NASA IT Is Still Very Vulnerable To Hacking
NASA OIG: NASA’s Insider Threat Program
“While NASA has a fully operational insider threat program for its classified systems, the vast majority of the Agencys information technology (IT) systems including many containing high-value assets or critical infrastructure are unclassified and are therefore not covered by its current insider threat program. Consequently, the Agency may be facing a higher-than-necessary risk to its unclassified systems and data. … Further amplifying the complexities of insider threats are the cross-discipline challenges surrounding cybersecurity expertise. At NASA, responsibilities for unclassified systems are largely shared between the Office of Protective Services and the Office of the Chief Information Officer. In addition, Agency contracts are managed by the Office of Procurement while grants and cooperative agreements are managed by the Office of the Chief Financial Officer.”