OPM has been criticized by the House Oversight and Government Reform Committee for security shortcomings, which contributed to 2015’s major data breach.
The Office of Personnel Management (OPM) has been heavily criticized by the Republican members of the House Oversight and Government Reform Committee for not having in place appropriate cybersecurity measures, which contributed to last year’s major data breach.
According to a report from the committee, OPM’s senior leadership were also held culpable for the security incident, which affected over 20 million people.
The authors of the report said that the agency had, time after time, failed to respond to warnings and recommendations prior to the major data breach, all of which highlighted notable cybersecurity shortcomings.
“The OPM data breach and the resulting generational national security consequences cannot happen again,” Republican Representative Jason Chaffetz, the committee’s chairman, was quoted by Reuters as saying in the report.
Responding to the findings, Beth Cobert, acting director of the OPM, said in a blog that OPM disagreed with many of the findings of the committee, adding that the report “does not fully reflect” where OPM “stands today”.
One of the key developments at OPM in the months since the major data breach is its understanding that cybersecurity goes beyond technology, she revealed.
“It’s about people,” Cobert remarked, adding: “In addition to strengthening our technology, we have added seasoned cybersecurity and IT experts to our already talented team.
“OPM has brought on a senior cybersecurity advisor who reports to the director of OPM. We have hired a new chief information officer as well as a number of new senior IT leaders. And we have centralized our cybersecurity resources under a new chief information security officer.”