Energy struggles with IT security, financial systems

Two reports just released by the Energy Department's inspector general are critical of the department's cybersecurity efforts.

In a special report released Dec. 19, cybersecurity is one of seven areas that IG Gregory Friedman considers a significant management challenge for the department.

'[O]ur annual evaluation of the department's unclassified cybersecurity program noted weaknesses that could compromise critical systems if left uncorrected,' the report stated. 'We found problems with ensuring that: (1) only authorized individuals could access information resources; (2) duties and responsibilities for processing financial transactions were properly segregated; and (3) modifications to applications and systems were authorized and properly controlled.'

Other significant challenges facing Energy include national security issues, contract administration, project management, and financial management and reporting.

In the area of financial management, in a separate memo to Energy secretary Samuel Bodman dated Nov. 14 but posted to the IG's Web site in the past few days, Friedman reported that the department failed its financial audit for fiscal 2005. He attributed much of the failure to problems in implementing a new accounting system.

Friedman included the problems with cybersecurity in unclassified networks in his report on the audit.

'The identified weaknesses and vulnerabilities increased the risk that malicious destruction or alteration of data or unauthorized processing could occur,' he wrote.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group