The US Office of Personnel Management (OPM) suffered a devastating data breach that has impacted millions of people - and the agency is now trying to move too fast and isn't following best practices. The OPM is relying on systems that are "decades-old" and apparently has no idea what they are actually doing to prevent future cybersecurity issues.
"It may sound counterintuitive, but OPM must slow down and not continue to barrel forward with this project," said Patrick McFarland, Inspector General of the OPM, while speaking to the Senate Homeland Security Committee. "The agency must take the time to get it right the first time."
Sen. Ron Johnson (R - WI) and Sen. John McCain (R - AZ) have called into question the Obama Administration's commitment to overall cybersecurity. The "OPM has become a case study in the consequences of inadequate action and neglect," Johnson recently said. Meanwhile, McCain questioned if OPM agency director Katherine Archuleta should stay in her current role, especially after offering conflicting reports regarding OPM's breach damage.
The OPM also was aware of potential network problems, which left it vulnerable to cyberattacks, but didn't act fast enough to make changes. And with McFarland's recent comments, lawmakers and cybersecurity officials likely won't like what they heard.