NASA OIG Warns of Cybersecurity Risk Due to Lack of AI Governance Mechanism

An audit conducted by the NASA Office of Inspector General shows that deficiencies in information technology management systems and artificial intelligence governance mechanisms have placed the agency at an increased risk from cyber threats. Previous OIG audits revealed the agency’s fragmented IT management while an audit report released last week found NASA’s AI management effort insufficient due to a lack of a standard definition, classification and tracking of AI compliant with federal requirements and AI cybersecurity concerns, Nextgov reported.

The OIG wants NASA to come up with a standard AI definition that is harmonized with the agency’s framework for the ethical use of AI and used to identify the agency’s AI use case inventory. The recommendation also included the identification of a classification mechanism for the rapid application of federal requirements for cybersecurity controls and the development of a tracking method for budgets and expenditures.

The agency has used AI in various cases, including storm prediction tools, space research, navigation and autonomous space probes. The development of NASA AI governance and standards will help the agency assess its cybersecurity controls and monitor AI expenditures to ensure compliance with federal requirements.