SBN

Fallout continues in OPM breach as damage proves worse than originally thought

A few weeks ago on this blog we discussed the U.S. Office of Personnel Management’s (OPM) recent data breach and the fact that it represented a potential nightmare for the federal government and millions of its employees.

Unfortunately, as it turned out, the nightmare was only beginning.

In the weeks since the story first broke, a second breach was revealed, taking the number of former and current federal employees affected from approximately 14 million to nearly 22 million. In the wake of this revelation, Katherine Archuleta, Director of the OPM, resigned her post.

In his testimony at a congressional hearing, the OPM’s Assistant Inspector General for Audits indicated that the agency had neglected to follow recommendations his office had made over the past several years, including a call for the agency centralize its cybersecurity management structure. And although the department had recently implemented a security information and event management (SIEM) tool, a 2014 audit found that the solution was only collecting data from approximately 80 percent of OPM’s major IT systems.

The Obama administration has said that it will likely take months and possibly years to address all of the agency’s cybersecurity vulnerabilities. But at a high level, there seemed to have been two primary problems:

  1. A number of OPM’s security controls and procedures were outdated or underutilized, making systems vulnerable to outside attacks
  1. Many of the agency’s tools—even the modern ones—were not being used to full capacity

It is quite possible that a data loss prevention solution, used properly, might have helped mitigate some of the issues related to the first problem; the second problem might have been successfully addressed with a cybersecurity case management solution designed to help organizations get more out of existing security tools.

But while individual solutions are important, so too is a commitment from every level of an organization, from the C-Suite down, to prioritize information security. Because if recommendations from experts are ignored or pushed aside as they seemed to have been at the OPM, eventually, the organization will likely pay a heavy price.

*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) authored by Cody Cornell. Read the original post at: https://swimlane.com/blog/fallout-continues-in-opm-breach-as-damage-proves-worse-than-originally-thought/

Avatar photo

Cody Cornell

Cody is responsible for the strategic direction of Swimlane and the development of our security orchestration, automation, and response (SOAR) platform. At Swimlane we advocate for the open exchange of security information and deep technology integration, that maximizes the value customers receive from their investments in security operations technology and people. Collaborating with industry-leading technology vendors, we work to identify opportunities to streamline and automate security activities saving customer operational costs and reducing risk.

cody-cornell has 132 posts and counting.See all posts by cody-cornell