Information Technology Division (IT) Computing and Communications Services News
May, 2005

CCS News Home
Back Issues
Search CCS News
Computer Security
Help Request
Software Downloads
Computer Backups
Buy a Computer
Suggestion Box
Email
Calendar
Onsite Computer Training
ITSD
CIS
ISS
NTD
 

Be Prepared: Upcoming Cyber Security Audit

DOE’s Office of Assurance (OA) will conduct a cyber security audit at the Lab in December. OA is DOE’s most powerful internal regulator, and reports directly to the Secretary of Energy. OA “red teams” will be onsite for two to three weeks to conduct internal scanning, social engineering and other tests on the security of our systems.

To get ready for the audit, the Computer Protection Program (CPP) plans to: strengthen passwords, increase scanning, strengthen policy, adjust protections and notify line management and Computer Protection Implementation Committee (CPIC) liaisons about security vulnerabilities. CPP will be assessing vulnerabilities and consulting to fix problems. Please contact your CPIC liaison for support.

CPP’s goal is to do no harm to the mission of the Lab or its operations—we do not want anyone to lose productivity. However, the new contract includes provisions that may require us to be more responsive and compliant.