[sandworm101]

That would be the plan. If it is a government contract then the government is the customer. The customer manages the project and the hired contractors do the heavy lifting.

Look to the people who actually use these systems. Once it is up and running they will all be government employees. The real work, the thing the system is designed to do, starts after the IT infrastructure is up and running. The vast majority of people reading and handling classified informatiom are government employees ... most of them in uniform.

FYI, this system is apparently mean to protect "NATO Secret" material. That isnt a very high classification. I'd call it entry level, the sort of thing that nearly everyone in uniform is cleared to see.

[joe_the_user]

I'd just note there are problems besides information leakage when your secret information system is hacked - the system being used to attack more secret systems, information about the users being gotten, information possibly being changed, denial-of-service.

[nicholasbraker]

NATO Secret is one of the highest and you definitely need to have had extensive background checks and clearances to have access to this data. From my experience this is not the type of data your typical employee (uniformed or civilian) would be in contact with.

[pbronez]

Per NATO's security guidance [0], NATO SECRET is the second-highest of ~5 classification categories It " is applied to information the unauthorized disclosure of which would cause serious damage to NATO."

In decreasing order of sensitivity, the categories are:

COSMIC TOP SECRET

NATO SECRET (NS)

NATO CONFIDENTIAL (NC)

NATO RESTRICTED (NR)

NATO UNCLASSIFIED (NU)

[0] https://www.act.nato.int/images/stories/structure/reserve/hq...

[sandworm101]

Those NATO levels are all just the start. Every NATO member runs many of their own layers. Over and above NATO come levels that are country-specific. In the US that means things like "five eyes" or US-only, which are technically secret (ie not TS) but are still above NATO. Remember that anything NATO is going to be seen by a large number of countries, including Turkey and Greece.

[hereforphone]

The vast majority of people reading and handling classified information are government employees? That's not the case. I was cleared at TS/SCI + polygraph and many many contractors work in that environment.

[sandworm101]

In the office where you worked. In the office where I work there are zero. Classification levels don't really matter. It is about the nature of the information. Some is simply never shared with non-employees. Some isn't shared with people not wearing uniforms. Well, excepting one or two non-uniforms but they are still government employees.

[hereforphone]

I was military first then worked for defense contractors for a decade or so. In the areas I worked (several countries including war zones), at the levels I worked (secret, TS/SCI), in the agencies I worked with (DoD, special operations groups, intelligence organizations), I did not experience what you're claiming.

[sandworm101]

If you were American and in war zones then you were probably handling operational intelligence rather than strategic.