Inspector General Reviews Interior Dept’s Continuous Diagnostics & Mitigation Program for 3 Bureaus’ IT Systems

cybersecurityThe Interior Department’s office of inspector general has found lapses in DOI’s Continuous Diagnostics and Mitigation program when it comes to safeguarding high-value information technology systems from cyber vulnerabilities.

OIG said in a report published Wednesday its findings are based on the assessment of CDM practices that DOI implements for IT assets operated by the department’s U.S. Geological Survey, Bureau of Reclamation and Bureau of Safety and Environmental Enforcement.

The CDM initiative calls for agencies to implement 15 continuous diagnostic control measures in three phases, according to the report.

Under the program’s Phase 1, agencies should use automated software platforms to facilitate the development and maintenance of computer software and hardware inventories as well as implement enterprise configuration and vulnerability management measures, the IG said.

The report said that DOI failed to mitigate critical network vulnerabilities on the bureaus’ IT assets as well as detect and eliminate potential malware from the IT systems.

The IG also noted that DOI’s office of chief information officer did not require the bureaus to deploy the department’s inventory management software on all computers, monitor computer configurations, create lists of approved software to safeguard systems from malware and comply with best practices for vulnerability mitigation and detection.

The inspector general offered six recommendations in response to the findings and in an effort to help DOI protect its IT infrastructure from potential exploitation.

You may also be interested in...

Supply Chain Mgmt

DLA, GSA Officials Talk Supply Chain Mgmt Priorities

The Defense Logistics Agency (DLA) has employed additive manufacturing and other techniques in its supply chain operations to support missions including the delivery of 10,000 face shields to health workers in New York City. Sly Ahn noted that the agency also used a “reverse logistics approach” to its missions beyond COVID-19 response. 

Leave a Reply

Your email address will not be published. Required fields are marked *