NASA OIG: Evaluation of NASA’s Information Security Program under the Federal Information Security Modernization Act for Fiscal Year 2019 “NASA has not implemented an effective Agency-wide information security program. SSP documentation for all six information systems we reviewed contained numerous instances of incomplete, inaccurate, or missing information. We also performed a limited review of the Agency Common Control (ACC) system, which aggregates and manages common controls across all Agency information […]

Jeff Seaton Named Acting NASA Chief Information Officer “NASA Administrator Jim Bridenstine has named Jeff Seaton as the agency’s acting Chief Information Officer, following the retirement of Renée Wynn on April 30. Previous to this appointment, Seaton served as the Deputy Chief Information Officer where he supported the leadership and integration of NASA corporate and mission critical IT functions and capabilities, as well as oversaw NASA’s annual IT spending of […]

NASA Internal Memo: Website Modernization and Enhanced Security Protocols 15 May 2019 (PDF) “Currently there are an estimated 3,000 public-facing NASA Web sites, yet the top 10 sites receive 80 percent of all Web traffic. Additionally, some NASA partners operate Web sites on our behalf outside of the Agency, creating redundancy and accumulating unnecessary costs. Not only does this duplication of information cause confusion, each Wen site provides potential access […]

NASA Internal Memo: NASA’s Authorized Internal and External Collaboration Tools, NASA CIO “The NASA CIO has worked for the past several years to establish a consistent and modern set of tools to support both internal and external collaboration. While there is still work to do to support some of the more complex use-cases, such as sharing sensitive data with foreign partners, many others are met through Agency approved collaboration tools. […]

NASA CIO Renee Wynn Set to Retire “NASA Chief Information Officer Renee Wynn is retiring on April 30, 2020, after 30 years in Federal service. She is one of the longest-serving departmental CIOs at NASA and in the Federal Government. Before coming to NASA, Wynn spent 25 years at the Environmental Protection Agency (EPA), where she served in several executive roles, including as acting CIO and deputy CIO. During her […]

Keith’s 4:38 pm update: As it happens this commuter bus tweet was not even made by Renee Wynn but rather by someone else who has access to the @NASACIO Twitter account (even though the face on the Twitter page is Renee Wynn’s). This error went unnoticed for more than 5 hours hours until NASAWatch pointed it out. And it took another 5 hours before an indirect message was sent to […]

Raspberry Pi used to steal data from Nasa lab, BBC “An audit report reveals the gadget was used to take about 500MB of data. It said two of the files that were taken dealt with the international transfer of restricted military and space technology. The attacker who used the device to hack the network went undetected for about 10 months. The malicious hacker won access to the Jet Propulsion Lab […]

NASA OIG: Cybersecurity Management and Oversight at the Jet Propulsion Laboratory “Multiple IT security control weaknesses reduce JPL’s ability to prevent, detect, and mitigate attacks targeting its systems and networks, thereby exposing NASA systems and data to exploitation by cyber criminals. … We also found that security problem log tickets, created in the ITSDB when a potential or actual IT system security vulnerability is identified, were not resolved for extended […]

Renee Wynn, CIO, NASA, GovernmentCIO “Renee Wynn has an astronomical responsibility in managing a mix of new and legacy systems to manage NASA’s vast amount of data across its programs that include missions back to the Moon and to Mars.” Overhauling NASA’s Tangled Internet Presence, earlier post “One thing NASA needs to do as part of this effort to fix its public and internal cyber infrastructure is to totally overhaul […]

NASA Internal Memo: Website Modernization and Enhanced Security Protocols (PDF) “Currently there are an estimated 3,000 public-facing NASA Web sites, yet the top 10 sites receive 80 percent of all Web traffic. Additionally, some NASA partners operate Web sites on our behalf outside of the Agency, creating redundancy and accumulating unnecessary costs. Not only does this duplication of information cause confusion, each Wen site provides potential access for a cyber-attack […]