(Updated: October 22, 2024)
For decades, the organizational structure of the NSA was classified, but since 2013 the Snowden documents provided hundreds of designators of internal divisions, branches and units, which allowed me to reconstruct the agency's internal structure.
From 2016 to 2017, the NSA was reorganized so that many of those designators may have changed. Some recent documents, however, provide designators from the current situation, which allows to start a reconstruction of the new structure as well.
The Integrated Cyber Center (ICC) and other new buildings at the NSA's East Campus
(photo: Brendan Smialowski/Getty Images)
(photo: Brendan Smialowski/Getty Images)
The reorganization of 2016
The organizational structure of the NSA as it emerged from the Snowden documents was established in the year 2000 under director Michael Hayden. In 2016, director Michael Rogers initiated a full reorganization under the name NSA21, in order to prepare the agency for the cyber challenges of the 21st century.
One of the most important (and controversial) changes was fusing the operational elements of the Signals Intelligence (SID) and Information Assurance (IAD) directorates into the new Directorate of Operations. The remaining information assurance activities were merged with the old Technology Directorate into the new Capabilities Directorate.
The hacking group Tailored Access Operations (TAO) was renamed into Computer Network Operations (CNO). The new structure as envisioned by NSA21 reached full operational capability in December 2017.
The new structure of the NSA as established by the NSA21 reorganization
(source: NSA - click to enlarge)
(source: NSA - click to enlarge)
On October 1, 2019, an additional Cybersecurity Directorate (CSD) was established to unify the NSA's foreign intelligence and cyber defense missions and to prevent and eradicate threats to National Security Systems (NSS) and the Defense Industrial Base (DIB). The CSD pulled its workforce from several directorates, including the Operations Directorate and its Computer Network Operations group.
The new organizational structure
A number of new designators from the NSA's current structure can be found in the extensive NSA/CSS Policy 12-3 Annex C from June 2023. Some other documents and press reports provide additional information, which results in the partial chart below.
Update: The NSA/CSS Civil Liberties and Privacy Program from November 2021 provides the internal top-level designators for all the agency's current directorates. The organization chart and the remarks below have been updated accordingly:
A: Workforce Support Activities (WSA)
B: Business Management and Acquisition (BM&A)
C: Cybersecurity Directorate (CSD)
D: Office of the Director
DC: NSA/CSS Chief of Staff (CoS)
...
D2: Office of General Counsel (OGC)
...
D5: Civil Liberties, Privacy, and Transparancy (CLPT)
D6: Diversity, Equality, and Inclusion (DEI)
...
D9: Risk Management Office (RMO)
I: Office of the Inspector General (OIG)
P: Engagement and Policy (E&P)
R: Research Directorate
X: Operations Directorate
Y: Capabilities Directorate
Chief Information Officer (CIO)
A2: National Cryptologic School (NCS)
B: Business Management and Acquisition (BM&A)
C: Cybersecurity Directorate (CSD)
D: Office of the Director
DC: NSA/CSS Chief of Staff (CoS)
...
D2: Office of General Counsel (OGC)
...
D5: Civil Liberties, Privacy, and Transparancy (CLPT)
D6: Diversity, Equality, and Inclusion (DEI)
...
D9: Risk Management Office (RMO)
I: Office of the Inspector General (OIG)
P: Engagement and Policy (E&P)
P1: ?
...
P7: Office of Compliance/Compliance Group
...
P7: Office of Compliance/Compliance Group
P75: Office of Compliance for Cybersecurity and Operations
R: Research Directorate
X: Operations Directorate
X43: Computer Network Operations (CNO)
Y: Capabilities Directorate
Chief Information Officer (CIO)
Some additional remarks (updated)
If we compare these current designators with the structure before 2016, we see that:
- The Office of the Director is still designated as "D" and may not have changed much, except for the Office of the Inspector General, which now has its own top-level designator (I), and at least two parts (the Office of Policy and the information security units) which have been transferred to the newly created Engagement & Policy Directorate (P).
- For the Inspector General (IG) this reflects that since the FY2014 Intelligence Authorization Act this official is appointed by the President and confirmed by the Senate. Previously, the IG was appointed by the Director of the NSA, who could also remove him. The first presidentially appointed NSA IG was Rob Storch, who served from 2018 to 2022.
- The position of the Chief Information Officer (CIO) is different: in 2020, the IG criticised that the CIO wasn't included in the organization charts of the agency and primarily served as head of one of the NSA's directorates, first Technology and now Capabilities.
- Other new directorates also got a top-level designator that wasn't used before 2016: Workforce Support Activities (A), Business Management and Acquisition (B), Cybersecurity (C) and Capabilities (Y). The Research Directorate however kept the letter R.
- The new Operations Directorate is designated by the letter X, which was already used under the old structure, although we don't know for what kind of activity. Maybe the previous X division was just temporary or very small as the only source that mentions it is a document about cable installations at NSA headquarters from 2007.
> See also: The NSA's regional Cryptologic Centers
4 comments:
RUSSIAN HYPERSONIC NUCLEAR MISSILE ATTACK On Washington State!!!
https://mega.nz/file/GR0gmBCA#VVV3frcpe_NVkMavT7mNEGtbaTQD90ruFDf5sl63QYs
Impressive work.
C5 is the cybersecurity collaboration center
X43 is CNO
Thanks for the addition!
Alpha = Directorate
A + 1 = Group
A + 2 = Office
A + 3 = Division
A + 4 = Section
A + 5 = Branch
A + 6 = Line
A + 7 = Team
EXAMPLE:
alpha=directorate X- ops
a+1=Group X3 info and intel A
a+2=Office X31 Eurasia&EWH
a+3=Division X311 Russia
a+4=Section X3112 Military for projection
a+5=Branch X31122 Strategic Forces
a+6=Line X311223 Strategic Navy
a=7=Team X3112231 Watch ops
-
Computer Network Operations (CNO) - X43
Cryptoanalysis and Signals Analysis (CASA) - X44
Collection and CNO Cap Dev - Y1D
Enterprise infra services dev - Y4D
mission engagement & assessments (MERA) - P6 / -> P615- IBSSO Watch
Orchestration Solutions - Y1D5 (OS)
Defense Platform Solution - Y1D5313
Y4D:
Y4D1- User facing service
Y4D12- Directory service
Y4D121- Active directory
Y4D122- Enterprise Defense services
Y4D14- Desktop services
Y4D142- Deployment services
Y4D2- Network services
Y4D23-Special Expeditionary IT
Y4D231- OCO Communication support service
Y4D232- Tactical services
Y4D4- Data center service
Y4D43- System management services
Y4D5 Operations support
X3 - Information and Intelligence Analysis
X3 Product Lines:
- X303 - Defense Special Missile & Aerospace Center (DEFSMAC)
- X31 - Eurasia & Western Hemisphere (EWH)
. Russian Strategic Navy Line (X311223)
- X32 - East Asia & Pacific (EAP)
- X33 - Near East, South & Central Asia and Africa (NESCAA)
- X34 - Counterterrorism (CT)
- X35 - Counter-intelligence & Cyber (CIC)
- X36 - Global Issues (GI)
-
Sensor and Data Operations (SDO) - X42
branches of SDO:
High Capacity Sensor Operations (HCSO)
Tailored Sensor Operations (TSO)
MUSKETEER
MINUTEMAN
-
CASA's Signals Analysis Division.
-
branches of Access Discovery and Analysis.
Radio Frequency Analysis Center (RFAC)
FORNSAT Discovery and Development (FDD)
Unidentified Signals and Support Branch
-
branches of Digital Communications Analysis and Techniques.
. Advanced Protocol Analysis
. Cyber Discovery
. DRAGON RF Exploitation
. High Capacity Discovery and Analysis
-
source: quizlet.com
Post a Comment