Information Security News mailing list archives
NASA info security controls are broken, GAO concludes
From: InfoSec News <alerts () infosecnews org>
Date: Mon, 19 Oct 2009 01:47:16 -0500 (CDT)
http://gcn.com/articles/2009/10/16/nasa-info-security-controls-broken.aspx By William Jackson GCN.com Oct 16, 2009 Key information technology systems at NASA have weaknesses in several critical areas that could lead to those systems being compromised, according to the Government Accountability Office. Although controls are being implemented as part of a risk-based information security program, required under the Federal Information Security Management Act, controls were not always adequate or consistently enforced, resulting in security gaps in physical and logical perimeters and leaving vulnerabilities in networks and systems. "A key reason for these weaknesses was that NASA had not yet fully implemented key elements of its information security program," GAO said in its report [1], NASA Needs to Remedy Vulnerabilities in Key Networks. "As a result, highly sensitive personal, scientific, and other data were at an increased risk of unauthorized use, modification, or disclosure." The space agency agreed with GAO's recommendations for strengthening and completely implementing security controls. [1] http://www.gao.gov/new.items/d104.pdf [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.org
Current thread:
- NASA info security controls are broken, GAO concludes InfoSec News (Oct 19)