Which agency is responsible for developing offensive and defensive cyber capabilities?

The National Security Agency (NSA) is responsible for developing both offensive and defensive cyber capabilities, as it is the primary U.S. agency tasked with signals intelligence and information assurance. The NSA focuses on protecting U.S. government communications and information systems while also conducting operations to exploit foreign systems and networks. This dual role is critical for national security, as it allows the agency to safeguard U.S. interests and respond to threats in the cyber domain.

In contrast, while agencies like the FBI primarily handle law enforcement and criminal investigations related to cyber crimes and cybersecurity threats, and the Department of Homeland Security (DHS) focuses on protecting the nation's critical infrastructure and coordinating cybersecurity efforts across sectors, their roles do not encompass the full spectrum of developing offensive capabilities. The Central Intelligence Agency (CIA) conducts intelligence operations but does not specialize in cyber capabilities to the same extent as the NSA. Hence, the NSA's comprehensive mandate in both domains establishes it as the correct answer.