This post is also available in: heעברית (Hebrew)

The US National Security Agency (NSA) is about to undergo a major reorganisation, according to past and current agency officials. The world’s largest electronic spy agency will be merging its defensive and offensive divisions so it will be better equipped to tackle the digital threats of the modern age. The Signals Intelligence (SIGINT) and Information Assurance directorates – who in the past were charged with surveillance on foreign targets and protection of classified networks against foreign spying – the NSA will create a Directorate of Operations that will synergise the operational elements of the two.

“This traditional approach we have where we created these two cylinders of excellence and then built walls of granite between them really is not the way for us to do business,” said agency Director Admiral Michael S. Rogers.

“We’ve gotta be flat,” he said at the Atlantic Council last month. “We’ve gotta be agile.”

The move – dubbed NSA21 – has some serious bipartisan support at Washington among those lawmakers briefed on the matter. Within the agency itself, however, there is some concern regarding the merger, as well as in some Washington circles.

The cultures at the two divisions is starkly different, and the fear is that the clash between them will be difficult to reconcile. The Information Assurance (IA) Directorate builds relationships and good rapport with business interests, seeking vulnerabilities in software, most frequently disclosing them and issuing guidance to assist in patching. The other side of the barricade, where SIGINT is, is much more secretive and relies on the same vulnerabilities to exploit on foreign networks.

“You have this kind of clash between the closed environment of the sigint mission and the need of the information assurance team to be out there in the public and be seen as part of the solution,” said a former official. “I think that’s going to be a hard trick to pull off.”

In 2005, with the growth of the cyber threat, NSA director at the time, General Michael Hayden, decided to create a new organisation within the agency that could leverage intelligence data from overseas spy partners to defend against attacks on US networks. The National Threat Operations Centre (NTOC) “was wildly successful,” another former official said.

The NTOC proved that it is indeed possible and beneficial to be operating in this symbiotic manner, where defensive and offensive capabilities combine. Not only that, application of SIGINT know-how to the IA side would almost certainly bolster defensive capabilities. At least one area where the much larger SIGINT (with about 24,000 personnel to IA’s 3,000) has the advantage is in using big data analytics to quickly manipulate and analyse large volumes of information.

“What we want to do is take advantage of that knowledge, to apply it as needed to the IA analysis,” the second former official said.