January 28, 2020
  • 2:34 pm Committee Leadership Comes into Focus for 116th Congress
  • 2:22 pm Interstate System Report Calls for More Funding, Tolling, VMT Fees, and Cybersecurity
  • 2:15 pm In Memoriam: President George H. W. Bush, ISTEA, and Transportation
  • 1:56 pm Growth Projected for Transportation Projects, but Costs a Challenge
  • 1:35 pm FAA Reshuffles Executives, Plans Drone Identification Rulemaking in Spring 2019
  • 1:28 pm Predictive Technology Helps Reduce Crashes on I-15 Corridor in Las Vegas
  • 1:14 pm Video Report: MoDOT Produces Multi-Lingual Safety Message
  • 1:11 pm PennDOT Nears Completion of Rapid Bridge Replacement Project
  • 1:08 pm Infrastructure Grants Awarded to “Smaller” South Dakota Communities
  • 12:44 pm House T&I Critical of FCC’s Proposed 5.9 GHz Rulemaking
  • 12:43 pm Survey: Roads Rank High on Mayoral Infrastructure Wish-List
  • 12:39 pm Greenbelt: The Town that Influenced Transportation
  • 12:37 pm State DOT CEOs Address Role of Equity in Transportation
  • 12:34 pm State DOTs Highlight Environmental, Community Issues at TRB

A 24-page report issued by the U.S. Department of Transportation’s Office of the Inspector General on Dec. 4 noted that the Federal Aviation Administration has not yet completed “phase 1” of required Continuous Diagnostics and Mitigation program compliance to secure its data systems against cyberattacks.

[Graphic via Wikimedia Commons.]

“The FAA reported to USDOT that 23 percent of its assets could not block unauthorized software from executing, but USDOT reported to the Department of Homeland Security that 100 percent of its assets had this capability,” the OIG said.

“USDOT also reported that 86 percent of its assets had been assessed for vulnerabilities using Security Content Automation Protocol or SCAP-validated products. However, 75 percent of those assets are at FAA, which reported to USDOT that less than 20 percent of its assets had been checked with a SCAP-validated product.”

As a result, the OIG said the FAA “may not have the valid, accurate and complete information it needs” to make “risk-based decisions in a timely and effective manner.”

A greater emphasis on cybersecurity is being placed on government data networks partially in response to President Trump’s National Cyber Strategy unveiled in September, a key tenet of which is increasing the security and resilience of the nation’s information and information systems.

“We will do this by taking specific steps to secure Federal networks and information, secure critical infrastructure, combat cybercrime, and improve incident reporting,” the White House noted in a Sept. 20 briefing.


%d bloggers like this: