Cybersecurity has been front of mind for the government for as long there have been hackable systems, but the office of personnel management breach that took place in early 2015 was a wakeup call unlike any other. The data of some 21 million government workers was stolen as a result of the breach, including biometric information of an estimated 5 million people. It was a ground-breaking incident, and it left a bad taste in the mouths of the victims and government IT leaders alike.
At this point, little can be done to rectify the situation, other than identifying the individuals who were among the 21 million affected, and notifying them. Some, but not all, of the victims have been informed, and have been offered identity protection services. Nevertheless, many government employees are still curious about whether or not their information ended up in the hands of hackers. In a bid to provide this closure, the OPM has announced a new online resource that may expedite the process.
Introducing the cybersecurity resource center
OPM announced the cybersecurity resource center in early December, and is referring to it as a verification center. The website welcomes visitors with two main options, one for victims who have already been notified, and one for anyone who suspects that their information has been stolen. Selecting the latter box then allows the visitor to determine via phone call, or online.
As of Dec. 1, OPM Acting Director Beth Cobert said in a blog post that 800,000 people were being notified each day, and that they were on schedule to finish within two weeks. The cybersecurity resource center may help speed up this process, and allow anyone who has been affected to receive the identity protection insurance that will be offered by the federal government for the next three years.
"I urge anyone who has not received a letter by the middle of this month and who believes his or her data may have been taken, to reach out to the verification center so we can confirm your correct address and send you a letter," Cobert said in the post.
Government IT services intersect with cybersecurity
Many of the recent reports about federal IT services have focused on the government agencies' efforts to improve efficiency of technology infrastructure. Data center consolidation, big data strategies and cloud computing have all been in the limelight. While moving forward with these initiatives may help cut back on the federal IT spend, government cybersecurity must remain a principal focus each step of the way. With some exceptions – such as the Department of Homeland Security's realization that secret databases were unpatched, or that federal workers were misusing mobile devices in work environments – federal IT leaders have erred on the side of caution for the most part. This wariness of cyberthreats is actually one of the reasons cloud migration has been slow out of the gates.
Furthermore, the federal government has been making some strides when it comes to cybersecurity, as witnessed by the recent revelation that DHS offers free penetration testing to businesses. This all boils down to the fact that cybersecurity will play a pivotal role in the development of federal IT services henceforth. The OPM data breach has changed the playing field, and federal agencies are adapting to the new game.