NAESOC: The DCSA Initiative That Everyone in the Field Says Isn't Working
The National Access Elsewhere Security Oversight Center was established by DCSA in 2019 with a reasonable premise: take the roughly 5,000 cleared facilities that do not possess classified information onsite — about 40 percent of the entire National Industrial Security Program — and consolidate oversight of them in a centralized unit, freeing regional field operators to focus on more complex, higher-risk possessing facilities. After six years, the consensus among DCSA’s own field personnel is that the center has not delivered on that premise.
Participants in all twelve focus groups GAO conducted offered negative assessments of NAESOC. Three recurring themes emerged: insufficient staffing, limited risk mitigation effectiveness, and industry dissatisfaction with the center’s responsiveness. As of June 2025, NAESOC was staffed with 11 civilians and 47 contractors — a workforce that NAESOC leaders themselves described as inadequate. They reported that the center receives additional missions annually without accompanying resources or formal project plans, producing a pattern of expanded scope without expanded capacity.
The risk mitigation critique from regional operators is pointed. Multiple focus group participants described NAESOC-aligned facilities as frequently non-compliant when regional staff do engage with them — in one instance, participants described finding every NAESOC facility they accessed as “a mess.” Others described the center as having moved problems around rather than fixed them, and noted that its remote-only operating model inherently limits what it can detect. The GAO’s own data supports this skepticism: security reviews conducted in person consistently surface more violations and vulnerabilities than remote monitoring does, and participants in eight of twelve focus groups specifically identified onsite reviews as essential for identifying non-compliance.
Industry dissatisfaction compounds the problem. Contractors aligned with NAESOC reported to regional officials that they receive slow, cookie-cutter responses when they need guidance, and that calls for help go unanswered. NAESOC officials themselves acknowledged that they measure outputs — such as continuous monitoring alerts generated — but struggle to measure outcomes, making it effectively impossible to demonstrate impact on the industrial security mission.
There is also a structural issue. NAESOC falls under the Industrial Security directorate, but its work is field mission work. As a result, it does not receive the same administrative or dedicated IT support as the Field Operations directorate — a gap that NAESOC leadership and a 2025 internal risk document both flagged as creating dysfunctional mission execution.
DCSA has planned after-action reviews of its cross-directorate joint task force and a separate pilot called Operation Torch for late 2026. But without a comprehensive assessment of NAESOC that addresses staffing needs, outcome-oriented performance goals, and organizational alignment, the agency cannot determine whether the eight regional detailees being added to the center in FY2026 will meaningfully change anything — especially as NAESOC’s remote security review workload is projected to grow from 100 in FY2025 to between 800 and 1,200 in FY2026.