Welcome to the National Security Agency - NSA/CSS

About IA at NSA Partners Rowlett Awards Award Recipients Background Nomination Procedures Links IA Client and Partner Support IA News IA Events IA Mitigation Guidance Media Destruction Guidance Security Configuration Guides Applications Archived Guides Cisco Router Guides Database Servers Fact Sheets Industrial Control Systems (ICS) IPv6 Operating Systems Supporting Documents Switches VoIP and IP Telephony Vulnerability Technical Reports Wireless System Level IA Guidance TEMPEST Overview TEMPEST Products: Level I Certified Confirmed Deficiencies Suspended Terminated No Longer Produced TEMPEST Products: Level II Certified Confirmed Deficiencies Suspended Terminated No Longer Produced TEMPEST Company POCs Certified Suspended Terminated Trusted Computing IA Academic Outreach National Centers of Academic Excellence in IA Education Colloquium Institutions SEAL Program IA Courseware Evaluation Program Institutions Student Opportunities IA Business and Research IA Business Affairs Office Certified Product Sales and Support Commercial COMSEC Evaluation Program Commercial Satellite Protection Program Independent Research and Development Program User Partnership Program Partnerships with Industry NIAP and COTS Product Evaluations IA Programs Commercial Solutions for Classified Program Global Information Grid High Assurance Platform HAP Technology Overview HAP Technology Partner Program HAP Resource Library Inline Media Encryptor Suite B Cryptography NSA Mobility Program IA Careers Contact Information

Skip Search Box

Searchbox

IA Business Affairs and Research

Not surprisingly in today's world, National Security Systems are fundamentally dependent on commercial products and infrastructure, or interconnect with other systems that are. This creates new and significant common ground between the Department of Defense and broader U.S. Government and homeland security needs. More and more, we find that protecting National Security Systems demands teaming with public and private institutions to raise the information assurance level of products and services more broadly. If done correctly, this is a win-win situation that benefits the whole spectrum of Information Technology (IT) users, from warfighters and policymakers, to federal, state, and local governments, to the operators of critical infrastructure and major arteries of commerce. The "Top Twelve Technical Security Challenges" reflect major focus areas for the Information Assurance Directorate (IAD) which may also present opportunities for industry.

IAD's Top Twelve Technical Security Challenges:

1. Intrusion Analysis & Tradecraft
2. Mobility
3. Endpoint Client security and integrity
4. Software assurance
5. Continuous monitoring
6. Virtualization, Platform Integrity, and Trusted Platform
7. Policy-based stored information management, protection, and access control (manage storage and access)
8. Real-time Intrusion Detection, Response, and Mitigation
9. Metrics and measurement of IA Posture
10. Translating network assurance to mission assurance
11. Security composition (synergy) of components of unknown assurance
12. Usability - transparent security