Data breach further highlights need to improve federal cybersecurity

The idea that the U.S. government needs to improve its cybersecurity capabilities is hardly a radical notion. Many high-level personnel and outside observers have made this claim repeatedly in recent years. However, these warnings are nowhere near as effective at highlighting the problem as actual data breaches. When such events occur, they offer dramatic testimony of the federal government's cybersecurity shortcomings and spur renewed conversations concerning how agencies can and should better protect their digital assets.

Such a data breach recently struck the entire federal government. More than 4 million members of the federal workforce's personal data was stolen in the cyberattack, making this quite possibly the largest breach ever to occur in the U.S. public sector. The sheer scope of this incident should serve as undeniable evidence that superior cybersecurity strategies are required.

A major attack
Initially, U.S. authorities indicated that this cyberattack solely affected employees in the Interior Department and the Office of Personnel Management. However, it soon became clear that the breach extended well beyond these departments, and potentially may affect virtually every government agency. Identifying information for both current and previous employees' records were accessed, according to officials.

"There is evidence the Chinese military is working to compile a database of Americans."

Relatively few details of the data breach are currently known. However, U.S. investigators indicated there is a strong likelihood that the hackers behind the attack worked for the Chinese government. Speaking to CNN, several intelligence officials suggested there is strong evidence that the Chinese military is working to compile a large database of Americans, presumably with a particular focus on federal personnel. Adam Meyers, vice president for intelligence at CrowdStrike, told The New York Times that China is eager to identify individuals who may be able to provide valuable intelligence if compromised. 

Hong Lei, spokesman for the Chinese Foreign Ministry, denied these claims.

Serious implications
Without a doubt, this data breach holds serious implications for U.S. security.

"Given what OPM does around security clearances, and the level of detail they acquire when doing these investigations, both on the subjects of the investigations and their contacts and references, it would be a vast amount of information," Rich Holland, an information security analyst at Forrester Research, told The New York Times. 

Regardless of what comes from this breach, there's no denying that the incident highlights glaring flaws in the federal government's IT security. 

"It's clear that a substantial improvement in our cyber databases and defenses is perilously overdue," said Rep. Adam Schiff of California, the highest ranking Democrat on the House Intelligence Committee, CNN reported. 

"Effective cybersecurity cannot be piecemeal – it must be comprehensive."

Shoring up federal cybersecurity
The question is how agencies can go about improving their defensive posturing. Obviously, ramping up cybersecurity at every federal agency is not an easy task. But considering the severity of this and other cyberattacks, and the likelihood that more hacking efforts will occur in the coming months and years, enacting better data protection measures is essential.

Key to any progress in this area will be information assurance. There's simply no way for government agencies to adequately secure their data from outside threats unless personnel are aware of precisely what data their departments possess, along with where and how it is stored, accessed and protected. In far too many cases, agencies' digital assets lack standardization in these areas, which can lead to blind spots and complications.

At the same time, agencies should consider working with third-party cybersecurity services providers to assess their defenses as a whole. Effective cybersecurity cannot be piecemeal – it must be comprehensive. A third party, coming with an outsider's perspective, will often be better able to identify and correct oversights than the agency's in-house IT security team.