GAO: Los Alamos Lab has cybersecurity gaps

Related Links

GAO report

The Los Alamos National Laboratory suffers from cybersecurity weaknesses that affect how it protects information on its sensitive but unclassified network, according to a new report from the Government Accountability Office.

That network includes sensitive data such as controlled nuclear information, export control information, and personally identifiable information about employees of the national lab, the GAO report released Sept. 25 explained.


The nuclear weapons lab, in Los Alamos, N.M., has experienced breaches in its security in several incidents over the last decade. It was budgeted nearly $200 million in fiscal 2007 to provide for physical and cybersecurity. Despite improvements, the facility continues to have gaps in its physical security and cybersecurity, the GAO report concluded.

“Our review of cybersecurity at Los Alamos National Laboratory found that the laboratory has implemented measures to enhance its information security, but weaknesses remain in protecting the confidentiality, integrity and availability of information on its unclassified network,” the report said.

Vulnerabilities exist in identifying and authenticating users; encrypting sensitive information; and monitoring and auditing compliance with security policies. Furthermore, the lab has not fully implemented an information security program.

GAO made 52 recommendations to fix the lab’s cybersecurity gaps, some of which had been documented in prior years.

Lab officials have said that their cybersecurity funding amount is inadequate to address all the security concerns, but that assessment has been questioned by the National Nuclear Security Administration. From fiscal years 2001 through 2007, the lab spent $51.4 million to protect and maintain its unclassified network.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected