Lawmakers look to strip OPM after hack.
Lawmakers look to strip OPM after hack. It might be a little too late for this, but there’s the making of a bipartisian movement in Congress to strip the Office of Personnel Management of its control over security clearances. “OPM was never designed to deal with national security,” Rep. Ted Lieu (D., Calif.), the co-author of an upcoming bill to move the security clearance database away from the OPM, tells the Hill. One possible candidate is the Defense Department which housed the database until 2004. A separate bill will push for greater oversight.
At White House, 30-day sprint kicks off cyber marathon to stop intrusions. U.S. CIO Tony Scott tells Reuters he began reviewing cybersecurity processes in the government when he left the private sector for the job earlier this year. The discovery of the OPM hack added urgency to the process. Last month, Mr. Scott ordered agencies to conduct a “cyber sprint,” installing patches, adding two-factor authentication and requiring agencies to cut down on the number of “privileged users.” In September, he plans to deliver more recommendations, some which will required Congressional approval. “Shame on us if we don’t also take advantage of this time to come forward comprehensively and say, ‘We need to make these other changes as well,’” Mr. Scott said.
Italian cyber-security firm suspects foreign government was behind mass attack. The Hacking Team‘s CEO believes said a nation state was behind the cyberattack that let loose source code of its programs and private corporate emails linking the controversial firm to a who’s who of governments with bad human rights records. The company makes surveillance software used by governments to tap into phone and computer communications, Reuters explains