GAO: Los Alamos Lab has cybersecurity gaps

Related Links

GAO report

The Los Alamos National Laboratory suffers from cybersecurity weaknesses that affect how it protects information on its sensitive but unclassified network, according to a new report from the Government Accountability Office.

That network includes sensitive data such as controlled nuclear information, export control information, and personally identifiable information about employees of the national lab, the GAO report released Sept. 25 explained.


The nuclear weapons lab, in Los Alamos, N.M., has experienced breaches in its security in several incidents over the last decade. It was budgeted nearly $200 million in fiscal 2007 to provide for physical and cybersecurity. Despite improvements, the facility continues to have gaps in its physical security and cybersecurity, the GAO report concluded.

“Our review of cybersecurity at Los Alamos National Laboratory found that the laboratory has implemented measures to enhance its information security, but weaknesses remain in protecting the confidentiality, integrity and availability of information on its unclassified network,” the report said.

Vulnerabilities exist in identifying and authenticating users; encrypting sensitive information; and monitoring and auditing compliance with security policies. Furthermore, the lab has not fully implemented an information security program.

GAO made 52 recommendations to fix the lab’s cybersecurity gaps, some of which had been documented in prior years.

Lab officials have said that their cybersecurity funding amount is inadequate to address all the security concerns, but that assessment has been questioned by the National Nuclear Security Administration. From fiscal years 2001 through 2007, the lab spent $51.4 million to protect and maintain its unclassified network.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.