Search Results for: Cybersecurity
12 results found
The Pennsylvania State University Agrees to Pay $1.25M to Resolve False Claims Act Allegations Relating to Non-Compliance with Contractual Cybersecurity Requirements
The Pennsylvania State University (Penn State), located in University Park, Pennsylvania, has agreed to pay $1,250,000 to resolve allegations that it violated the False Claims Act by failing to comply with cybersecurity requirements in fifteen contracts or subcontracts involving the Department of Defense (DoD) or National Aeronautics and Space Administration (NASA).
NASA’s Cybersecurity Readiness (IG-21-019)
NASA’s high-profile missions and broad connectivity with the public, educational institutions, and outside research facilities present a significant target for cyberattacks. We examined the steps the Agency has taken–and needs to take–to strengthen its readiness for and resilience to inevitable cybersecurity attacks.
Cybersecurity at NASA
NASA Inspector General Paul Martin testified before the U.S. House of Representatives Subcommittee on Space and Aeronautics regarding NASA’s cybersecurity challenges and emerging issues for increased telework during COVID-19 pandemic.
Cybersecurity Management and Oversight at the Jet Propulsion Laboratory (IG-19-022)
June 18, 2019 The Office of Inspector General assessed the effectiveness of the Jet Propulsion Laboratory’s network security controls for its externally facing applications and systems and NASA’s oversight of these controls.
Report Mandated by the Cybersecurity Act of 2015 (IG-16-026)
July 27, 2016
Audit of Cybersecurity Oversight of [a NASA] System (IG-10-018)
August 05, 2010
NASA Cybercrime Sleuths Aid Nation-Wide Investigation to Expose North Korean Ransomware Scheme
In late 2021, news of a critical security flaw in a common piece of computer code swept the globe. This software vulnerability, known as Log4Shell, gave hackers easy access to numerous applications and online services. Reports of cyber espionage surged as bad actors, including foreign governments, exploited Log4Shell to take control of computer networks, leak […]
Evaluation of NASA’s Information Security Program under the Federal Information Security Modernization Act for Fiscal Year 2025
The Federal Information Security Modernization Act requires the Office of Inspector General to conduct an annual evaluation of NASA’s information security program. For fiscal year 2025, we rated NASA’s information security program at a Level 3—meaning policies, procedures, and strategies were consistently implemented, but quantitative and qualitative effectiveness measures were lacking—a rating that falls short […]
Audit of NASA’s Zero Trust Architecture
Zero trust architecture (ZTA) is a cybersecurity approach based on continual verification of each user, device, application, and transaction to protect critical systems and data. NASA has made progress implementing ZTA across its corporate systems (managed by the Office of the Chief Information Officer). However, by delaying ZTA implementation of non-corporate (mission and Jet Propulsion […]
Best of 2024
Top Audit Reports As we approach 2025, the NASA Office of Inspector General is counting down the three most high-profile audits that sparked interest and ignited curiosity in 2024. #3: Audit of the Mars Sample Return Program Coming in at number three is our assessment of the Mars Sample Return Program. We recommended that, before […]