GAO: Los Alamos Lab has cybersecurity gaps

Related Links

GAO report

The Los Alamos National Laboratory suffers from cybersecurity weaknesses that affect how it protects information on its sensitive but unclassified network, according to a new report from the Government Accountability Office.

That network includes sensitive data such as controlled nuclear information, export control information, and personally identifiable information about employees of the national lab, the GAO report released Sept. 25 explained.


The nuclear weapons lab, in Los Alamos, N.M., has experienced breaches in its security in several incidents over the last decade. It was budgeted nearly $200 million in fiscal 2007 to provide for physical and cybersecurity. Despite improvements, the facility continues to have gaps in its physical security and cybersecurity, the GAO report concluded.

“Our review of cybersecurity at Los Alamos National Laboratory found that the laboratory has implemented measures to enhance its information security, but weaknesses remain in protecting the confidentiality, integrity and availability of information on its unclassified network,” the report said.

Vulnerabilities exist in identifying and authenticating users; encrypting sensitive information; and monitoring and auditing compliance with security policies. Furthermore, the lab has not fully implemented an information security program.

GAO made 52 recommendations to fix the lab’s cybersecurity gaps, some of which had been documented in prior years.

Lab officials have said that their cybersecurity funding amount is inadequate to address all the security concerns, but that assessment has been questioned by the National Nuclear Security Administration. From fiscal years 2001 through 2007, the lab spent $51.4 million to protect and maintain its unclassified network.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.