Watchdog: NSA needs to boost insider-threat protocols – FCW.com

Category: NSA

Oversight

The National Security Agency is still not fully implementing all necessary security protocols to minimize the potential of another Edward Snowden-like data breach, according to a newly declassified 2016 Pentagon watchdog report.

In the wake of the Snowden breach, the NSA outlined 40 privileged-access Secure-the-Net initiatives designed to guard against insider threats by tightening controls over data and monitoring of user access.

The Defense Department's Office of the Inspector General audited seven of the STN protocols and found that the NSA implemented or partially implemented four of the audit sample. Those related to developing a new system administration model, assessing the number of systems administrators, implementing two-stage authentication controls and deploying two-person access controls.

According to the heavily redacted report, the NSA culled the number of systems administrators and implemented a tiered system to take away privileged access from those who do not require it.

The report states the NSA only partially implemented two-stage authentication and two-person access controls and did not consistently secure server racks and other sensitive equipment in data centers and machine rooms.

The three audit initiatives where the NSA missed the mark were in reducing the number of privileged users and data transfer agents as well as fully implementing technology to oversee privileged-user activities.

NSA did not effectively implement the three initiatives because it did not develop an STN strategy that detailed a structured framework and methodology to implement the initiatives and measure completeness, states the audit. As a result, NSAs actions to implement STN did not fully meet the intent of decreasing the risk of insider threats to NSA operations and the ability of insiders to exfiltrate data.

The report states that prior to 2013, the NSA did not know how many privileged users and data transfer agents it had, and that throughout 2014 the number of DTAs actually increased.

The report acknowledges that it is not possible to protect against all insider threats, but stresses that NSA must at least implement all of its own stated protocols.

Although the NSA worked in a fluid situation, NSA should have developed a strategy that detailed a structured framework and methodology for implementing STN to ensure its actions were effective in mitigated vulnerabilities exploited during the security breach, the report states.

The NSAs woes did not end with the Snowden breach. In August 2016, a cryptic group or individual going by the name TheShadowBrokers announced it had acquired a trove of NSA hacking tools and has since been leaking some of the data in an attempt to seduce buyers to pay for the remaining stash.

It is still not clear whether the so-called ShadowBrokers obtained the data through an insider.

The DOD OIG report made three recommendations -- all of which were fully redacted -- and according to the document, the NSA agreed with the recommendations.

The NSA responded to questions about the audit from FCW with an email statement.

The National Security Agency operates in one of the most complicated IT environments in the world, the NSA stated. Over the past several years, we have continued to build on internal security improvements while carrying out the mission to defend the nation and our allies around the clock.

According to the statement, the NSA has undertaken a comprehensive and layered set of enterprise defensive measures to further safeguard operations and advance best practices across the Intelligence Community.

NSA has never stopped seeking and implementing ways to strengthen both security policies and internal controls, the statement concluded.

About the Author

Sean Carberry is an FCW staff writer covering defense, cybersecurity and intelligence. Prior to joining FCW, he was Kabul Correspondent for NPR, and also served as an international producer for NPR covering the war in Libya and the Arab Spring. He has reported from more than two-dozen countries including Iraq, Yemen, DRC, and South Sudan. In addition to numerous public radio programs, he has reported for Reuters, PBS NewsHour, The Diplomat, and The Atlantic.

Carberry earned a Master of Public Administration from the Harvard Kennedy School, and has a B.A. in Urban Studies from Lehigh University.

Originally posted here:
Watchdog: NSA needs to boost insider-threat protocols - FCW.com

NSA Warns iPhone And Android UsersClose All Apps If You See This - Forbes - September 17th, 2025 [September 17th, 2025]
US' Ex-NSA John Bolton: Trump Should Call Modi, Fix Relations, And Visit India For QUAD Summit' - Times of India - September 17th, 2025 [September 17th, 2025]
'Come To India': Ex-NSA's Words Of Wisdom To Trump On Tariff, Indo-US Ties - Times of India - September 17th, 2025 [September 17th, 2025]
Video NSA whistleblower Reality Winner on rebuilding her life in new memoir - ABC News - September 17th, 2025 [September 17th, 2025]
Former US NSA calls India proud and strong, criticises Trumps India strategy - The Shillong Times - September 17th, 2025 [September 17th, 2025]
Video | Ex-US NSA's Explosive Interview: 'Navarro Keeps Picking Fights' - NDTV - September 15th, 2025 [September 15th, 2025]
NSA, EFCC, DSS urged to probe alleged funding of bandits in Zamfara - The Guardian Nigeria News - September 15th, 2025 [September 15th, 2025]
Ex-US NSA Reveals Navarro Once Attempted Confrontation Between Donald Trump, PM Modi - News18 - September 15th, 2025 [September 15th, 2025]
Navarro tried to provoke Modi-Trump clash, claims ex-US NSA; says India should ignore the sideshow - Moneycontrol - September 15th, 2025 [September 15th, 2025]
'Erratic behaviour': Ex-US NSA John Bolton slams Trumps India tariffs; rejects claim of brokering India- - The Times of India - September 13th, 2025 [September 13th, 2025]
Unqualified to be US Ambassador to India: Ex-US NSA slams Sergio Gor nomination; dismisses Navarros re - The Times of India - September 13th, 2025 [September 13th, 2025]
Trump's not thinking about the effects of his actions: Ex-US NSA John Bolton - The Times of India - September 13th, 2025 [September 13th, 2025]
NSA leaker Reality Winner is rebuilding her life -- and looking back at her past - NPR - September 13th, 2025 [September 13th, 2025]
India should see Trump as one-time proposition: Ex-US NSA John Bolton flags number of concerns on Indian side - Mint - September 13th, 2025 [September 13th, 2025]
Peter Navarro Tried To Start Fight Between Trump, PM Modi: Ex US NSA - NDTV - September 13th, 2025 [September 13th, 2025]
'Erratic behaviour': Ex-US NSA John Bolton slams Trumps India tariffs; rejects claim of brokering India-Pak peace - MSN - September 13th, 2025 [September 13th, 2025]
India should see Trump as one-time proposition and act in its national interest: Ex-US NSA John Bolton - Tribune India - September 13th, 2025 [September 13th, 2025]
Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' - The Record from Recorded Future News - September 11th, 2025 [September 11th, 2025]
Cyber Command, NSA to remain under the leadership of one person - SC Media - September 11th, 2025 [September 11th, 2025]
CISA, NSA and Partners Release Shared Vision of Software Bill of Materials for Cybersecurity Guide - Homeland Security Today - September 11th, 2025 [September 11th, 2025]
New Research Reveals How NSA is Affecting Providers, Consumers - MedLearn Publishing - September 11th, 2025 [September 11th, 2025]
NSA, CISA and others urge for unified approach to strengthen cybersecurity resilience - Digital Watch Observatory - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - KREM - September 9th, 2025 [September 9th, 2025]
NSA Director-General reassigned to Ministry of Finance - GhanaWeb - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - ABC10 - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - 12News - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - 13newsnow.com - September 6th, 2025 [September 6th, 2025]
Trump expected to nominate Lt. Gen. William Hartman to lead NSA, Cyber Command - Politico - September 5th, 2025 [September 5th, 2025]
Trumps personal rapport with PM Modi is gone, says former US NSA John Bolton; warns ties wont shield le - The Times of India - September 5th, 2025 [September 5th, 2025]
Trump threw aside India ties for family's business with Pakistan, says Ex-US NSA Jake Sullivan | Latest News India - Hindustan Times - September 5th, 2025 [September 5th, 2025]
CISA, NSA, global partners release SBOM Guidance urging cross-border adoption to boost software supply chain security - Industrial Cyber - September 5th, 2025 [September 5th, 2025]
Trump wrecked India ties for business interests in Pakistan: Fmr NSA | World News - The Times of India - September 5th, 2025 [September 5th, 2025]
Core4ce Appoints Former NSA Cybersecurity Director David Luber to Board of Advisors - Business Wire - September 5th, 2025 [September 5th, 2025]
Court to Either Trash or Withhold Controversy 'NSA Calls Log Evidence' Today - liberianobserver.com - September 5th, 2025 [September 5th, 2025]
Trump-Modi's very good relationship is gone now: Former US NSA Bolton - Business Standard - September 5th, 2025 [September 5th, 2025]
'Threw India ties aside for Pakistan business': Ex-US NSA Jake Sullivan blasts Trump; calls it a 'huge st - The Times of India - September 3rd, 2025 [September 3rd, 2025]
Former NSA Jake Sullivan accuses Trump of prioritising familys business ventures in Pakistan over India relations - The Indian Express - September 3rd, 2025 [September 3rd, 2025]
Predicting NSA.PRA trend using moving averages - Trade Volume Report & AI Powered Buy/Sell Recommendations - Newser - September 3rd, 2025 [September 3rd, 2025]
Is it time to cut losses on NSA.PRA - 2025 Year in Review & Real-Time Buy Zone Alerts - Newser - September 3rd, 2025 [September 3rd, 2025]
Can trapped investors hope for a rebound in NSA.PRB - July 2025 Action & Daily Profit Focused Stock Screening - Newser - September 1st, 2025 [September 1st, 2025]
Price action breakdown for NSA.PRA - July 2025 Pullbacks & Risk Adjusted Buy/Sell Alerts - Newser - September 1st, 2025 [September 1st, 2025]
Can a trend reversal in NSA.PRA lead to recovery - CPI Data & AI Powered Buy and Sell Recommendations - Newser - September 1st, 2025 [September 1st, 2025]
NSA, Other Agencies Release Advisory Against China-Sponsored Cyberthreats - ExecutiveGov - August 29th, 2025 [August 29th, 2025]
NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs - Security Affairs - August 29th, 2025 [August 29th, 2025]
Former National Security Agency (NSA) Director and Commander of U.S. Cyber Command Joins Accrete, Inc. as Strategic Board Advisor - Yahoo Finance - August 29th, 2025 [August 29th, 2025]
NSA.PRA stock outlook for YEAR - Quarterly Profit Summary & Long-Term Safe Investment Ideas - Newser - August 29th, 2025 [August 29th, 2025]
NSA, FBI, Others Say Chinese Tech Firms are Aiding Salt Typhoon Attacks - Security Boulevard - August 29th, 2025 [August 29th, 2025]
American brand globally is in the toilet: Former US NSA Jake Sullivan says Trumps massive trade offen - The Times of India - August 29th, 2025 [August 29th, 2025]
CISA, NSA, And FBI Warn Of Ongoing Chinese State-Sponsored Cyber Espionage - Information Security Buzz - August 29th, 2025 [August 29th, 2025]
What recovery options are there for NSA.PRA - July 2025 Update & Verified Momentum Watchlists - Newser - August 27th, 2025 [August 27th, 2025]
Top Resilience and Healthcare Keynote Speaker, Artist, Burn Survivor, and Entrepreneur, Allison Massari, Inducted into NSA Speaker Hall of Fame--A... - August 27th, 2025 [August 27th, 2025]
Top Resilience and Healthcare Keynote Speaker, Artist, Burn Survivor, and Entrepreneur, Allison Massari, Inducted into NSA Speaker Hall of Famea... - August 27th, 2025 [August 27th, 2025]
Joseph Francescon Announced as Next NSA Deputy Director - Homeland Security Today - August 26th, 2025 [August 26th, 2025]
Former National Security Agency (NSA) Director and Commander of U.S. Cyber Command Joins Accrete, Inc. as Strategic Board Advisor - PR Newswire - August 26th, 2025 [August 26th, 2025]
Former CRPF DG Anish Dayal Singh appointed deputy NSA - The Hindu - August 26th, 2025 [August 26th, 2025]
FBI raids Trump ex-NSA John Bolton days after outburst on India tariff - Tribune India - August 24th, 2025 [August 24th, 2025]
Is NSA.PRA reversing from oversold territory - 2025 Short Interest & Risk Adjusted Buy and Sell Alerts - Newser - August 24th, 2025 [August 24th, 2025]
Will a bounce in NSA.PRB offer an exit - Swing Trade & Weekly Top Performers Watchlists - Newser - August 24th, 2025 [August 24th, 2025]
Who is John Bolton? From Trump's ex-NSA to FBI target in classified information probe - Hindustan Times - Hindustan Times - August 22nd, 2025 [August 22nd, 2025]
Former intelligence analyst is named NSA deputy director - The Washington Post - August 22nd, 2025 [August 22nd, 2025]
FBI Raids Former US NSA John Bolton's Home Days After He Criticised Trump's Tariffs On India - Republic World - August 22nd, 2025 [August 22nd, 2025]
FBI raids home of former NSA John Bolton as part of investigation into classified documents - Audacy - August 22nd, 2025 [August 22nd, 2025]
'Sanctions don't prohibit': Former Trump NSA John Bolton on India buying Russian oil | Latest News India - Hindustan Times - Hindustan Times - August 22nd, 2025 [August 22nd, 2025]
FBI raids Trump's former NSA John Bolton's Maryland residence after India tariffs outburst - theweek.in - August 22nd, 2025 [August 22nd, 2025]
FBI raids ex-Trump NSA John Boltons house, days after he criticised penalty tariffs on India - ThePrint - August 22nd, 2025 [August 22nd, 2025]
'Sanctions don't prohibit': Former Trump NSA John Bolton on India buying Russian oil - MSN - August 22nd, 2025 [August 22nd, 2025]
Will NSA.PRB outperform during market rallies - Portfolio Performance Report & Verified Technical Signals - baoquankhu1.vn - August 22nd, 2025 [August 22nd, 2025]
TYC stages another protest as Chinese FM Wang Yi meets Indias NSA Doval - Phayul - August 20th, 2025 [August 20th, 2025]
News - The Future of Fitness: NSA Souda Bay and MWR Raise the Bar - DVIDS - August 20th, 2025 [August 20th, 2025]
There is an upward trend in India-China ties, NSA Ajit Doval says - The Economic Times - August 20th, 2025 [August 20th, 2025]
Heltonville's Matt Craig Honored with Circle of Corydon Award for NSA - Hoodline - August 18th, 2025 [August 18th, 2025]
Trump's Former NSA John Bolton Rips Tariffs On Russian Oil As 'Unforced Error,' Warns Move Could Push India Into Moscow's Arms - Benzinga - August 18th, 2025 [August 18th, 2025]
Is This a Bottoming Phase for NSA.PRA - July 2025 WrapUp & Weekly Top Stock Performers List - thegnnews.com - August 14th, 2025 [August 14th, 2025]
Promoting Human Rights in Iraqs Counter-Terrorism Efforts: UNOCT and NSA Host a Workshop for Women working in Security Entities | Office of... - August 12th, 2025 [August 12th, 2025]
Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World - WIRED - August 9th, 2025 [August 9th, 2025]
Excited to receive Putin in India: NSA Doval in Moscow amid Trumps tariff bullying over Russian oil - MSN - August 9th, 2025 [August 9th, 2025]
Ex-US NSA John Bolton calls Trump's tariffs on India 'enormous mistake', says THIS about China, Russia - WION - August 9th, 2025 [August 9th, 2025]
Putin-Trump Summit: Defining eventdefinitely have an impact on India, says former Deputy NSA Saran - Rising Kashmir - August 9th, 2025 [August 9th, 2025]
Trump's India tariffs will push New Delhi closer to Moscow and Beijing, warns former US NSA - Mint - August 9th, 2025 [August 9th, 2025]
Putin-Trump Summit: 'Defining event...definitely have an impact on India': former Deputy NSA Saran - Awaz The Voice - August 9th, 2025 [August 9th, 2025]

June 20th, 2017

No comments yet

Comments are closed.

Mediaboss Marketing

Watchdog: NSA needs to boost insider-threat protocols – FCW.com

About

Pages

Categories

Media Sites

Recommended Sites

Archives