Image courtesy of General Dynamics Mission Systems.
In this Q&A with Dave King, chief technical officer and senior fellow for Cyber Systems at General Dynamics Mission Systems, we discuss: the importance of evolving data-protection systems; the pros and cons of Type 1 vs. Commercial Solutions for Classified (CSfC) vs. Cryptographic High Value Products; and the role encryption will play in the Great Power competition.
Breaking Defense: What do you see as critical information security needs of the military, especially in light of the Great Power competition and all-domain operations? Where do the gaps exist?
Dave King, chief technical officer and senior fellow for Cyber Systems at General Dynamics Mission Systems.
King: Information is a strategic asset and protecting it against adversaries and cyberattacks is crucial to the security of the American people and protection of our nations intellectual property. On one hand, you have the need to know, on the other hand, the need to share the two are conflicting at times.
To ensure the integrity and security of the critical information as attacks are becoming more prevalent and complex, the solutions you integrate for network or storage protection, as well as user access, must be standards-based and modular. We are no longer in the times when you can deploy a crypto solution for 10+ years to secure against nation-state adversaries.
Our security solutions must modernize to integrate cleanly into the new weapon systems to give us the competitive edge. An example would be strong data protection for new, unmanned systems or the explosion of telework environments. Solutions from five years ago may not meet the needs of evolving missions. We need continuous adaption and upgrades to stay ahead of nation-state adversaries.
Another critical piece is military interoperability not only between the U.S. Department of Defense but with Five Eyes and coalition partners. The ability to enable secure communications and data sharing with partners and allies in a dynamic and modular way allow us to make decisions faster and act at the speed of mission relevance.
And finally, the most important critical need is ensuring a trusted supply chain. Both hardware and software products used to protect classified data must follow high-assurance development requirements and processes. A secure supply chain must include security and interoperability standards to ensure components are only from trusted and validated sources.
This is something inherent to traditional Type 1 crypto solutions as opposed to other commercial products or even layered commercial solutions like Commercial Solutions for Classified (CSfC).
Breaking Defense: For our readers who might not be familiar with Commercial Solutions for Classified (CSfC) vs. Type 1 security, what are the considerations for high-assurance in enterprise and tactical missions? Please explain and also connect to the missions and applications used by the military. Why should they care about this?
King: Both CSfC and high-assurance Type 1 solutions can be used to protect classified voice and data communications, but the security approach and lifecycle cost differ quite a bit. Choosing the right security solution should really be based on all your mission needs, which can be difficult to balance; there are many considerations to weigh.
The first thing is risk acceptance. How much risk are you willing to take based on your mission and the security level of the information you are protecting? Type 1 is National Security Agency (NSA) certified for broad use, while CSfC is an NSA approved way of building a solution with the layering of different products. This tends to make CSfC application specific and thus your local Designated Approving Authority (DAA) will need to assess and manage all of the residual risk.
A key point from earlier is supply chain. As I mentioned before, the supply chain for commercial-based products is not as rigorous as Type 1. The configuration management for Type 1 is regulated by the government, which is not true for purely commercial security products; this tends to add additional supply chain risks to CSfC solutions. Type 1 is certainly more trusted.
Another factor is interoperability. NSA Certified products ensure end-to-end interoperability to the government specifications (e.g., HAIPE or EDE-CIS) regardless of product vendor. The government requires all Type 1 network encryptor vendors to pass a well-defined series of interoperability tests.
There are other features that are typically found in Type 1 that are not built into Commercial Off The Shelf (COTS) products. First, there are environmental concerns that dictate the need for MIL-STD ruggedization and TEMPEST protections.
Second, there are mission focused features like Render Useless Zeroize for unmanned or leave-behind applications. Finally, the layering approach associated with CSfC can often degrade performance and add size, weight, power, and cost to tactical solutions.
I think there is a lot of confusion in the market about cost comparisons of the two solutions. Network administrators, users, and contracting specialists should really look at both capital and operating expenditures over the lifecycle of the solutions to get a realistic view. I know we have had customers surprised at how the costs for design, implementation, patching, and yearly registration of CSfC solutions add up. There is a perceived advantage of COTS devices and that is handling.
To address these gaps, the government has introduced Cryptographic High Value Products or CHVP encryptors. These products aim to bridge the mission gap joining the high-assurance security of Type 1 products so you get the trusted security and supply chain but with reduced handling and accountability that COTS products offer. I would recommend that your readers check out the GD Live webinar on this topic by visiting gdmissionsystems.com/chvp.
