NASA OIG: NASA’s Cybersecurity Readiness, NASA OIG “The Chief Information Officer (CIO) has struggled to implement an effective IT governance structure that aligns authority and responsibility with the Agency’s overall mission. … In FY 2020, the OCIO spent $278 million on IT, $74 million of which was budgeted for institutional cybersecurity. Separate from the OCIO, mission offices in FY 2020 invested $169 million on missionbased cyber management at locations around […]

Keith’s note: Earlier today I posted NASA CIO’s Open Data Thing Is Still Screwed Up. I went back to to the CIO’s data.nasa.gov page to see if their data collection is accessible to the public. I went to the “Technical Report Server” pull down menu and clicked on “Public Search” which sent me to NTRS – NASA Technical Reports Server. I searched for “astrobiology” and the top search result is […]

Keith’s note: In my 27 March 2021 posting about yet another mess at the Chief Information Office “The NASA CIO OpenNASA Website Has Expired – Further” (updated on 19 April 2021) I documented how out of date the NASA CIO’s website on open data was. This is what it looked like on 23 April 2021 – showing an update of 2 April 2021 and a responsible official who left NASA […]

The NASA CIO OpenNASA Website Has Expired Keith’s update: It has been 3 weeks since this post and not much has changed – except that the page was supposedly updated on 2 April 2021 (but shows a responsible NASA official who retired several years ago). And if you go to the Datanauts link you get a broken link error “Not Found The requested URL /explore/datanauts/ was not found on this […]

Keith’s note: The NASA Office of the Chief Information Officer is charged with lots of things and has dabbled over the years in “Open Government” – something that the Obama Administration championed and the Trump people ignored. There is a website called OpenNASA that is supposed to be a focal point for NASA’s engagement in Open Government. When you click on the NASA Open Government Plan (the “most recent” report […]

NASA OIG: Fiscal Year 2020 Federal Information Security Modernization Act Evaluation – An Agency Common System “… We found that NASA had not assessed the Agency common control entitled SI-04, Information System Monitoring, since April 2015. Moreover, the control was classified in 2015 as “other than satisfied,” but system security officials still had not taken appropriate action to address the control deficiency by developing either a POA&M or Risk-Based Decision […]

Keith’s note: Do a Google search for “NASA search engine“. The first search result that comes up is NASA Multimedia Search last updated on 26 February 2006. The second result that comes up is Tools for searching last updated on 21 July 2005. Look on the left hand side of either page. Click on simple search, category search, or Advanced search and you get “404 The cosmic object you are […]

Keith’s 18 Nov update: NASA wants to transmit their stuff to you. But they really don’t want you to talk to their people about it. Once upon a time – actually for more than a decade – you could go to people.nasa.gov to find out how to contact a government employee at NASA. Not any more. Here is what the site looked like on 28 October 2020. You used to […]

Hearing link, Hearing on Cybersecurity Infrastructure and Information Technology Management, Policies, and Practices at NASA Prepared statements – Rep. Kendra Horn – Rep. Eddie Bernice Johnson – Rep. Brian Babin – Jeff Seaton, Chief Information Officer (Acting) National Aeronautics and Space Administration – Diana L. Burley, Vice Provost for Research, American University – Paul K. Martin, Inspector General, National Aeronautics and Space Administration “Our concerns with NASA’s IT governance and […]

OIG: NASA’s Policy and Practices Regarding the Use of Non-Agency Information Technology Devices “NASA is not adequately securing its networks from unauthorized access by IT devices. Although OCIO has deployed technologies to monitor unauthorized IT device connections, it has not fully implemented controls to remove or block these devices from accessing NASA’s networks and systems. The initial December 2019 target date for NASA to complete installation of these controls has […]