NASA CIO Still Can't Do The Cybersecurity Thing Properly
OIG: NASA’s Policy and Practices Regarding the Use of Non-Agency Information Technology Devices
“NASA is not adequately securing its networks from unauthorized access by IT devices. Although OCIO has deployed technologies to monitor unauthorized IT device connections, it has not fully implemented controls to remove or block these devices from accessing NASA’s networks and systems. The initial December 2019 target date for NASA to complete installation of these controls has been delayed due to technological challenges and changes in OCIO mission priorities and requirements. Until the enforcement controls are fully implemented, NASA remains vulnerable to cybersecurity attacks.”
Keith’s note: And how many decades has NASA CIO had to deal with – and fix – this problem? And when they can’t do their job its always due to someone or something else.