Energy IG finds flaws in DOE IT security

The Energy Department's efforts to protect information systems that contain national security information are falling short, the department's inspector general has found.

In an audit report released recently, the IG reported weaknesses in five of the six facilities included in the audit. The review is the latest of several the IG has conducted of the department's certification and accreditation process.

Specifically, the IG found that:


  • At five of the six facilities audited, security plans did not addres risks such as classified and unclassified systems operating in the same environment.

  • In many cases, department officials were not approving security plans and changes to systems.

  • In some cases, the plans did not accurately reflect the environment they pertained to.

  • Five of the six sites did not have contingency plans for handling service disruptions to national security information systems.


DOE managers agreed with two of the IG's recommendations and disagreed with the other two.

About the Author

Technology journalist Michael Hardy is a former FCW editor.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.