Breaking Defense: What are the ideal data-protection solutions to address warfighter needs in the present tactical scenarios as they relate to JADC2 and distributed operations, as well as continuing operations related to anti-terror?
King: Many of the same key points discussed earlier relate to the Great Power competition. The benefits of Type 1 high-assurance protection of classified data apply here, as well. The goal of JADC2 and all the related programs including ABMS, Project Convergence, and Project Overmatch aim to establish an interconnected tactical network that enables the sharing of sensor data between all military branches in every domain land, air, sea, space, and cyber.
These programs are gearing up to drive toward the right information brought to the right people in a secure manner. Secure access to this information is sure to give us a competitive advantage but again security and interoperability are critical, and must be transparent to the consumers of the information on this network.It must be interoperable with multiple systems and multiple users in multiple countries. We need warfighters focused on decisive actions of the mission, not the logistics behind a secure network or having security be a bottleneck to performance.
Another important element of joint programs where the internal and external attack surface is broadened is end-to-end encryption and strong authentication present at critical-entry points. Network security and confidentiality remains an important element of todays network architectures, including in micro-segmented Zero Trust frameworks.
I would also say that security solutions at the tactical edge like the TACLANE Network Encryption or Tactical Cross Domain Solutions need to right size to the individual user application and be interoperable all the way back to the enterprise and cloud-like infrastructures. Providing this range of security is an imperative because our nations adversaries will go after the weakest link in the chain.
Read more here:
Your tolerance for risk in critical comms will drive your security solution - Breaking Defense
- NSA fears quantum computing surprise: 'If this black swan event happens, then we're really screwed' - Washington Times - March 27th, 2024 [March 27th, 2024]
- The NSA Warns That US Adversaries Free to Mine Private Data May Have an AI Edge - WIRED - March 27th, 2024 [March 27th, 2024]
- Five ways to implement zero-trust based on NSA's latest guidance - SC Media - March 27th, 2024 [March 27th, 2024]
- Intel analyst shared classified information on Discord, investigators say - The Washington Post - March 27th, 2024 [March 27th, 2024]
- Water Systems Vulnerable To Cyber Attacks, NSA And EPA Warn Governors - Forbes - March 27th, 2024 [March 27th, 2024]
- Amritpal Singhs mother, kin of other NSA detainees go on hunger strike, want them to be shifted to Punjab jail - The Tribune India - February 24th, 2024 [February 24th, 2024]
- Rob Joyce leaving NSA at the end of March - CyberScoop - February 24th, 2024 [February 24th, 2024]
- NSA cyber director to step down after 34 years of service - Nextgov/FCW - February 24th, 2024 [February 24th, 2024]
- Behind Khattar govts U-turn on NSA against farm leaders, fear of rural blowback, Congress gain - The Indian Express - February 24th, 2024 [February 24th, 2024]
- Payday dispute prompts maintenance worker walkout at NSA Naples - Stars and Stripes - February 24th, 2024 [February 24th, 2024]
- CISA, NSA, and FBI Warn of Chinese Cyber Hacking Army The Presidential Prayer Team - The Presidential Prayer Team - February 24th, 2024 [February 24th, 2024]
- Cyber Security Headlines: Microsoft takes another hit, Energy giant hit by ransomware, the NSA is secretly buying your ... - CISO Series - January 30th, 2024 [January 30th, 2024]
- India now cooperating with Nijjar probe: Canada's NSA - IndiaTimes - January 30th, 2024 [January 30th, 2024]
- Google, WhiteSnake, Outlook, NSA, Juniper, Jason Wood, and More SWN #358 - SC Media - January 30th, 2024 [January 30th, 2024]
- Readout of NSA Jake Sullivan's Meetings with PM Srettha and DPM/FM Parnpree - US Embassy in Thailand - USEmbassy.gov - January 30th, 2024 [January 30th, 2024]
