DHS IG: TSA needs better net security

The Transportation Security Administration has improved its network security, but the agency still cannot ensure that critical computer network operations and data are protected from hackers and can be restored following an emergency, according to a new report from the Homeland Security Department's Office of the Inspector General.

TSA falls short in developing and implementing such processes as security testing, monitoring with audit trails, configuration and patch management, and password protection, the report said. Also, contingency plans have not been finalized or tested.

TSA shares information with airports through a WAN. But it lacks a comprehensive security testing program to ensure the integrity of that network, the report said.

While some vulnerability scans are performed monthly, TSA does not conduct penetration testing and password analysis, and does not test all devices connected to the network as recommended, the report said.

TSA officials agreed with the advice, according to the report.

To read the report, go to www.gcn.com and enter 487 in the GCN.com/box.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected