NSA cyber director Luber to retire at month’s end

Editor’s Note: Story updated 5:30 p.m. to correct the descriptions of Luber’s retirement decision and of his previous role within Tailored Access Operations.

The head of the National Security Agency’s Cybersecurity Directorate will retire at the end of the month in another leadership shakeup at an agency reeling from the recent firing of its chief and mandated cuts to its workforce.

Dave Luber, who was named the NSA’s director of cybersecurity last year, will retire on May 30, according to three sources with knowledge of his decision. Luber, a 38-year NSA veteran, is retiring through traditional means and is not taking advantage of the early retirement option being offered by the agency as it aims to shed 8 percent of its civilian staff to align with a larger effort by the Trump administration to shrink the federal government.

One of these sources, who like the others spoke on the condition of anonymity, said Luber’s deputy and the directorate’s chief operating officer are also leaving the agency.

The NSA declined to comment.

Recorded Future News first reported in February that the NSA had begun to offer employees options to leave their careers early as part of the Department of Government Efficiency’s (DOGE) deferred resignation initiative.

Luber, who most recently served as the directorate’s No. 2, helped push the spy agency to improve intelligence-sharing on digital threats and better collaborate with critical infrastructure operators and industry.

Just last month the NSA and other U.S. entities teamed up with international partners to issue an advisory about a threat called fast flux, an advanced technique used by state-sponsored hackers and cyber criminals to control infrastructure and evade detection.

The need for better public and private collaboration has only grown in the wake of sweeping Chinese digital campaigns that saw state-linked hackers burrow into critical infrastructure entities and telecommunication companies.

The activity, labeled as Volt Typhoon and Salt Typhoon respectively, fundamentally altered how the U.S. views Beijing's hacking operations, shifting away from supporting intellectual property theft to pre-positioning inside of networks for potential warfare and traditional intelligence gathering.

China “demonstrated a new form of tradecraft and they've been caught in the act of using that tradecraft. But just because they've been caught doesn't mean that they're going to stop,” Luber told reporters at the RSA Conference in San Francisco last year.

“They're going to continue to develop tradecraft and look for ways to even evade some of the hunt guides that we've put in place.”

Last month, Luber was withdrawn from giving the annual “State of the Hack” address at RSA. Cyber Command Executive Director Morgan Adamski and other federal officials also cancelled their appearances, just days after Cyber Command and NSA chief Timothy Haugh was fired.

Prior to becoming the third chief since the cyber directorate was established in 2019, Luber was Cyber Command’s executive director — the digital warfare organization’s third-in-command and the highest-ranking civilian post. 

Among other roles over his nearly four decades in government, he served as the director of NSA Colorado and chief of the Remote Operations Center, which is under the agency’s elite hacking unit, known as Tailored Access Operations.

In a statement, former NSA Deputy Director George Barnes noted that Luber spent his entire career at NSA. "He started as a high school work study program participant and worked his way to leading NSA’s cybersecurity mission."

"Competent, caring, communicative, and all around great leader, Dave’s presence will be missed at NSA and in the national security arena," added Barnes, now the president of the cyber practice at incubation firm Red Cell.

"He deserves tremendous credit for his selfless service to our nation and his legacy will carry forward for many years to come."