It has now become quite apparent that one of the major reasons the recent hacking into the federal government database in which the private information of nearly every federal employee was stolen was due to a large level of negligence on the part of the government. What this boils down to is this simple fact: the government failed for years to take basic steps to secure its computer networks. Furthermore, we are also finding out that the government detailed personal histories of millions of individuals who have undergone security clearances and the people’s information of those involved in these background information (friends, family, co-workers, etc.).
The criticism came from within. Michael Esser, the agency’s assistant inspector general for audit, detailed a years long failure by Office of Personnel Management to adhere to reasonable cyber-security practices, and he said that that for a long time, the people running the agency’s information technology had no expertise. He also mentioned of an inspector general’s audit which advised that the agency shut down some of its networks because they were so vulnerable. The director, Katherine Archuleta, declined, saying it would interfere with the agency’s mission.
The director does not seem to possess the desire to take responsibility for what happened. Instead, she seems more interested in shifting blame and trying to defend this devastating breach of security. Maybe she isn’t really to blame and this problem would have happened regardless of her tenure at OPM. However, this country as a whole needs to learn well from this lesson and take cyber-security very seriously moving forward.
The time to act is now.