The Department of Transportation has once again failed to meet federal information security requirements, DOT’s Office of Inspector General says in its annual Federal Information Security Management Act security audit.
“These weaknesses significantly increase the risk that systems will become victim to cyberattacks or disruptions that can compromise the integrity, availability and confidentiality of data needed to fulfill DOT’s missions,” DOT Inspector General Calvin Scovel III writes in the report dated Nov. 14.
DOT Chief Information Officer Nitin Pradhan, in a written response, outlined a number of steps his office has taken to improve IT security but conceded that the money and people to correct every shortfall the IG raised will be difficult to achieve.
“Resources are increasingly constrained and it is unlikely that our cybersecurity program will receive the additional resources as anticipated in our earlier planning,” Pradhan says. “As a result, it is neither realistic nor plausible to commit to addressing all of the issues described in the OIG draft report in a single year. While the issues discussed in the OIG draft report are integral to FISMA objectives, it is imperative that we focus our constrained resources on the highest priority actions.”
via InformationWeek Government, continued here.