Home / News / Inspector General Reviews DOE’s Unclassified Cybersecurity Program

Inspector General Reviews DOE’s Unclassified Cybersecurity Program

The Energy Department's office of inspector general has recommended strategies to secure DOE information systems and data after identifying vulnerabilities during to a fiscal 2018 evaluation.

OIG said in a report published Oct. 19 it found lapses in vulnerability and configuration management, access controls, web application integrity, security control testing, privacy awareness training and cybersecurity approaches at certain DOE sites.

The department oversees many laboratories and plants that rely on IT networks and systems to address national security, research, development and environmental management efforts.

According to the report, DOE faces various malicious threats each year that seek to steal data or hack into information systems that support its missions.

The inspector general recommended that the department identify, prioritize and track the developments of efforts aiming to address identified cybersecurity risks.

OIG conducted the audit to determine the effectiveness of the department-wide unclassified cybersecurity program, as mandated by the Federal Information Security Modernization Act of 2014.

Check Also

USCIS Launching System Modernization, Supply Chain Security Initiatives

The U.S. Citizenship and Immigration Services is working on modernizing its systems and fortifying software security at the supply chain level, Federal Times reported Friday. Adrian Monza, chief of the Department of Homeland Security component's cyber defense branch, told the publication that USCIS is launching “very significant” modernization efforts and that other agencies must be able to defend their networks against threats to financial databases.