Two years after the OPM data breach: What government agencies must do now

The Office of Personnel Management breach in June 2015 was a big wake up call to our federal government, and, in its wake, a number of initiatives were launched to improve the government’s cybersecurity posture. Despite several concrete improvements, progress has stalled in some areas, as demonstrated by a series of assessments conducted since the breach occurred.

In the fall of 2015, the Government Accountability Office (GAO) conducted its first assessment under the Federal IT Acquisition Reform Act, which covers cybersecurity as well as other areas of IT. Out of 24 agencies, none received an A, two received Bs, five got Cs, 14 got Ds and three agencies — the Department of Education, the Department of Energy and NASA — received failing grades.

To read this article in full or to leave a comment, please click here