Office of Personnel Management
-
UPDATED: A key Senate committee approved an amendment today to give federal employees no less than 10 years of identity and credit-monitoring services and $5 million in liability protection for related damages.
July 22, 2015 -
A new report from the Institute for Critical Infrastructure Technology cites OPM's scattered IT governance, lack of cybersecurity experts and lack of cyber threat detection technology as the major pitfalls leading to OPM's cyber breach. The Federal Drive's Tom Temin spoke with Dan Waddell, a lead contributor on the study, about what OPM needs to do to secure its systems for the future.
July 22, 2015 -
A Government Accountability Office report released earlier this month states the Office of Personnel Management isn't properly communicating employee engagement strategies with other agencies.
July 22, 2015 Federal Times editor Jill R. Aitoro joins host Mike Causey to talk about the OPM cyber attack. They will discuss among other things, what's next in the investigation, and what hackers plan to do with the information. July 23, 2015
July 21, 2015-
The Office of Personnel Management is turning to the Homeland Security Department to help it set the standard for better federal cybersecurity. OPM is still recovery mode as it deals with the consequences of the biggest breach of federal employee data in history. Chris Cummiskey is the CEO of Cummiskey Strategic Solutions, a senior fellow at the Center for Cyber and Homeland Security at George Washington University and former acting undersecretary for management at DHS. He tells In Depth with Francis Rose that says DHS has five big items to tackle before it can — and should — lead the effort.
July 21, 2015 -
UPDATED: Agencies with the largest percentage of security clearances, such as DoD, DHS and VA, will end up shouldering a huge part of the burden to pay for the credit monitoring services for 21 million current and former federal employees impacted by the second data breach. AFGE and federal officials are angered after acting OPM Director Beth Cobert tells agencies about OPM’s plans to raise its fees for security clearance services it provides in order to recoup the costs of the identity protection services it must purchase for the victims of the attack.
July 21, 2015 -
OPM's recent cybersecurity breach shows how tight budgets, limited expertise and cultural blind spots create perfect storms of agency vulnerability throughout the federal environment.
July 20, 2015 -
It's been one week now since Katherine Archuleta told reporters she didn't plan to resign -- and then announced her resignation less than 24 hours later. Acting OPM Director Beth Cobert has spent her first week on the job reassuring leaders within her agency and others that she understands the magnitude of the job at hand. Tom Shoop is editor in chief at Government Executive magazine, and he writes Archuleta's resignation is another case of business as usual in Washington. But he tells In Depth guest host Jared Serbu that it doesn't have to be that way.
July 17, 2015 -
Winvale and its subcontractor CSID want to bid on the larger contract to help the 21.5 million people affected by the breach of OPM's security-clearance database, Winvale CEO Kevin Lancaster said. "We'd absolutely go again for it. We have capacity," he said. "We've got the right solutions, the right lessons learned from this one." Not everyone is convinced.
July 17, 2015 -
We want to know your thoughts on the OPM data breach, OPM's response to it and what you plan to do next. Take our brief survey today.
July 16, 2015 -
The Electronic Questionnaires for Investigations Processing system is offline now while the Office of Personnel Management tries to fix its cybersecurity vulnerabilities. Those vulnerabilities were discovered during the investigation into the recent data breach, in whch hackers stole personal information for 21.5 million people. And while much of the attention has focused on the OPM crisis' impact on federal workers, contractors are impacted too in a big way, and they're certain to be impacted by the backlog now building up while eQIP is offline Stan Soloway is the president and CEO of the Professional Services Council. He tells In Depth guest host Jared Serbu about the effects contractors are feeling -- and what they expect.
July 16, 2015 -
The number of agency employees using two-factor authentication is 20 percent since the start of the 30-day cybersecurity sprint. Federal Chief Information Officer Tony Scott had some positive results to share at the halfway point. Patrick Flynn is the director of homeland and national security programs at Intel Security, and former assistant chief of the Office of Border Patrol at Customs and Border Protection. He tells In Depth with Francis Rose what we should be looking for as more agencies report their progress at the end of the cyber sprint.
July 15, 2015 -
The OPM cyber attack may turn out to have a silver lining. The attack may give agencies an opportunity — if they choose to take it — to redefine encryption. Chuck Archer is the executive chairman at Covata and former assistant director of the Federal Bureau of Investigation. He tells In Depth with Francis Rose that encryption isn't a people problem.
July 15, 2015 -
Alan Paller and John Pescatore of the SANS Institute explain why Katherine Archuleta's departure may not be a fair nor effective means for addressing the cybersecurity problems at OPM.
July 15, 2015 -
Even though the Office of Personnel Management is responsible for the biggest breach to federal employee data in history, it is by no means the only agency having a tough time addressing cybersecurity vulnerabilities. The number of cybersecurity incidents government-wide is up from about 5,500 in fiscal 2006 to more than 67,000 in fiscal 2014 — and those are just the incidents agencies have reported. Information security has been on the Government Accountability Office's High Risk list since 1997. Greg Wilshusen is director of information strategic issues at the GAO. He tells In Depth guest host Jared Serbu why agencies are having a hard time coming up with risk-based cyber programs.
July 14, 2015