The FAA's air traffic control system is at "increased and unnecessary risk" from cyber-attacks and other threats, according to a government report released this week. The analysis by the Government Accountability Office found weaknesses in controlling access to computer systems, encrypting sensitive data, and implementing security programs. For example, the auditors found the agency's information security systems and procedures don't meet the requirements of a 2002 law, and its information security strategic plan hasn't been updated since 2010. The GAO recommended 168 specific actions that the FAA should take to improve the security of the National Airspace System, and the FAA concurred.
This is a companion discussion topic for the original entry at https://www.avweb.com/news/report-finds-faa-cyber-security-lacking