|The Committee on National Security Systems (CNSS) has been in existence since 1953. The CNSS (formerly named the National Security Telecommunications and Information Systems Security Committee (NSTISSC)) was established by National Security Directive (NSD)-42, “National Policy for the Security of National Security Telecommunications and Information Systems. This was reaffirmed by Executive Order (E.O.) 13284, dated January 23, 2003, “Executive Order Amendment of Executive Orders and Other Actions in Connection with the Transfer of Certain Functions to the Secretary of Homeland Security” and E.O. 13231, “Critical Infrastructure Protection in the Information Age” dated October 16, 2001. Under E.O. 13231, the President redesignated the NSTISSC as CNSS. The Department of Defense continues to chair the Committee under the authorities established by NSD-42.
|The Secretary of Defense is the Executive Agent for the Federal Government for National Security Systems (NSS).
The Director, National Security Agency (NSA), is the National Manager and is responsible to the Executive Agent.
The CNSS is chaired by the Assistant Secretary of Defense for Network and Information Integration/Department of Defense Chief Information Officer (ASD/NII DOD CIO) and is comprised of voting Members from 21 USG Executive Branch departments and agencies, as well as Observers representing 11 additional organizations.
The Chair signs national policies and directives and the National Manager signs and issues national IA directives, guidelines, instructions, and advisories. The Information Assurance (IA) Director is NSA’s principal Member of the Committee. NSA also provides support through the CNSS Secretariat to ensure that the CNSS is able to fulfill its roles and responsibilities.
| The CNSS provides a forum for the discussion of policy issues, and is responsible for setting national-level Information Assurance policies, directives, instructions, operational procedures, guidance, and advisories for U.S. Government (USG) departments and agencies for the security of National Security Systems (NSS) through the CNSS Issuance System. The CNSS is directed to assure the security of NSS against technical exploitation by providing: reliable and continuing assessments of threats and vulnerabilities and implementation of effective countermeasures; a technical base within the USG to achieve this security; and support from the private sector to enhance that technical base assuring that information systems security products are available to secure NSS.
The CNSS consists of a Committee, a Subcommittee, and various Working Groups. The Champions, chairs, and subject matter experts, recruited from the Member/Observer departments/agencies, participate as Committee and Subcommittee representatives and as experts on working groups focusing on the development of relevant IA guidance documents. The working groups generally create IA policies, directives, and instructions (referred to as “guidance documents”) for CNSS review, approval, and promulgation.
The increasing cyber threat inherent in today’s changing and complex cyber environment makes the need for increased and continuing synergy within the CNSS Membership and between industry, academia, and our foreign partners a crucial part of IA guidance formulation. Included in this combined effort is cybersecurity collaboration which the CNSS promotes among owners of Federal NSS, Federal non-NSS, and non-Federal systems. CNSS is the cornerstone for IA guidance collaboration efforts.
|The CNSS Secretariat provides support to the CNSS, as well as to the greater IA Community including all USG departments and agencies, industry, academia, and Allied nations. The Secretariat assists the Members and Observers of the CNSS in identifying, articulating, presenting, and developing national CNSS policy issues. They develop agendas for Committee, Subcommittee, and working group meetings; participate in the various CNSS working groups; lead the CNSS Annual Conference for over 200 Members, Observers, and other participants; and coordinate the review and approval of foreign release of IA products and information through the CNSS Members and the SIGINT Committee. The Secretariat is responsible for establishing and maintaining a system for promulgating national policies, directives, instructions, and other guidance and maintains an unclassified and classified (i.e., SIPRNET) web presence. In addition to assisting the CNSS in developing and issuing national IA policy and guidance, they promote awareness and partnerships among these different groups and participate in various CNSS working groups.