GOP Rep: OPM hack response exposes hypocrisy

GOP Rep: OPM hack response exposes hypocrisy

The Obama administration's handling of the recent massive data breach has exposed “the federal government’s prevarication and hypocrisy when it comes to handling cybersecurity incidents,” Rep. Will Hurd (R-Texas) wrote in an op-ed for The Wall Street Journal.

While no one has been fired or held accountable following repeated breaches at numerous agencies, the government levies fines on private companies for their security breaches, Hurd argued.

ADVERTISEMENT
“If federal agencies wish to provide effective oversight of the private sector, then they should start by looking in the mirror,” he said.

The White House has come under considerable heat from Congress following revelations that two separate digital intrusions at the Office of Personnel Management (OPM) have exposed tens of millions of people’s most sensitive information.

Hurd sits on the House Oversight and Government Reform Committee, which has held two hearings in as many weeks on the OPM breach.

The Texas freshman also chairs the Oversight panel’s Information Technology Subcommittee. He was given the title, in part, because of his four years working as a senior adviser for security firm FusionX.

Hurd and other lawmakers have bashed officials for withholding information and for failing to respond to years of warnings that the OPM networks — which hold personnel files and security clearance background checks on all federal workers — were not locked down.

“In report after report going back to 2010, the OPM’s Office of the Inspector General had identified insecure, outdated and poorly managed IT systems and practices that left the agency’s information vulnerable,” Hurd wrote.

Yet during multiple congressional hearings the past two weeks, OPM Director Katherine Archuleta “declined to apologize for, or even acknowledge, her agency’s refusal to implement security best practices recommended for several years by the OPM’s own inspector general," he continued.

Lawmakers in particular have latched onto Archuleta’s decision not to shut down 11 computer systems that didn’t have a security certificate, going against the inspector general’s recommendation.

Archuleta has repeatedly insisted the agency could not turn off those systems without disrupting employee’s benefits and paychecks.

The answer has not satisfied lawmakers or the inspector general. Many want Archuleta ousted for her role in the breach.

Hurd indicated Archuleta’s firing would be a welcome change for an administration that has lacked accountability.

Hurde recounted asking the head of the Government Accountability Office whether “he could recall ever seeing any federal government employee fired for delays or cost overruns on IT projects.”

“After a long pause, he could not name a single instance,” Hurd continued. “This ‘do as I say, not as I do’ culture runs rampant in Washington. Our government demands accountability from others but offers little itself.”