Watchdog: NSA needs to boost insider-threat protocols – FCW.com
Oversight
The National Security Agency is still not fully implementing all necessary security protocols to minimize the potential of another Edward Snowden-like data breach, according to a newly declassified 2016 Pentagon watchdog report.
In the wake of the Snowden breach, the NSA outlined 40 privileged-access Secure-the-Net initiatives designed to guard against insider threats by tightening controls over data and monitoring of user access.
The Defense Department's Office of the Inspector General audited seven of the STN protocols and found that the NSA implemented or partially implemented four of the audit sample. Those related to developing a new system administration model, assessing the number of systems administrators, implementing two-stage authentication controls and deploying two-person access controls.
According to the heavily redacted report, the NSA culled the number of systems administrators and implemented a tiered system to take away privileged access from those who do not require it.
The report states the NSA only partially implemented two-stage authentication and two-person access controls and did not consistently secure server racks and other sensitive equipment in data centers and machine rooms.
The three audit initiatives where the NSA missed the mark were in reducing the number of privileged users and data transfer agents as well as fully implementing technology to oversee privileged-user activities.
NSA did not effectively implement the three initiatives because it did not develop an STN strategy that detailed a structured framework and methodology to implement the initiatives and measure completeness, states the audit. As a result, NSAs actions to implement STN did not fully meet the intent of decreasing the risk of insider threats to NSA operations and the ability of insiders to exfiltrate data.
The report states that prior to 2013, the NSA did not know how many privileged users and data transfer agents it had, and that throughout 2014 the number of DTAs actually increased.
The report acknowledges that it is not possible to protect against all insider threats, but stresses that NSA must at least implement all of its own stated protocols.
Although the NSA worked in a fluid situation, NSA should have developed a strategy that detailed a structured framework and methodology for implementing STN to ensure its actions were effective in mitigated vulnerabilities exploited during the security breach, the report states.
The NSAs woes did not end with the Snowden breach. In August 2016, a cryptic group or individual going by the name TheShadowBrokers announced it had acquired a trove of NSA hacking tools and has since been leaking some of the data in an attempt to seduce buyers to pay for the remaining stash.
It is still not clear whether the so-called ShadowBrokers obtained the data through an insider.
The DOD OIG report made three recommendations -- all of which were fully redacted -- and according to the document, the NSA agreed with the recommendations.
The NSA responded to questions about the audit from FCW with an email statement.
The National Security Agency operates in one of the most complicated IT environments in the world, the NSA stated. Over the past several years, we have continued to build on internal security improvements while carrying out the mission to defend the nation and our allies around the clock.
According to the statement, the NSA has undertaken a comprehensive and layered set of enterprise defensive measures to further safeguard operations and advance best practices across the Intelligence Community.
NSA has never stopped seeking and implementing ways to strengthen both security policies and internal controls, the statement concluded.
About the Author
Sean Carberry is an FCW staff writer covering defense, cybersecurity and intelligence. Prior to joining FCW, he was Kabul Correspondent for NPR, and also served as an international producer for NPR covering the war in Libya and the Arab Spring. He has reported from more than two-dozen countries including Iraq, Yemen, DRC, and South Sudan. In addition to numerous public radio programs, he has reported for Reuters, PBS NewsHour, The Diplomat, and The Atlantic.
Carberry earned a Master of Public Administration from the Harvard Kennedy School, and has a B.A. in Urban Studies from Lehigh University.
Originally posted here:
Watchdog: NSA needs to boost insider-threat protocols - FCW.com
- NSA (NSA) explains vesting, prorated FY2026 bonus and severance in merger with Public Storage - Stock Titan - March 20th, 2026 [March 20th, 2026]
- Sergio Gor meets NSA Ajit Doval discussing geopolitical issues - The Indian EYE - March 20th, 2026 [March 20th, 2026]
- National Storage Investor Alert: Kahn Swick & Foti, LLC Investigates Adequacy of Price and Process in Proposed Sale of National Storage Affiliates... - March 20th, 2026 [March 20th, 2026]
- Public Storage to Buy NSA: Is This a Smart Growth Move for Investors? - TradingView - March 20th, 2026 [March 20th, 2026]
- Was Russia an IMMINENT THREAT to US?: Rep Scott Perry grills NSA official on Ukraine war - The Economic Times - March 20th, 2026 [March 20th, 2026]
- NSA invoked against prime accused Aslam in banned meat supply case - thehitavada.com - March 20th, 2026 [March 20th, 2026]
- Watch | Indian Foreign Policy Confused; Were Not as Influential as We Used to Be: Former NSA - TheWire.in - March 20th, 2026 [March 20th, 2026]
- Russia Or Iran? Trumps NSA Cornered in Senate Over Military Action in Iran As War Enters 4th Week - Oneindia - March 20th, 2026 [March 20th, 2026]
- Need to Evolve The Office of the NSA Beyond Coordination to National Defence Strategy Nerve Centre - THISDAYLIVE - March 20th, 2026 [March 20th, 2026]
- Halper Sadeh LLC is Investigating Whether UNF, NSA, ULY, MPX are Obtaining Fair Deals for their ... - Bluefield Daily Telegraph - March 20th, 2026 [March 20th, 2026]
- Organized and technological: ICE resistance groups posing growing danger, warns former top NSA, DHS official - Fox News - March 18th, 2026 [March 18th, 2026]
- Declassified Report Reveals NSA Broke Surveillance Rules - Project On Government Oversight - March 18th, 2026 [March 18th, 2026]
- Gen. Joshua Rudd '93 confirmed as leader of U.S. Cyber Command, NSA; elevated to rank of general - Furman University - March 18th, 2026 [March 18th, 2026]
- Public Storage to Buy NSA: Is This a Smart Growth Move for Investors? - Zacks Investment Research - March 18th, 2026 [March 18th, 2026]
- National Storage (NSA) Climbs to Record High on $10.5-Billion Acquisition - Yahoo Finance - March 18th, 2026 [March 18th, 2026]
- Organized and technological: ICE resistance groups posing growing danger, warns former top NSA, DHS official - WFIN - March 18th, 2026 [March 18th, 2026]
- SHAREHOLDER ALERT: The M&A Class Action Firm Announces An Investigation of National Storage Affiliates Trust (NYSE: NSA) - PR Newswire - March 18th, 2026 [March 18th, 2026]
- National Storage Affiliates Trust (NYSE:NSA) Rating Increased to Neutral at BNP Paribas Exane - MarketBeat - March 18th, 2026 [March 18th, 2026]
- Is National Storage Affiliates Trust (NSA) Share Price Misaligned With Its DCF Estimate Today - Yahoo Finance - March 9th, 2026 [March 9th, 2026]
- Interview with 2026 AFI NSA Naples Spouse of the Year, Dannielle Niewald - Stripes Europe - March 9th, 2026 [March 9th, 2026]
- Iranian drones strike apartments in city thats home to NSA Bahrain - Stars and Stripes - March 7th, 2026 [March 7th, 2026]
- "At this point, US win is going to be pretty elusive," says former US Principal Dy NSA Jon Finer on Iran... - lokmattimes.com - March 7th, 2026 [March 7th, 2026]
- "Over next 5-10 years, you are likely to see emergence of new nuclear powers": Former US NSA official Jon... - lokmattimes.com - March 7th, 2026 [March 7th, 2026]
- China tends to pursue strategy of staying on good terms with everyone: Former US NSA official Finer - ANI News - March 7th, 2026 [March 7th, 2026]
- NSA (NSA) Executive Chair Fischer reports new OP unit awards and LTIP conversions - Stock Titan - March 4th, 2026 [March 4th, 2026]
- Cyber retaliation from Iran is a problem for U.S. companies 'It's in the hands of a 19-year-old hacker in a Telegram room,' ex-NSA operative says -... - March 4th, 2026 [March 4th, 2026]
- Ajit Doval Indias Most Useless NSA Ever Says Netizens: Zero Intel on Uri, Pulwama, Galwan, Iran War & More - indiaherald.com - March 4th, 2026 [March 4th, 2026]
- Sheep Village Cynefin to be launched by RWAS and NSA at the Royal Welsh Show - Shropshire Star - March 4th, 2026 [March 4th, 2026]
- Wyden blocks nominee to lead NSA and Cyber Command - Federal News Network - February 27th, 2026 [February 27th, 2026]
- Wyden blocks Rudd confirmation to lead Cyber Command, NSA - The Record from Recorded Future News - February 27th, 2026 [February 27th, 2026]
- NSA said to have seen security concerns in Grok - breakingthenews.net - February 27th, 2026 [February 27th, 2026]
- NSA: Solid Q4 Beat and Favorable 2026 Outlook, But Cost Pressures and High Expectations Justify Hold Rating - TipRanks - February 27th, 2026 [February 27th, 2026]
- Videotron and Samsung Expand Partnership Through 5G NSA and 4G LTE Core Gateway Deployment - samsung.com - February 24th, 2026 [February 24th, 2026]
- Videotron Taps Samsung for Cloud-Native 5G NSA and LTE Core Gateway Solution - The Fast Mode - February 24th, 2026 [February 24th, 2026]
- El-Rufai Demanded to Provide Evidence in NSA Hacking Claims - streamlinefeed.co.ke - February 24th, 2026 [February 24th, 2026]
- DSS to arraign El-Rufai on Feb. 25 over alleged NSA phone interception - Businessday NG - February 24th, 2026 [February 24th, 2026]
- Securus Technologies Supports Expansion of Sheriff-Led NSA I.G.N.I.T.E. Initiative to Improve Jail Safety and Reentry Outcomes - PR Newswire - February 7th, 2026 [February 7th, 2026]
- NSA set to deal with defiant parties, politicians, supporters on integrity of democratic process - ThePointNG - February 7th, 2026 [February 7th, 2026]
- Where NSA zero trust guidance aligns with enterprise reality - Help Net Security - February 4th, 2026 [February 4th, 2026]
- UNG third in Division 1 of NSA cyber event - University of North Georgia - February 4th, 2026 [February 4th, 2026]
- Green Beret Lieutenant General Joshua Rudd Tapped To Lead NSA and US Cyber Command - SOFREP - February 4th, 2026 [February 4th, 2026]
- SC Flags Health Concerns, Urges Rethink on Sonam Wangchuks NSA Detention - The Morning Voice - February 4th, 2026 [February 4th, 2026]
- What security teams need to know about the NSA's new zero trust guidelines - IT Pro - February 4th, 2026 [February 4th, 2026]
- 'India won't be bullied': NSA Ajit Doval told Marco Rubio that New Delhi would wait out Trump term for trade deal: Report - theweek.in - February 4th, 2026 [February 4th, 2026]
- When Protest becomes a Threat: Inside the Supreme Court hearing on Sonam Wangchuks NSA detention - SabrangIndia - February 4th, 2026 [February 4th, 2026]
- If NSA Commits Database Query Violations, But Nobody Audits Them, Do They Really Happen? - emptywheel - February 4th, 2026 [February 4th, 2026]
- Army general tapped to lead NSA vows to follow the law if confirmed - Military Times - February 1st, 2026 [February 1st, 2026]
- Overturned tractor-trailer shuts portion of Route 32 near NSA - WBAL-TV - February 1st, 2026 [February 1st, 2026]
- Nominee to lead NSA backs controversial spying law - Defense One - February 1st, 2026 [February 1st, 2026]
- NSA pick champions foreign spying law as nomination advances - The Record from Recorded Future News - February 1st, 2026 [February 1st, 2026]
- NSA Releases Phase One and Phase Two of the Zero Trust Implementation Guidelines - National Security Agency (.gov) - February 1st, 2026 [February 1st, 2026]
- Army General Tapped to Lead NSA Said He Doesnt Know Much About the Biggest NSA Controversy - The Intercept - February 1st, 2026 [February 1st, 2026]
- Trump's pick to lead the NSA vows to follow the law if confirmed - ABC News - February 1st, 2026 [February 1st, 2026]
- Trump's pick to lead the NSA vows to follow the law if confirmed - Oskaloosa Herald - February 1st, 2026 [February 1st, 2026]
- Trump's pick to lead the NSA vows to follow the law if confirmed - The Derrick - February 1st, 2026 [February 1st, 2026]
- Overturned tractor-trailer shuts westbound Maryland Route 32 near NSA exit, police say - WBAL News Radio - February 1st, 2026 [February 1st, 2026]
- SC to hear plea against Sonam Wangchuks NSA detention on February 2 - The New Indian Express - February 1st, 2026 [February 1st, 2026]
- Powys sheep sector to hear from Llyr Gruffydd at NSA meeting - County Times - February 1st, 2026 [February 1st, 2026]
- NSA calls for consultation on castration and tail docking to involve sheep farmers - cravenherald.co.uk - January 24th, 2026 [January 24th, 2026]
- NSA launches 13th annual survey for insight into cases of sheep worrying by dogs - Yahoo News UK - January 24th, 2026 [January 24th, 2026]
- NSA Ajit Doval says he doesn't use phone or internet. Here's why - MSN - January 14th, 2026 [January 14th, 2026]
- NSA Ajit Doval says he doesnt use phone or internet; shares views on Indias future and youth - WION - January 11th, 2026 [January 11th, 2026]
- Liberia: NSA Director's Special Assistant Suspended Amid Alleged Gang Sodomy of 15-Year-Old; Authorities Remain Silent - FrontPageAfrica - January 11th, 2026 [January 11th, 2026]
- 'Wars happen because some countries want to impose their will on others': NSA Ajit Doval - Deccan Herald - January 11th, 2026 [January 11th, 2026]
- We have to avenge our history: NSA Ajit Doval urges youth to make India great in every aspect - The Indian Express - January 11th, 2026 [January 11th, 2026]
- CISA, NSA, and Canadian Cyber Centre update Brickstorm analysis with new Rust-based variants - Industrial Cyber - January 11th, 2026 [January 11th, 2026]
- ROVER communication terminals approved for international use by NSA - Military Embedded Systems - January 9th, 2026 [January 9th, 2026]
- L3Harris ROVER and TNR systems gain NSA approval enabling secure coalition interoperability - Defence Industry Europe - January 9th, 2026 [January 9th, 2026]
- Former NSA insider Kosiba brought back as spy agencys No. 2 - The Record from Recorded Future News - January 9th, 2026 [January 9th, 2026]
- Trumps tariff threat to India self-inflicted wound: Former US NSA John Bolton - The Indian EYE - January 9th, 2026 [January 9th, 2026]
- NSA Scotland demands support for sheep farmers ahead of Holyrood elections - Farmers Guardian - January 9th, 2026 [January 9th, 2026]
- Announcing tariffs for purchasing Russian oil unfortunate: Former US NSA backs closer relationship with India - Punjab News Express - January 9th, 2026 [January 9th, 2026]
- NSA Ajit Doval likely to be part of Indian delegation at WEF in Davos - The New Indian Express - January 9th, 2026 [January 9th, 2026]
- "A lot of hot air": Former NSA John Bolton on Trump's remarks on possible action beyond Venezuela - ANI News - January 9th, 2026 [January 9th, 2026]
- NSA employee sues Trump administration over order on transgender rights and two 'immutable' genders - Yahoo - December 22nd, 2025 [December 22nd, 2025]
- NSA employee sues the Trump administration over transgender rights and 'immutable' genders - AP News - December 22nd, 2025 [December 22nd, 2025]
- Senior official at Indo-Pacific Command is set to be Trumps pick to lead Cyber Command, NSA - The Record from Recorded Future News - December 22nd, 2025 [December 22nd, 2025]
- NSA employee sues the Trump administration over transgender rights and 'immutable' genders - Temple Daily Telegram - December 22nd, 2025 [December 22nd, 2025]
- Potential NSA, Cyber Command leader nomination transmitted to Senate - Nextgov/FCW - December 22nd, 2025 [December 22nd, 2025]
- After Eight Months, White House Names Nominee To Head NSA And CYBERCOM - Defense Daily - December 22nd, 2025 [December 22nd, 2025]