nettimes_roving_reporter on Mon, 25 Oct 1999 13:43:05 +0200 (CEST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> NSA transitioning to commercial services model


OCTOBER 21, 1999 . . . 11:29 EDT

Super-secret NSA transitioning to commercial services model


The National Security Agency, the enigmatic signals intelligence arm of
the Defense Department, is breaking away from its traditional role of
building "black boxes" for encrypting highly classified information in
favor of offering security and certification services similar to those in
commercial industry. 

Mike Jacobs, deputy director of information systems at NSA, said that
while the agency "will always have a traditional portion of our business
building 'black boxes' . . . we are an organization in transition." 

The agency increasingly is offering security assessment, testing, red
teams and diagnostics services to other Defense and civilian agencies,
Jacobs said Wednesday at the National Information Systems Security
Conference. "This is the growth area [and a] burgeoning new business," he

Rather than doing all the testing and validation of its own products for
itself, NSA will be relying on the National Information Assurance
Partnership (NIAP), a joint validation effort between NSA and the National
Institute of Standards and Technology. 

In the past, NSA endorsed security products and procedures, and encouraged
their use by assuring members of the Defense and intelligence community
that such products would be "bulletproof" solutions, said Lou Giles, a
member of the NIAP from NSA. 

Now, instead of products receiving NSA's endorsement, agencies will have
to bring their protection profiles -- the description of their information
environment and security needs -- to NSA, which will then certify that
process as one that meets certain NSA-approved security standards. NSA
also will evaluate and certify proposals from vendors. 

"The customer still wants that NSA endorsement, Giles said. "But this is a
new philosophical paradigm of evaluation for commercial products that
we're moving to." 

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: and "info nettime-l" in the msg body
#  archive: contact: