The NSA currently employs approximately 1,000 sysadmins, and the goal is to reduce that number by 90 percent, he shared with the crowd at the International Conference on Cyber Security held this week in New York City.
“We’ve put people in the loop of transferring data, securing networks and doing things that machines are probably better at doing,” he said, and concluded that the change will make NSA secrets “more defensible and more secure.”
According to RT, Alexander claims that the impetus for the decision was not the defection of Edward Snowden, who lastly worked for the agency as a sysadmin, but that the process was definitely accelerated after he leaked confidential information taken from the agency.
“We trust people with data. At the end of the day it’s about people and trust. And people who have access to data as part of their missions, if they misuse that trust they can cause huge damage,” he concluded.
Security experts on Twitter have reacted to the news with derision. "Within six months the NSA will be breached and they’ll claim it was because they didn’t have enough administrators to secure themselves," commented Akamai security evangelist Martin McKeay. Others have noted that they will end up with a lot of disgruntled techies that just might become the next Snowden.
This change will go along another one announced in June - a two-person system that will require two employees to sign off on copying any classified data from a secure network onto a portable storage device, limiting thusly the possibility of a whistleblower being able to replicate Snowden's feat.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.