Mohana Ravindranath | Nextgov | April 19, 2016 | 0 Comments

Watchdog: NASA Needs Permanent IT Security Officer

Samot/Shutterstock.com

Instability in NASA’s chief information officer’s shop has led to a lack of a good plan to manage its IT resources, a watchdog report finds.

An audit completed last month found that NASA doesn’t have an agencywide information security program, partly because it hasn’t had a permanent senior security officer, causing, “uncertainty surrounding information security responsibilities.”

Without a such a plan, “NASA will continue to struggle” to manage its security risk, the Office of the Inspector General’s report said.

As of February 2016, NASA had started to document its information security architecture, the report said. Though the information security plan isn’t complete, that step could help the agency make progress, the OIG report found.

But at that point, NASA still didn’t have a permanent senior security officer. Three different people cycled into and out of that role over the past year and a half, the report found.

The OIG recommended NASA’s CIO require the senior security officer to create an agencywide information security program plan. NASA concurred with this recommendation.

This is one of many tech problems the space agency faces. NASA documents obtained by Federal News Radio last month found the agency could have millions of out-of-date security patches, making its networks vulnerable to cyberattack.

Comments
JOIN THE DISCUSSION

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.