Cybersecurity

Senators: End sequester to pay for cybersecurity

Senators Angus King (Maine) and Mark Warner (Virginia)

Sens. Angus King (left) and Mark Warner (right) asked appropriators to give the administration all it requested for OPM. (Images: Wikimedia)

Two members of the Senate Intelligence Committee are calling on their fellow lawmakers to fully fund the Obama administration’s fiscal 2016 budget request for the Office of Personnel Management -- a boost of $32 million compared with 2015 -- after a large-scale cyberattack on OPM was revealed last week.

"This attack clearly highlights how critical it is for our national defense that Republicans and Democrats negotiate another bipartisan sequester relief package," Sens. Angus King (I-Maine) and Mark Warner (D-Va.) wrote in a June 10 letter to Arkansas Republican John Boozman, chairman of the Senate Appropriations Subcommittee on Financial Services and General Government. "This attack on OPM's IT infrastructure is not the first and will likely not be the last."

OPM’s fiscal 2016 request of $272 million includes $21 million for finishing network upgrades begun in fiscal 2014.

The OPM hack, which multiple reports have said took place in December but was not discovered until April, exposed the personal information of up to 4 million current and former federal employees.

On a June 10 call with reporters, Warner said hacks like those on OPM were a reminder of the need to "get rid of the stupidity of sequestration." The additional funding for OPM would "build up additional IT infrastructure and better protections," he said, adding that information-sharing legislation approved by the Intelligence Committee in March should be brought to the Senate floor and not attached to the defense authorization bill, as Majority Leader Mitch McConnell (R-Ky.) has suggested.

King predicted "sequestration will cause future breaches unless we start funding some of these defensive capabilities adequately."

Lankford wants answers on hack

On another front, Congress is starting to dive into the details of the hack.

Sen. James Lankford (R-Okla.), chairman of the Regulatory Affairs and Federal Workforce Subcommittee of the Senate Homeland Security and Government Affairs Committee, sent a letter June 10 to OPM Director Katherine Archuleta seeking more detailed information on the breach, how it was discovered and OPM's overall security posture.

Specifically, Lankford wants to know the date OPM learned of the breach, the overall chronology of the internal OPM investigation, when OPM notified the federal agencies charged with probing cybersecurity breaches, and the source of the funding OPM is using to offer credit monitoring to affected personnel, as well as the process by which OPM selected a contractor to provide that service. Additionally, Lankford wants to know who was responsible for crafting OPM's cybersecurity plan before June 4, when the world learned of the hack, and who executed the plan. He is requesting his answers by June 22.

Lankford also called attention to OPM's response to hacks against background check contractors USIS and KeyPoint, which compromised the records of about 73,000 feds. OPM cut ties to USIS, which was also the subject of a whistleblower lawsuit alleging shoddy investigative practices. But OPM retained KeyPoint despite the breach of their systems.

"That OPM would so disparately reprimand its contractors for their IT security, while failing to prevent a breach fifty-five times larger than the USIS and KeyPoint breaches combined, raises serious questions about the integrity of OPM's IT security," Lankford wrote.

About the Authors

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.