Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday March 12 2019, @06:58PM   Printer-friendly
from the shall...we...play...a...game... dept.

According to the NASA Office of the Inspector General (OIG), in 2018 NASA failed for the second year in a row to implement an efficient cybersecurity program.

Based on their review, the OIG assigned a maturity level of 2 to NASA's cybersecurity program.

The Federal Information Security Modernization Act of 2014 (FISMA) defines five levels of maturity: Level 1 (Ad-hoc), Level 2 (Defined), Level 3 (Consistently Implemented), Level 4 (Managed and Measurable), and Level 5 (Optimized).

Level 2 organizations have their policies, procedures and strategies formalized and documented, but they are not consistently implemented. The Office of Management and Budget requires organizations to get a rating of at least Level 4 for their cybersecurity program to be considered effective.

This is reflected in reality. In a breach a few months back, both past and present NASA employees had their personal information — including Social Security Numbers and other personally identifiable information — lifted from NASA servers, and that incident was not alone.

Searching SpaceX breach, Blue Origin breach, Virgin Galactic + breach....I find some rockets blowing up, but that's a different kind of breach entirely.

Security isn't as fun as rocket surgery, but get with it please.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by ikanreed on Tuesday March 12 2019, @07:18PM

    by ikanreed (3164) Subscriber Badge on Tuesday March 12 2019, @07:18PM (#813430) Journal

    And we're trying to make the one cool part of cyberpunk not happen?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2