October 15, 2019
  • 2:34 pm Committee Leadership Comes into Focus for 116th Congress
  • 2:22 pm Interstate System Report Calls for More Funding, Tolling, VMT Fees, and Cybersecurity
  • 2:15 pm In Memoriam: President George H. W. Bush, ISTEA, and Transportation
  • 1:56 pm Growth Projected for Transportation Projects, but Costs a Challenge
  • 1:35 pm FAA Reshuffles Executives, Plans Drone Identification Rulemaking in Spring 2019
  • 1:28 pm Predictive Technology Helps Reduce Crashes on I-15 Corridor in Las Vegas
  • 1:14 pm Video Report: MoDOT Produces Multi-Lingual Safety Message
  • 1:11 pm PennDOT Nears Completion of Rapid Bridge Replacement Project
  • 1:08 pm Infrastructure Grants Awarded to “Smaller” South Dakota Communities
  • 1:02 pm USDOT Secretary Chao Announces New Rural Infrastructure Focus
  • 1:01 pm Transportation Safety, Funding Will Be Emphasis Areas for New AASHTO President
  • 1:00 pm Highway Rights-of-Way May Be Key for Developing Hyperloop
  • 12:59 pm Missouri Governor Calls for ‘Bold’ Transportation Solutions
  • 12:58 pm AAA Says Pedestrian Detection Systems ‘Perform Inconsistently’

A 24-page report issued by the U.S. Department of Transportation’s Office of the Inspector General on Dec. 4 noted that the Federal Aviation Administration has not yet completed “phase 1” of required Continuous Diagnostics and Mitigation program compliance to secure its data systems against cyberattacks.

[Graphic via Wikimedia Commons.]

“The FAA reported to USDOT that 23 percent of its assets could not block unauthorized software from executing, but USDOT reported to the Department of Homeland Security that 100 percent of its assets had this capability,” the OIG said.

“USDOT also reported that 86 percent of its assets had been assessed for vulnerabilities using Security Content Automation Protocol or SCAP-validated products. However, 75 percent of those assets are at FAA, which reported to USDOT that less than 20 percent of its assets had been checked with a SCAP-validated product.”

As a result, the OIG said the FAA “may not have the valid, accurate and complete information it needs” to make “risk-based decisions in a timely and effective manner.”

A greater emphasis on cybersecurity is being placed on government data networks partially in response to President Trump’s National Cyber Strategy unveiled in September, a key tenet of which is increasing the security and resilience of the nation’s information and information systems.

“We will do this by taking specific steps to secure Federal networks and information, secure critical infrastructure, combat cybercrime, and improve incident reporting,” the White House noted in a Sept. 20 briefing.

editor@aashto.org

RELATED ARTICLES
%d bloggers like this: