For our evaluation of the National Weather Service's (NWS's) protection of operational technology (OT), our objective was to determine whether NWS has implemented effective security controls for its critical OT. We found that I. NWS did not implement strong credential management for some OT systems, and II. NWS lacked complete vulnerability scanning coverage for some OT systems.
Report File
Date Issued
Submitting OIG
Department of Commerce OIG
Agencies Reviewed/Investigated
Department of Commerce
Components
National Oceanic and Atmospheric Administration
Report Number
OIG-25-012-I
Report Description
Report Type
Inspection / Evaluation
Agency Wide
Yes
Number of Recommendations
4
Questioned Costs
$0
Funds for Better Use
$0
Report updated under NDAA 5274
No
External Link