What is the NSA's Raise the Bar?

Raise the Bar (RTB) is an initiative created by the NSA's NCDSMO to drive development and improve the cybersecurity of all cross domain solutions.
4 min read

Powered By:

dell-technologies-titaniumpartner-logo-01 (1)

Driving Cross Domain Development.

As the threat of cyber attacks from criminal organizations and nation-states evolves, military and government organizations must correspondingly work to improve the protection of sensitive networks and data.

 

The NSA created the National Cross Domain Strategy and Management Office (NCDSMO) to enhance the protection of these vulnerable systems from persistent threats, particularly those relating to cross domain activities.

 

In pursuit of this objective, the NCDSMO created Raise the Bar (RTB), an initiative designed to improve the cybersecurity of all cross domain solutions.

 

What are cross domain solutions (CDS)?

For the U.S. government to fulfill its mission objectives, information must be shared across international, governmental, agency, and classification boundaries. Because operational environments are increasingly dependent on the exchange of information hosted across multiple domains, CDS systems have become critical components of our national security infrastructure.

 

This need for instantly accessible data necessary to make real-time decisions outside of traditionally secure environments underlies the importance of CDS.

 

Cross domain solutions are controlled interfaces that provide the ability to manually or automatically access, and transfer information between different security domains and are required for connecting networks of different security levels. CDS make the sharing of information more secure and efficient.

 

CDS are multi-level security (MLS) applications deployed to protect U.S. government classified information, National Security Systems (NSS), and all cross domain solutions sold for export.

 

Raise the Bar is an NSA initiative to improve CDS security and capabilities

RTB’s initial guidelines were released in 2018, proposing a strategy to improve CDS security and capabilities considerably. RTB represents a set of security standards and requirements intended to minimize the risk of CDS systems failing, even under persistent attack.

 

Raise the Bar policy has identified four foundational concepts for a CDS – Redundant, Always Invoked, Independent Implementations, and Non-Bypassable – or RAIN.

 

The evolving standards of the NCDSMO and Raise the Bar are designed to combat evolving threats through the continued improvement of the effectiveness of CDS.

 

The RTB initiative offers strategies for architecture design improvement and focuses on improving the security of CDS data flow and content filtering controls. At the same time, RTB’s security standards set design and implementation requirements for CDS. RTB’s strategies include design, development, assessment, implementation, and use perspectives.

 

Raise the Bar set a new strategic direction for the cross domain community, focusing on developing CDS within the CSfC space and away from legacy Type 1 solutions.

 

Raise the Bar challenges

CDS has been deployed for decades, and legacy solutions are firmly embedded in the nation’s security infrastructure.

 

Replacing and/or upgrading existing infrastructures can be expensive, difficult, and time-consuming. Limited availability of cross-domain testing has created wait lists up to 9 months long before testing periods that can last an additional 6 months or more. Testing timelines can be lengthy.

 

Evolving RTB requirements favor adaptable and compatible solutions.

 

Raise the Bar successes

RTB’s goal has been improving the community’s ability to address emerging threats related to the use of cross domain in completing mission objectives.

 

The initiative has driven the development of increasingly complex and secure architectures. The high standards of RTB’s strategic guidelines have increased the security of CDS systems.

 

Driving innovation to improve cross domain processes.

 

National Cross Domain Strategy & Management Office (NCDSMO)

In 2018, the Department of Defense halted the development of new point-to-point CDS in favor of enterprise CDS managed and monitored by the newly formed National Cross Domain Strategy & Management Office within the NSA.

 

The NCDSMO has established specific technical requirements and certifications for cross domain solutions. The office’s guidance and standards include CDS architecture, design, development, engineering, implementation, system security, local and remote management and monitoring, and filtering.

 

NCDSMO functions include the oversight of cross domain activities across the U.S. Government, guidance for future development of cross domain technologies, oversight of the cross domain solutions testing program, and establishment and administration of security requirements for cross domain solutions used by the U.S. Government and Foreign Military Sales Program.

 

Raise the Bar’s guidelines were released on December 21, 2018.

 

Luckily, companies like Archon have gotten a jump on meeting RTB compliance by integrating our secure CSFC solutions into existing and new CDS development environments. Developing RTB compliant solutions that can be easily integrated into existing security architectures, or deployed as a standalone CDS.

 

The Archon Gateway

For those looking to build RTB solutions, the Archon Gateway offers reliable, turnkey, scalable security infrastructures to help meet your organization’s CSfC deployment needs.

 

The adaptability of our architectures provides optimal support and an RTB environment for the development of CDS. Find out how Archon can help with your cross-domain solutions.

Table Of Contents
Share this article
Topics

Get in touch.

Our team of experts has configured hundreds of solutions for organizations throughout the globe. Let us help you make security simple.