks) has failed to noticed all the burnt out bulbs in upper management.

Annonimus says:

This is a racket

Even if the banks pay the 1 million a month to Keith Alexander to keep their systems safe there is no guarantee that he will keep them safe from every NSA backdoor he knows, the same way there is no guarantee the if you pay a gangster protection money that he won’t come in to wreck your store later if he feels like it.

Anonymous Coward says:

like Joe Morganelli, profiting from both ends

This is a lot like Joe Morganelli. He was once the biggest and wealthiest usenet pirate on the planet. Then he got busted and switched sides. Now he goes around screaming from every rooftop about how pervasive usenet piracy is and how it’s going to destroy every copyright-dependent business. Unless, of course, everyone hires him to defeat the scourge he helped create.

A very lucrative business plan indeed.

Anonymous Coward says:

Not Idiotic. Just Corrupt.

” And idiotic banks are apparently willing to pay, rather than going with the much, much cheaper option of hiring an actual security expert”

No, they’re not idiotic. They know who and what Alexander is. An actual security expert he is not. A former high ranking government official ready for his payout he is. The banks pull the stings of a lot of the government. The government responds and the banks make it worth while. One hand washes the other. Alexander knows how it works.

Anonymous Coward says:

Well damn, finally, now we know approximately how much his cut of the NSA Blackmail programs’ monthly take was, all we have to do is determine what his percentage was, to figure out the program’s total monthly income. Thanks Keith.

I suppose once you start making a few million a year under the table, its pretty darn hard to take any legal job that pays less.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...