The data breach at the Office of Personnel Management (OPM) discovered in April 2015 should not only be a wake-up call for OPM, but also for agencies across the U.S. federal government. The OPM computer systems were infiltrated four months before the breach was officially detected, and the compromised data included personnel records of 21.5 million current and former federal employees.
Detailed records of two million security background investigations were also exposed, and digital images of 5.6 million government employee fingerprints were taken. The immediate response from the White House was a 30-day sprint intended to raise federal cybersecurity to an acceptable baseline.
It mandated a handful of concrete actions and best practices including scanning systems and logs for Department of Homeland Security (DHS) threat indicators, patch critical vulnerabilities without delay, tighten privileged access management policies and enforcement and accelerate the use of multi-factor authentication.
These are good steps that should be a part of every agency’s cybersecurity program. But they are too focused on short-term results that do not adequately address decades of unmanaged and outdated systems, the accelerated adoption of new technologies and modern assets, or the challenges of a rapidly evolving threat landscape.