Like other organizations, Amtrak (the company) has been migrating its existing technology systems and data and deploying new systems to the cloud, and its efforts are ongoing. During our ongoing audit of the company’s cloud computing practices, we identified two pressing cybersecurity issues. We are providing this early alert to bring these issues to the company’s immediate attention. Given the sensitive nature of the information, we are summarizing the results in this public version of the report.
SUMMARY OF RESULTS
Our work to date on the company’s cloud computing practices, which we plan to continue, identified two matters for immediate consideration. In commenting on a draft of this interim report, the company’s Executive Vice President for Digital Technology and Innovation agreed with our matters for consideration and described actions the company plans to take to address them.
