Fort Meade put out a press release yesterday, with details of The White House announcement that the President  has signed National Security Memorandum (NSM) 8, “Improving the Cybersecurity of National Security, Department of Defense and Intelligence Community Systems.”

From the press release:   “This Memorandum implements the cybersecurity requirements of EO 14028 for National Security Systems (NSS) – networks across the U.S. Government that contain classified information or are otherwise critical to military and intelligence activities. The Memorandum provides the Director of the NSA, General Paul M. Nakasone, in his role as the National Manager for NSS, with enhanced insight and authorities to better safeguard these systems.”

From the NSA Director, Paul M Nakasone:  “We stand ready to fulfill our role, and our responsibility, in securing our nation against foreign malicious actors, and any efforts to exploit our national security systems. As the nation’s leader in cryptography, NSA will play a significant role in ensuring cryptographic interoperability among national security system users through cryptographic standards for use on NSS,” said Gen. Nakasone.

If we are reading this memorandum correctly, it creates a whole-of-government portfolio, lead by General Nakasone, which includes:

• All NSS mitigation efforts in all Federal departments and agencies.
• All notification requirements of known or suspected incidents or compromises of NSS.
• New requirements for Federal departments and agencies to modernize encryption protocols used on national security systems.

What Next?

From our research and analysis, if there was any governmental centralization of cyber efforts trend, it was all pointing over to Director Easterly and CISA.  It is hard not to interpret this memorandum as a tactical response to the Russian gray-zone threat which has intensified in the last few weeks.   This NSS-level encryption approach looks like a hardening of defenses as the DEFCON changes over time relative to Putin’s moves and the hacking efforts of non-state actors affiliated with Russia.

It really comes down to ‘where’ in the architecture and ‘stack’ the NSS-layer or intersection sits in a critical system or critical infrastructure.  It will come down to a per department, per agency, per program assessment – and just how plug and play the NSA will be with each NSS system design and process.

This memorandum is a wildly interesting national security development.  Stay tuned for more OODA Loop coverage as details are made available.

Further Resources

NSA Press Release:  President Biden Signs Cybersecurity National Security Memorandum

Read the full memorandum

View the accompanying fact sheet.

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage

This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking

COVID-19 Sensemaking: What is next for business and governments

From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page.

Space Sensemaking: What does your business need to know now

A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast