OPM Cybersecurity Still Lags Three Years After Massive Breach

Nextgov: The Office of Personnel Management's cybersecurity is still in bad shape, three years after it suffered a massive data breach that compromised sensitive records about more than 20 million Americans.

OPM has made some cybersecurity and management improvements, but “significant deficiencies” remain and the current information security staff is “not fulfilling its responsibilities,” the agency's inspector general said Monday.

OPM's overall cybersecurity maturity score is 2 out of a possible 5, according to the year-end report on the personnel office’s compliance with the Federal Information Security Management Act.

Read article