With the advancement of technology, the space industry continues to advance. New observations reveal the mystery of the universe. However, the cybersecurity environment continues to evolve even in space. NASA’s Office of Inspector General (OIG) issued an audit report on the space agency’s data handling. Here are the details…
The Office of Inspector General audited NASA for cybersecurity!
NASA’s Office of Inspector General, OIG, stated that the space agency processes a lot of personally identifiable information. OIG also maintains close contact with the public and other outside agencies. Therefore, the company is highly susceptible to data breaches that could seriously harm those affected.
The company conducted interviews with NASA’s privacy and cybersecurity officials. Among other things, it reviewed privacy surveys to paint a picture of cybersecurity performance so far.
The OIG stated that NASA’s approach to privacy is comprehensive. He also added that he liked many of the company’s policies. However, the report also highlighted some additional steps to protect individuals’ personal information.
However, the OIG criticized the space agency on some issues. NASA chooses not to take full advantage of the data loss prevention (DLP) feature built into the Microsoft 365 platform. Instead, it relied on users to report potential violations. The OIG stated that this should be corrected.
NASA hosts different projects at the same time. However, it has too many conflicting documents and policies. That’s why NASA became the focus of criticism. Additionally, OIG called for a common understanding of what constitutes a breach and when the Breach Response Team should be activated.
OIG gave NASA a total of 6 recommendations for improvements in cybersecurity. He gave recommendations on improving some processes. He also noted the need to establish DLP roles and responsibilities. However, he requested that it receive more guidance and update its policies to track and document incidents.
{{user}} {{datetime}}
{{text}}