By David Bates, Diplomatic Security Public Affairs
The National Security Agency (NSA) has awarded its most prestigious award for information assurance within the federal government to the U.S. Department of State’s bureaus of Information Resource Management (IRM) and Diplomatic Security (DS).
Deputy NSA Director John Inglis presented the IRM-DS team with the agency’s Frank Byron Rowlett Award for outstanding excellence in information systems security during a November 5, 2009 presentation at NSA headquarters at Ft. Meade, Maryland. Danny Toler, chief of IRM’s Office of Enterprise Network Management, accepted the award on behalf of the Department.
The award recognizes IRM and DS for their implementation of the Site Risk Scoring Team, an initiative that assesses the security of information systems at 370 separate U.S. Department of State locations, including 265 U.S. embassies and consulates around the world.
The program, developed by IRM’s Office of Enterprise Network Management and Office of Information Assurance and DS’s Office of Computer Security, produces a timely and detailed report card on the security status of Department of State computer systems, from the network level all the way down to its desktop computers and individual user accounts.
The site risk scoring initiative can identify security vulnerabilities in network management, such as application patches that need to be installed and deficient configurations. The program also provides system administrators and senior managers with a prioritized “get-well” roadmap for addressing those security needs quickly and efficiently.
The program has resulted in a significant improvement in the Department of State’s IT security posture by reducing overall risks to information systems connected to the Department’s global network by 90 percent in 2008.
The 2008 award was the second time in four years that Diplomatic Security has been honored with NSA’s Rowlett Award. DS’s Office of Computer Security was similarly honored by NSA in 2004.
“For State to have now won the Rowlett twice in the award’s 19-year history underscores the significance of the Site Risk Scoring team’s achievement.” said Donald R. Reid, senior coordinator of DS’s Security Infrastructure Directorate, which oversees the Office of Computer Security. “I am very proud of the contribution that DS’s Office of Computer Security has made in protecting the nation’s information systems.”
The Department of State team was selected from 15 contender organizations. The three finalists were the Department of State, DoD’s United States Strategic Command, and the United States Army.
The Rowlett Award is named for U.S. Army cryptanalyst Frank B. Rowlett who helped solve the first Japanese machine system — dubbed RED — for encipherment of diplomatic communications. From 1939-40, Rowlett played a major role in solving a much more sophisticated Japanese diplomatic cipher machine called PURPLE.
Rowlett also co-developed the SIGABA cipher machine, which was credited with saving American lives in combat by converting U.S. military information into a highly secure format during World War II. The Axis powers never solved the SIGABA cipher machine. After the war, Rowlett worked for the Central Intelligence Agency and the National Security Agency before retiring from federal service in 1966. He died in 1998 at the age of 90.
Rowlett’s son, Thomas M. Rowlett, attended this year’s ceremony and was a co-presenter of the award with Deputy NSA Director Inglis.
|DS's cyber defenders (left to right) Kevin Gallagher, Nick Girard, Senior Coordinator for Security Infrastructure Don Reid, John Dewar, Monitoring and Incident Response Division Chief Bobby Miller, Karawan Suqi, Benoit Flippen, Deirdre Regan, Craig Thompson, Monitoring and Incident Response Branch Chief Dwayne Hebert, Office of Computer Security Director Mary Sue Holland proudly display the Rowlett Award. U.S. Department of State Photo.|