Watchdog starts two cyber audits on Pentagon
The Pentagon’s internal watchdog is launching two audits of the sprawling Defense Department’s cybersecurity, officials said Wednesday.
Carol Gorman, the assistant inspector general for readiness and cyber operations, will head both efforts, according to letters released by her office.
The first audit is simply a compilation of “cybersecurity weaknesses identified in audit reports and testimonies” from DOD auditors or Government Accountability Office investigators between Aug. 1, 2015, and July 31, 2016.
“This summary report will support our annual response to the requirements in …. the Federal Information Security Modernization Act of 2014,” known as FISMA, the letter states. “We will consider suggestions from management on additional or revised objectives,” it adds.
The second probe will examine the emerging issue of control system cybersecurity at the Pentagon. Control systems are computerized systems that control physical equipment — everything from door locks to air conditioning.
The audit will check “whether DOD has implemented cybersecurity controls to protect, detect, counter, and mitigate potential cyberattacks on control systems supporting DOD critical missions or assets,” states the second letter.
The letter adds that the audit is the first of a series probing the security of mission-critical control systems at the department.