When it comes to cybersecurity, NASA is having trouble getting off the launch pad.
The U.S. Government Accountability Office (GAO) just finished its 2018 assessment of NASA's cybersecurity and risk management program.
The GAO evaluated NASA based on at-risk management components identified in the National Institute for Standards and Technology’s (NIST) guidance.
The report on NASA's information security program is titled, "Urgent Action Needed to Address Significant Management and Cybersecurity Weaknesses."
NASA clearly has a lot of work to do on cybersecurity before it is adhering to NIST Cybersecurity Framework.
There was one bright spot the report noted, however: NASA’s new cybersecurity risk manager began work on April 2, 2018 and will report to the space agency's CIO.
Perhaps that will lead to a coordinated risk strategy—starting in "3, 2, 1...."
[Image courtesy of NASA]