Cybersecurity

OPM security chief: You're gonna need a bigger boat

Shutterstock image (by Tancha): shark attack vector.

(Tancha / Shutterstock)

How can you prep for the fallout when a big data breach strikes your agency?

There are a few things to know, said Jeff Wagner, director of security operations at the Office of Personnel Management. One of the most important is not to be "shocked that you're feeling overwhelmed."

He likened the feeling to the moment in the movie "Jaws" when Chief Brody first gets an eyeful of the shark and says, "We're gonna need a bigger boat."

At an Oct. 15 cybersecurity event presented by FCW, Wagner said everyone from the top managers to the CIO, communications staffers and congressional liaisons must know what to do if and when -- and increasingly, it seems to be a matter of "when" -- they get a call telling them about a data breach.

"Cybersecurity professionals are the only ones who can set management up for success," Wagner said. Non-specialists "don't know what they're looking at per se, so you need to set them up [and] pre-stage that kind of environment."

Preparing includes having preplanned talking points and timelines. It also means managing expectations. IT managers must prepare senior leaders for the reality that, as Wagner put it, "just because I find a breach at 9 a.m. doesn't mean I can give you an entire timeline of all systems affected and where the data loss is by noon."

In the wake of the OPM data breach, the government tightened agencies' ability to monitor the contractors that host their data. New contract language allows security pros like Wagner to do penetration testing and other data security checks.

"The government has now recognized that there's a huge hole [in the data security posture] and contractors are kind of that weak link," he said.

Before the breach, Wagner said, he would have had a hard time sending a couple of testers to a big contractor and demanding access to its systems. Things have changed.

"If I want to show up and root through your stuff, I'm showing up and rooting through your stuff," Wagner said. "Because it's not you reporting to Congress, it's me."

The OPM breach, which involved a data center operated by the Interior Department, has also served as a wakeup call to users of shared-services providers and improved collaboration between data owners and system owners.

"It strengthens a lot of things," Wagner told reporters after the event. "Now as we collaborate together, we're going to put these new controls in place. Instead of two groups that are now seen as entity silos, these two groups are now shared victims, and they simply work together better."

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.