By Wade-Hahn Chan
May 22, 2008
Some lawmakers want NASA to determine where the agency stands on
information technology security and report back to Congress.
The fiscal 2008 NASA Authorization Bill . which has cleared the House
Committee on Science and Technology Committee's Space and Aeronautics
Subcommittee - has language that would require the space agency to
submit two reports to the committee on IT security plans.
The first report would include details on NASA.s mission-critical
network security controls, featuring the following:
* The network's ability to limit, detect and monitor access to
resources and information to safeguard and protect it from
* How network resources can be physically accessed.
* The extent of encryption on sensitive research and mission data.
The subcommittee also adopted language to require the Government
Accountability Office to perform detailed vulnerability assessments on
GAO would then compare the results of those assessments with previous
intrusions into the system, successful or attempted, over the past two
years. The lawmakers also want GAO to determine what NASA is doing to
plug any security holes. The measure was approved and referred to the
full committee in May 20.
The bill would require NASA to submit the reports to Congress a year
after the bill becomes law.
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com