- NSA Admits Secretly Buying Your Internet Browsing Data without Warrants - The Hacker News - January 30th, 2024 [January 30th, 2024]
- Readout of NSA Jake Sullivan's Meeting with CCP Politburo Member, Director of the Office of the Foreign Affairs ... - US Embassy & Consulates in... - January 30th, 2024 [January 30th, 2024]
- Former NSA Saint has a chance to become repeat Super Bowl champion - The Suffolk News-Herald - Suffolk News-Herald - January 30th, 2024 [January 30th, 2024]
- NSA is buying Americans internet browsing records without a warrant - TechCrunch - January 30th, 2024 [January 30th, 2024]
- As NSA buys up Americans' browser records, Uncle Sam is asked to simply knock it off - The Register - January 30th, 2024 [January 30th, 2024]
- NSA buys sensitive data on Americans without any court order - KJZZ - January 30th, 2024 [January 30th, 2024]
- NSA Veteran Teresa Shea Joins Board of Directors of Two Six Technologies - ExecutiveBiz - January 30th, 2024 [January 30th, 2024]
- How the FBI, NSA are preparing for deepfakes and misinformation issue ahead of 2024 elections - CNBC - January 14th, 2024 [January 14th, 2024]
- AI is helping US spies catch stealthy Chinese hacking ops, NSA official says - CyberScoop - January 14th, 2024 [January 14th, 2024]
- AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director - TechCrunch - January 14th, 2024 [January 14th, 2024]
- NSA Director Paul Nakasone to Step Down in Early February - Bloomberg - January 14th, 2024 [January 14th, 2024]
- NSA says cybersecurity will gain many benefits with generative AI - ReadWrite - January 14th, 2024 [January 14th, 2024]
- FBI and NSA directors discuss their concerns about AI - WCBE 90.5 FM - January 14th, 2024 [January 14th, 2024]
- Looking back at 2023 with the NSA's Rob Joyce and Morgan Adamski - CyberScoop - January 14th, 2024 [January 14th, 2024]
- NSA: Benefits of generative AI in cyber security will outweigh the bad - ITPro - January 14th, 2024 [January 14th, 2024]
- AI Identified as Emerging Threat in Cyber Crime by NSA Director - CoinGape - January 14th, 2024 [January 14th, 2024]
- AI is helping China-backed hackers but it's also helping to hunt them down, NSA says - TechRadar - January 14th, 2024 [January 14th, 2024]
- Top 10 misconfigurations: An NSA checklist for CISOs - The Stack - October 20th, 2023 [October 20th, 2023]
- CISA and NSA Issues New Identity and Access Management Guidance for Vendors - TechRepublic - October 20th, 2023 [October 20th, 2023]
- How to Protect Against Evolving Phishing Attacks - National Security Agency - October 20th, 2023 [October 20th, 2023]
- NSA Shares Recommendations to Advance Device Security Within ... - National Security Agency - October 20th, 2023 [October 20th, 2023]
- Nansemond-Suffolk tennis falls to Norfolk Academy Thursday - The ... - Suffolk News-Herald - October 20th, 2023 [October 20th, 2023]
- NSA calls for a 'root and branch' review of Red Tractor - Farmers Guardian - October 20th, 2023 [October 20th, 2023]
- Israel's NSA warns of US intervention as Gaza conflict escalates - IndiaTimes - October 20th, 2023 [October 20th, 2023]
- The U.S. government is still in its Tumblr era. - Slate - October 20th, 2023 [October 20th, 2023]
- Biden's Cyber Command and NSA nominee seen as a pick for continuity - The Record from Recorded Future News - July 17th, 2023 [July 17th, 2023]
- 5 Reasons to Work for the NSA - ClearanceJobs - ClearanceJobs - July 17th, 2023 [July 17th, 2023]
- I will do my best as NSA: Ribadu promises - FRCN HQ - Federal Radio Corporation of Nigeria - July 17th, 2023 [July 17th, 2023]
- Plateau killings: Reps ask NSA to declare national emergency - TheCable - July 17th, 2023 [July 17th, 2023]
- 7th Deputy NSA Meeting of Colombo Security Conclave held in ... - ANI News - July 17th, 2023 [July 17th, 2023]
- Young shepherd from region wins NSA North Sheep trophy ... - Darlington and Stockton Times - July 17th, 2023 [July 17th, 2023]
- HBO film based on NSA leaker Reality Winner slated for May 29 ... - Military Times - May 18th, 2023 [May 18th, 2023]
- Tina Satter on why her NSA whistleblower film Reality is stranger than fiction - Financial Times - May 18th, 2023 [May 18th, 2023]
- Gen. Paul Nakasone Plans to Step Down as NSA Director ... - Executive Gov - May 18th, 2023 [May 18th, 2023]
