18 December 1998. By permission of Richard Lardner, DI&ER.
Defense Information and Electronics Report, December 18, 1998
Readers curious about the inner workings of the super-secret National Security Agency may be curious about the roles of the assorted divisions NSA references from time to time. Within the realm of information systems security, NSA makes cryptic references to divisions such as "X," "I3," and "C" -- typically without an explanation of what they are or what they do. Wondering this ourselves, we contacted NSA public affairs and asked for an explanation.
Several days later, the NSA response to our query was, "we don't normally divulge that information." Explanations that Defense Information and Electronics Report was not looking for sensitive data such as home telephone numbers -- just an organizational breakdown -- fell upon deaf ears. We were instructed we could make that request under the Freedom of Information Act.
So we turned to the FOIA Office, curious how responsive the agency might be. Less than two months later, we got our answer.
NSA supplied DI&ER with 13 pages of organizational charts, but all but two of hundreds of names are blacked-out. NSA revealed the Deputy Director for Information Systems Security is Michael Jacobs, and his assistant is John Nagengast (no surprises there). Beyond that, all positions are to remain anonymous. NSA employees are still provided business cards, though, which they are free to distribute as they see fit. We've even got a couple ourselves.
Interestingly, NSA did not conceal the office telephone numbers that appeared in the Research and Technology "R" division, and showed further equanimity by outlining the "R" mission -- to "manage a research & technology development program that supports NSA's [signals intelligence] and INFOSEC missions."
As a public service to our readers, the information supplied is reprinted in this issue, with all unsightly black redaction marks removed. And in case you were wondering -- "X" is network security, "I3" is Defensive Information Operations, and "C" is Security Evaluation.
-- Adam Hebert
http://jya.com/dier9850chart.pdf (22K; 6 pp.)
[JYA Note: Though informative, the charts appear to diagram only parts of NSA. We'd appreciate information on those missing <jy[at]jya.com>. Anonymous or encrypted mail welcome. PGP public keys: http://jya.com/jy-pk.htm .]