Cryptographic Services
Investment ID: 014-000000523
Overview
Program Title
Cryptographic Services
Agency
Description
The Cryptographic Services investment is comprised of the Key Management Infrastructure (KMI), In-Line Network Encryption (INE), and Communications Security Audit (ComSec Audit) programs.This investment implements policies, procedures, and standards as they apply to Type I encryption devices and keys. It also manages the Department s communications security programs to include audit policy and execution.
Type of Program
Standard IT Investments
Multi-Agency Category
Not Applicable
Investment Detail
This investment is a National Security initiative that the cost benefit is derived from the availability and security of the Department of State's cryptographic communications assets. The INE Program eliminates the need for the multiple legacy classified communications systems currently used by the Department by providing a single secure, reliable, high capacity, scaleable IP-based global network. INEs are currently operational in 99% of the Department's domestic and foreign missions providing the capability to exchange classified information by e-mails, secure video teleconferencing, instant messaging, and official telegraphic traffic. INE consolidates all these legacy stovepipes into a single INE-based network. INE also provides the gateway to classified networks managed by other Foreign Affairs agencies, the Intelligence Community, and the Department of Defense. The centralization offered by the KMI Program has resulted in a reduction of deployment and support costs to Department Senior Leadership by centralized management of keying materials, maintenance of a centralized, web-based system which will manage the distribution, accounting, and records management of COMSEC materials 24x7. ComSec Audit helps to enhance the detection and prevention of data breaches by proactively auditing the Department's COMSEC material. The Department's global communications are encrypted to meet communications and cyber security requirements. Communications Security (COMSEC) material is the most sensitive material the Department of State (DoS) holds.In accordance with National Security Agency (NSA) Instruction CNSSI 4005 and DoS policies in 5 FAH-6 the COMSEC Audit Program inspects every DoS COMSEC account annually. Audits must be conducted to ensure that this critical material is handled in accordance with the standards required for its safeguarding. Because this investment provides benefits that are qualitative in nature, rather than quantitative, ROI is not calculated. While there are goals, objectives, and performance metrics captured for this program, no financial ROI is attached to these goals, objectives, and performance measurements. Metrics are calculated and managed on an on-going basis, vetted at multiple levels of IRM management, and they are used to determine the organization's return on investment.