- Readout of NSA Jake Sullivan's Meeting with CCP Politburo ... - US Embassy & Consulates in China - May 18th, 2023 [May 18th, 2023]
- Young sheep farmers to be given genetic boost by new NSA giveaway - The Scottish Farmer - May 18th, 2023 [May 18th, 2023]
- Sydney Sweeney wanted to be challenged by Reality: Its a different muscle playing someone who is real [Exclusive Video Interview] - Yahoo... - May 18th, 2023 [May 18th, 2023]
- Intercepted: The Biggest Whodunnit of the Century - The Intercept - May 18th, 2023 [May 18th, 2023]
- Personal injury + the No Surprises Act - Chiropractic Economics - May 18th, 2023 [May 18th, 2023]
- PM Narendra Modi e-inaugurating new office complexes of CBI at Shilong, Pune and Nagpur, commemorating the CBI diamond jubilee on Monday. Also seen... - April 4th, 2023 [April 4th, 2023]
- Special Collection Service - Wikipedia - March 31st, 2023 [March 31st, 2023]
- What is the NSA and how does it work? - SearchSecurity - February 5th, 2023 [February 5th, 2023]
- Watch: NSA Ajit Doval is Ambitious, Very Good at Sniffing Power and Being on the Right Side of itAS Dulat - The Wire - December 21st, 2022 [December 21st, 2022]
- Shockwaves win another championship, this time at the NSA Fresno Pilgrimfest - Lompoc Record - December 12th, 2022 [December 12th, 2022]
- EFCC secures forfeiture of N755m, luxury assets from ex-AGF, former aide to NSA The Nation Newspaper - The Nation Newspaper - November 23rd, 2022 [November 23rd, 2022]
- What is the National Security Agency? - Norwich University - October 25th, 2022 [October 25th, 2022]
- Cyber Security Today, Oct. 19, 2022 A warning from the NSA about nation-state attacks, and more - IT World Canada - October 21st, 2022 [October 21st, 2022]
- In the Alphabet Soup of Regulations, the NSA, GFE and AEOB Have Yet to Coalesce - RACmonitor - October 6th, 2022 [October 6th, 2022]
- Do not ignore any communication shared by NSCS, NSA: PM Modi to ministers - The Hindu - October 6th, 2022 [October 6th, 2022]
- NSA Announces Date of the National Cryptologic Museum Grand Opening - National Security Agency - October 2nd, 2022 [October 2nd, 2022]
- NSA and ACLU may face off in the Supreme Court over Wikipedia - Grid - October 2nd, 2022 [October 2nd, 2022]
- The NSA is Here to Help | Decipher - Duo Security - September 27th, 2022 [September 27th, 2022]
- Hollen, Raskin Join with NSA Bethesda Fire Fighters, IAFF Leaders to Highlight Progress on Efforts to Improve Base Conditions, Build New Facility |... - September 27th, 2022 [September 27th, 2022]
- CISA, FBI, NSA, Treasury, Cyber Command, and International Partners Release Advisory on Malicious Cyber Actors Affiliated with Iranian Government... - September 20th, 2022 [September 20th, 2022]
- NATFORCE: Buhari Finally Disbands Security Outfit After Senate Ignored NSA To Recognize Body The Whistler Newspaper - The Whistler Nigeria - September 20th, 2022 [September 20th, 2022]
- China Accuses NSA of Hacking Its Military Research University - VICE - September 9th, 2022 [September 9th, 2022]
- Behind the Toque: An Interview with NSA Noodle Bar Executive Chef Brooke Apfelbaum - greenpointers.com - September 9th, 2022 [September 9th, 2022]
- In the Garden: Tour gives Omahans a chance to see how a 'Bloom Box' works - Omaha World-Herald - September 9th, 2022 [September 9th, 2022]
- Three area teams pickup wins to start football season - The Suffolk News-Herald - Suffolk News-Herald - September 9th, 2022 [September 9th, 2022]
- NSA to reveal identities of big men behind oil theft in Nigeria Presidency - Daily Post Nigeria - August 22nd, 2022 [August 22nd, 2022]
- Former US Cyber Command and NSA chief makes the case for a cyber competition strategy | The Strategist - The Strategist - August 22nd, 2022 [August 22nd, 2022]
- Inaugural India-Central Asia NSA meeting to be held in December - WION - August 22nd, 2022 [August 22nd, 2022]
- Home | Open Source @ NSA - August 8th, 2022 [August 8th, 2022]
- Kennesaw State named top institution for cybersecurity outreach - Kennesaw State University - August 8th, 2022 [August 8th, 2022]
- US city of Boston to mark 75th anniversary of India's Independence with two-day extravaganza - NewsDrum - August 8th, 2022 [August 8th, 2022]