Hacking away at Energy

Even after almost 200 hacks of its systems in 2003, the Energy Department still has some holes in its cyberdefense, according to an inspector general's report released this week.

In response to cybersecurity weaknesses that resulted in 199 intrusions last year, Energy officials say they're taking several measures to protect the department's systems. But they continue to have difficulty finding, tracking and fixing previously reported cybersecurity weaknesses quickly, the inspector said in a report, "The Department's Unclassified Cyber Security Program -- 2004."

The report praised improvements, but highlighted omissions in cyberdefenses, such as:

Incomplete certification and accreditation of major systems.

Missing contingency plans for restoring systems after an emergency.

Continuing problems with access control, segregation of responsibilities for financial processing and correction of known security vulnerabilities. Energy officials say the problems will be rectified within the coming year.

"The department has taken a broad-based approach to making its systems and data as secure as possible," department spokesman Mike Waldron said. "In doing so, 90 percent of our systems were certified and accredited this year. Our goal is to have the remaining 10 percent certified next year." Energy officials recently formed an integrated project team.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.