Curtis Dukes, head of the National Security Agency’s information assurance directorate, has said IAD personnel have been tapped to analyze data breaches in both public and private sectors over the past 18 months, FCW reported Tuesday.
Dukes told FCW reporter Sean Lyngaas in an interview that IAD has trained staff of the U.S. Cyber Command in order to help the command conduct its own training and address “resource pressures” linked to cyber attacks.
IAD specialists have started to address vulnerabilities in supervisory control and data acquisition platforms and other industrial control systems that work to support the power grid through the implementation of encryption layers called “wrappers,” he noted.
Dukes, also a computer scientist, tackled his involvement in the zero-day disclosure program that Michael Daniel, top cybersecurity adviser to President Barack Obama, currently leads.
“It’s a thoughtful discussion, trying to understand offensive capability but also understand the risk to the government in not disclosing that vulnerability,” he said.
The IAD chief also discussed his plan for the directorate to automate the review process of the Defense Department’s weapons systems for cyber vulnerabilities, Lyngaas reports.