Here's why Keith Alexander thinks he's worth a million dollars a month.
Keith Alexander, the recently retired director of the National Security Agency, left many in Washington slack-jawed when it was reported that he might charge companies up to $1 million a month to help them protect their computer networks from hackers. What insights or expertise about cybersecurity could possibly justify such a sky-high fee, some wondered, even for a man as well-connected in the military-industrial complex as the former head of the nation's largest intelligence agency?
The answer, Alexander said in an interview Monday, is a new technology, based on a patented and "unique" approach to detecting malicious hackers and cyber-intruders that the retired Army general said he has invented, along with his business partners at IronNet Cybersecurity Inc., the company he co-founded after leaving the government and retiring from military service in March. But the technology is also directly informed by the years of experience Alexander has had tracking hackers, and the insights he gained from classified operations as the director of the NSA, which give him a rare competitive advantage over the many firms competing for a share of the cybersecurity market.
The fact that Alexander is building what he believes is a new kind of technology for countering hackers hasn't been previously reported. And it helps to explain why he feels confident in charging banks, trade associations, and large corporations millions of dollars a year to keep their networks safe. Alexander said he'll file at least nine patents, and possibly more, for a system to detect so-called advanced persistent threats, or hackers who clandestinely burrow into a computer network in order to steal secrets or damage the network itself. It was those kinds of hackers who Alexander, when he was running the NSA, said were responsible for "the greatest transfer of wealth in American history" because they were routinely stealing trade secrets and competitive information from U.S. companies and giving it to their competitors, often in China.
Alexander is believed to be the first ex-director of the NSA to file patents on technology that's directly related to the job he had in government. He said that he had spoken to lawyers at the NSA, and privately, to ensure that his new patents were "ironclad" and didn't rely on any work that he'd done for the agency -- which still holds the intellectual property rights to other technology Alexander invented while he ran the agency.
Alexander is on firm legal ground so long as he can demonstrate that his invention is original and sufficiently distinct from any other patented technologies. Government employees are allowed to retain the patents for technology they invent while working in public service, but only under certain conditions, patent lawyers said. If an NSA employee's job, for instance, is to research and develop new cybersecurity technologies or techniques, then the government would likely retain any patent, because the invention was directly related to the employee's job. However, if the employee invented the technology on his own time and separate from his core duties, he might have a stronger argument to retain the exclusive rights to the patent.
"There is no easy black-and-white answer to this," said Scott Felder, a partner with the law firm Wiley Rein LLP in Washington, adding that it's not uncommon for government employees to be granted patents to their inventions.
A source familiar with Alexander's situation, who asked not to be identified, said that the former director developed this new technology on his private time, and that he addressed any potential infractions before deciding to seek his patents.
But Alexander started his company almost immediately after stepping down from the NSA. As for how much the highly classified knowledge in his head influenced his latest creation, only Alexander knows.
For the rest of the story: http://www.foreignpolicy.com/articles/2014/07/29/the_crypto_king_of_the_NSA_goes_corporate_keith_alexander_patents