I also think that no organization or individual stands a chance against an NSA class adversary who has decided to own the organization. But keep in mind that most security practices also guard against not-quite-NSA-class attacks and will at least make it a step harder (which of course only means more expensive) for NSA types to attack you.
If you try to make your network absolutely NSA proof, you'll become broke trying. But maybe you can make reasonably sure that they will have to sneak in the custom router firmware, or have to bribe two or more engineers, instead of learning the secret passwords through an injected-Facebook-drive-by-download they can pit into their systems for free.
If you try to make your network absolutely NSA proof, you'll become broke trying. But maybe you can make reasonably sure that they will have to sneak in the custom router firmware, or have to bribe two or more engineers, instead of learning the secret passwords through an injected-Facebook-drive-by-download they can pit into their systems for free.