The normally secretive National Security Agency is revealing more details about its NSA21 campaign and plans to address threats into the next decade.
Officials with the agency say NSA’s two-pronged mission —foreign signals intelligence and information assurance — is not changing, but IA is getting a 21st century makeover.
The Information Assurance Directorate will still focus on safeguarding national security systems and defending cyber infrastructure, but is dropping “directorate” from its name. Curtis Dukes, NSA’s director of IA, will get a title change from director to deputy national manager of national security systems, and will oversee the IA portfolio and how it applies to the six new directorates under NSA21.
The new directorates are: research, business management & acquisition, capabilities, operations, engagement & policy, and workforce & support activities.
In February, Adm. Mike Rogers, NSA’s director and commander of the U.S. Cyber Command, unveiled details of NSA21’s roadmap, the first reorganization of the agency in 20 years. Officials say it will take about two years to fully implement the changes.
During the campaign, NSA will continue to build on its partnership with industry, officials said, to build better products and provide the most secure services.
In June NSA created the Commercial Solutions for Classified program, which agency officials said “shocked everybody.”
The program lays out requirements for things like accessing a classified system on a commercial handset, officials offered by example.
“I think that really bolstered our reputation,” one official said. “We were literally putting out for all to see … this is what it takes.”
Speaking to reporters during an Aug. 16 briefing at the Information Assurance Symposium in Washington, Dukes said his agency is always learning and ready to defend against threats to the American people, warfighters and information systems.
But American adversaries are also attacking “through economic advantage.”
Enemies are stealing blueprints for fighter jets, and intellectual property from industry. They’re also stealing identities and personal information like the kind stolen during the Office of Personnel Management breach or Sony hack.
“Everything is now interconnected,” Dukes said, and that means more opportunities for adversaries to attack critical infrastructure and through the Internet of Things.
Dukes said in the past 18-24 months, NSA in a partnership with the Homeland Security Department and FBI, provided incident response in the aftermath of cyber attacks on the Executive Office of the President, State Department, Joint Chiefs of Staff and OPM.