Stay updated on news, articles and information for the rail industry
- Short Lines & Regionals
- Passenger Rail
- Legislative & Reg.
- Rail Industry Trends
- Supplier Spotlight
- High Speed Rail
Rail News: Security
OIG: Inadequate planning leaves USDOT exposed to cybersecurity risks
The U.S. Department of Transportation (USDOT) Office of the Chief Information Officer (OCIO) has not adequately planned for protecting the department against cybersecurity risks, the Office of Inspector General (OIG) found in an audit report published Monday.
The audit reported that the OCIO was granted an appropriation of nearly $29 million to support USDOT's cybersecurity initiatives. Congress appropriated the funds over fiscal years 2012 through 2015.
The department requested the funding to address some of its "most serious cybersecurity gaps," according to the report. Although the audit found that the OCIO did not spend any funds on non-cybersecurity purposes, it did commit some billing errors and failed to adequately document or plan for its cybersecurity funding needs.
"Without sound planning procedures and internal controls, OCIO is at risk of not being able to efficiently address USDOT's most serious cybersecurity gaps," the audit report stated.
As a result of the audit's findings, the OIG recommended five actions that OCIO take to address the cybersecurity planning shortcomings. While two recommendations have been addressed, three others are "open and unresolved," OIG stated.
The OIG asked the OCIO to reconsider its response to the recommendations and provide additional information in the next 30 days.
Contact Progressive Railroading editorial staff.