Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday March 12 2019, @06:58PM   Printer-friendly
from the shall...we...play...a...game... dept.

According to the NASA Office of the Inspector General (OIG), in 2018 NASA failed for the second year in a row to implement an efficient cybersecurity program.

Based on their review, the OIG assigned a maturity level of 2 to NASA's cybersecurity program.

The Federal Information Security Modernization Act of 2014 (FISMA) defines five levels of maturity: Level 1 (Ad-hoc), Level 2 (Defined), Level 3 (Consistently Implemented), Level 4 (Managed and Measurable), and Level 5 (Optimized).

Level 2 organizations have their policies, procedures and strategies formalized and documented, but they are not consistently implemented. The Office of Management and Budget requires organizations to get a rating of at least Level 4 for their cybersecurity program to be considered effective.

This is reflected in reality. In a breach a few months back, both past and present NASA employees had their personal information — including Social Security Numbers and other personally identifiable information — lifted from NASA servers, and that incident was not alone.

Searching SpaceX breach, Blue Origin breach, Virgin Galactic + breach....I find some rockets blowing up, but that's a different kind of breach entirely.

Security isn't as fun as rocket surgery, but get with it please.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Insightful) by ikanreed on Tuesday March 12 2019, @07:08PM (3 children)

    by ikanreed (3164) Subscriber Badge on Tuesday March 12 2019, @07:08PM (#813424) Journal

    Science and engineering that fundamentally serves a purpose of advancing mankind wasn't tied up 16 ways with the vague concept of "national security" and NASA was a civilian organization.

    • (Score: 3, Interesting) by takyon on Tuesday March 12 2019, @07:15PM (2 children)

      by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Tuesday March 12 2019, @07:15PM (#813428) Journal

      NASA is juggling more than just its own "secrets".

      Security is also about more than just protecting information from being copied. A sufficiently motivated attacker could destroy systems, and possibly even satellites.

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
      • (Score: 2) by ikanreed on Tuesday March 12 2019, @07:18PM

        by ikanreed (3164) Subscriber Badge on Tuesday March 12 2019, @07:18PM (#813430) Journal

        And we're trying to make the one cool part of cyberpunk not happen?

      • (Score: 0) by Anonymous Coward on Tuesday March 12 2019, @07:26PM

        by Anonymous Coward on Tuesday March 12 2019, @07:26PM (#813432)

        Not to mention just plain old personnel records.

  • (Score: 2, Funny) by Anonymous Coward on Tuesday March 12 2019, @07:28PM (1 child)

    by Anonymous Coward on Tuesday March 12 2019, @07:28PM (#813433)

    They shit on my instrument proposal because they say it doesn't have a high enough TRL number, and all they can muster is a crappy Level 2 for their shit.

    • (Score: 2) by DannyB on Tuesday March 12 2019, @07:49PM

      by DannyB (5839) Subscriber Badge on Tuesday March 12 2019, @07:49PM (#813439) Journal

      I hate to be cynical* but it could be due to lack of greasing the right palms. This is quasi-government we're talking about. Corruption runs ALL the way to the top.

      * not really

      --
      People today are educated enough to repeat what they are taught but not to question what they are taught.
  • (Score: 2) by DannyB on Tuesday March 12 2019, @07:51PM (5 children)

    by DannyB (5839) Subscriber Badge on Tuesday March 12 2019, @07:51PM (#813440) Journal

    Where is realDonaldTrump when you need him?

    Can't an executive odor require NASA to get its cyber security off the ground by the time it gets SLS off the ground?

    --
    People today are educated enough to repeat what they are taught but not to question what they are taught.
    • (Score: 2) by c0lo on Tuesday March 12 2019, @09:04PM (2 children)

      by c0lo (156) Subscriber Badge on Tuesday March 12 2019, @09:04PM (#813468) Journal

      Can't an executive odor require NASA...

      Nope, far from enough. What you need is an executive stench.

      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
      • (Score: 0) by Anonymous Coward on Tuesday March 12 2019, @09:23PM (1 child)

        by Anonymous Coward on Tuesday March 12 2019, @09:23PM (#813477)

        Draining the swamp might eliminate some odor.

        • (Score: 3, Funny) by c0lo on Tuesday March 12 2019, @09:30PM

          by c0lo (156) Subscriber Badge on Tuesday March 12 2019, @09:30PM (#813482) Journal

          And if you fail to drain it, there's always the fall back on emitting an overpowering stench by yourself.

          Hey, wait a minute...

          --
          https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
    • (Score: 2, Touché) by realDonaldTrump on Wednesday March 13 2019, @12:20AM (1 child)

      by realDonaldTrump (6614) on Wednesday March 13 2019, @12:20AM (#813524) Homepage Journal

      You talk about, dowsing a guy in gasoline. Lighting a match (Tinder). Burning him up. And then you're all, "oh, what happened to Donald J. Trump, he's the only guy that can fix this!" I'll tell you, internet has some truely horrible people.

      I'm here. I'm here. Working very hard, and very successfully, on the Cyber Security. Otherwise known as the Digital security. Something that even the very biased Fake News M.S.M. gives me a lot of credit for.

      "Cybersecurity industry leaders and former government officials are now heaping praise on the Trump administration's digital security policies -- describing them as smart and measured." Today's Amazon Washington Post.

      • (Score: 2) by realDonaldTrump on Wednesday March 13 2019, @12:35AM

        by realDonaldTrump (6614) on Wednesday March 13 2019, @12:35AM (#813530) Homepage Journal

        By the way, check my WordPress. I put out my Budget for a Better America. For 2020, big election year (Presidential). And I said, give me $9.6 billion for Cyber Command & Cyber Security. Call your Senators, call your Congress Person -- guy, gal or whatever. And tell them, pass President Donald Trump's Budget with ZERO changes.

        "The Budget continues to place a high priority on cybersecurity and cyber operations by requesting more than $9.6 billion in 2020 to advance DOD’s three primary cyber missions: safeguarding DOD’s networks, information, and systems; supporting military commander objectives; and defending the Nation. This investment provides the resources necessary to grow the capacity of U.S. military cyber forces (including the recently elevated United States Cyber Command), invest in the cyber workforce, and continue to maintain the highest cybersecurity standards at DOD." whitehouse.gov/wp-content/uploads/2019/03/budget-fy2020.pdf [whitehouse.gov]

(1)