Potential Personally Identifiable Information (PII) Compromise of NASA Servers
"On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored. After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised."
NASA's performance in complying with Federal regulations governing IT and cybersecurity has been pitiful - especially during the tenure of NASA CIO Renee Wynn. Now there has been another security breach that affects all present and prior NASA employees- even those of us who left the agency decades ago. In the real world the peson responsible for such pitiful performance would be fired.
Federal Information Security Modernization Act of 2014 (FISMA) - 2018 report
"Congress enacted the Federal Information Security Modernization Act of 2014 (FISMA) to improve federal cybersecurity and clarify government-wide responsibilities. The act is intended to promote the use of automated security tools with the ability to continuously monitor and diagnose the security posture of federal agencies, and provide for improved oversight of federal agencies' information security programs. In particular, the act clarifies and assigns additional responsibilities to entities such as OMB and DHS."
- NASA Totally Flunks FITARA Scorecard 2 Years In A Row (2016), earlier post
"There is a slightly goofy post at NASA CIO's Open.NASA.gov (not findable on the NASA search engine) "NASA's Approach to Implementing FITARA" from 10 March 2016 that opens with "My husband and I are planning a vacation to Disneyworld, an awesome destination for our five year old dreamer. How do we budget for such an grandiose trip?", and then goes on to spout happy talk - with added IT word salad - about how seriously NASA takes FITARA. If only."
from NASA Watch https://ift.tt/2EDSPui
via IFTTT
沒有留言:
張貼留言