1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • NASA is apparently seriously lacking when it comes to data securi

    From TechnologyDaily@1337:1/100 to All on Tue Mar 15 16:15:04 2022
    NASA is apparently seriously lacking when it comes to data security

    Date:
    Tue, 15 Mar 2022 16:05:08 +0000

    Description:
    NASA is good at protecting classified data, but is all the necessary data labeled as such?

    FULL STORY ======================================================================

    The National Aeronautics and Space Administration (NASA) is pretty good at keeping Classified information away from falling into the wrong hands, but
    its not that good at labeling all of the right data as Classified.

    This becomes a major problem because it puts many projects and information in jeopardy from insider attacks, says the latest report on the organization's state of cybersecurity, published by the NASA Office of Inspector General.

    The NASAs insider threat program report reveals that the vast majority of
    NASA technology is not labeled as Classified, including "high-value assets
    and critical infrastructure." Some of these assets include "sensitive and valuable information such as scientific, engineering, or research data; human resources files; or procurement sensitive information." TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window << Labeling classified data

    As these items are not labeled as Classified, they arent covered by the various defenses the organization deployed for its insider protection
    program.

    Things wouldnt be that bad if unclassified, but sensitive information, wasnt abused every day. The auditor says in its report that the number of
    incidents, including the improper use of the organizations IT systems, rose 343% in three years (from 249 in 2017, to 1,103 in 2020).

    Of all these incidents, the most common problem was failing to protect Sensitive but Unclassified (SBU) information. Apparently, many NASA employees were sending each other unencrypted emails containing SBU data, Personally Identifiable Information (PII), or International Traffic in Arms Regulations data. Read more

    Data Security: What is it?


    Data privacy is more important than ever in the age of remote work


    The Great Resignation is a threat to cyber security

    Another potential problem is frequent privilege elevation for the employees. In the last three years, NASA users made more than 12,000 requests for privilege elevation.

    To better protect its data, the watchdog hints, NASA needs to reorganize informational security responsibilities. As things stand now, multiple teams are in charge of securing the organization's endpoints , including the Office of Protective Services (OPS), and the Office of the Chief Information Officer (OCIO). Check out our list of the best firewalls right now

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/nasa-is-seriously-lacking-when-it-comes-to-secu rity/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)