Resources for Federal Information Security Management Act (FISMA)

Energy's unclassified networks still open to cyberattack

www.nextgov.com

The Energy Department has failed to implement cybersecurity measures, leaving its unclassified computer systems and data open to hackers and employees who may not have authorization to access certain files, according to an audit report released by the agency's inspector general. Comment on this article in The Forum.Energy improved some security weaknesses the IG identified in its fiscal 2007 audit, including strengthening configurations of networks and systems, updating security policies and procedures related to laptops, and improving reporting of security incidents. The agency also began including cybersecurity requirements in relevant contracts. But weaknesses still exist, according to the IG, who conducted an evaluation of unclassified systems between February and September. The Office of Independent Oversight performed a separate evaluation of systems that contain sensitive data.

View the Resource

Share or bookmarklet this web page at: