OPM security chief: You're gonna need a bigger boat

Shutterstock image (by Tancha): shark attack vector.

(Tancha / Shutterstock)

How can you prep for the fallout when a big data breach strikes your agency?

There are a few things to know, said Jeff Wagner, director of security operations at the Office of Personnel Management. One of the most important is not to be "shocked that you're feeling overwhelmed."

He likened the feeling to the moment in the movie "Jaws" when Chief Brody first gets an eyeful of the shark and says, "We're gonna need a bigger boat."

At an Oct. 15 cybersecurity event presented by FCW, Wagner said everyone from the top managers to the CIO, communications staffers and congressional liaisons must know what to do if and when -- and increasingly, it seems to be a matter of "when" -- they get a call telling them about a data breach.

"Cybersecurity professionals are the only ones who can set management up for success," Wagner said. Non-specialists "don't know what they're looking at per se, so you need to set them up [and] pre-stage that kind of environment."

Preparing includes having preplanned talking points and timelines. It also means managing expectations. IT managers must prepare senior leaders for the reality that, as Wagner put it, "just because I find a breach at 9 a.m. doesn't mean I can give you an entire timeline of all systems affected and where the data loss is by noon."

In the wake of the OPM data breach, the government tightened agencies' ability to monitor the contractors that host their data. New contract language allows security pros like Wagner to do penetration testing and other data security checks.

"The government has now recognized that there's a huge hole [in the data security posture] and contractors are kind of that weak link," he said.

Before the breach, Wagner said, he would have had a hard time sending a couple of testers to a big contractor and demanding access to its systems. Things have changed.

"If I want to show up and root through your stuff, I'm showing up and rooting through your stuff," Wagner said. "Because it's not you reporting to Congress, it's me."

The OPM breach, which involved a data center operated by the Interior Department, has also served as a wakeup call to users of shared-services providers and improved collaboration between data owners and system owners.

"It strengthens a lot of things," Wagner told reporters after the event. "Now as we collaborate together, we're going to put these new controls in place. Instead of two groups that are now seen as entity silos, these two groups are now shared victims, and they simply work together better."

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy, health IT and the Department of Veterans Affairs. Prior to joining FCW, Mr. Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian started his career as an arts reporter and critic, and has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, Architect magazine, and other publications. He was an editorial assistant and staff writer at the now-defunct New York Press and arts editor at the online network in the 1990s, and was a weekly contributor of music and film reviews to the Washington Times from 2007 to 2014.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.


  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Wed, Nov 11, 2015

Jeff Wagner who ignored requirements fo strengthening security for applications, data, and NOT installing end to end monitoring is now the expert? How do the OPM CIO and Jeff all of a sudden pat themselves on the back for fixing a situation they ignored? UGH!

Wed, Oct 21, 2015 Bob

It was DOI? I had no idea till this comment. I know when the DOI was tasked with all our payroll and I saw their pay stubs many years ago, I thought, "we're really sliding". Like other govt agencies, DOI doesn't have the money or the talent to do things right. How the heck did DOI end up in the critical path in the first place? I suspect lawmakers wanted to centralize stuff (which in the short term saves money) so they put all the ships in the same harbor making a breach MUCH more damaging in the long run.

Thu, Oct 15, 2015 DOI no more Washington DC

Finally everyone is finding out DOI was really the agency responsible for the data breech! It's about time....

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group