A pair of senators are calling for increased cybersecurity funding for the Office of Personnel Management in the wake of a data breach that exposed the personal information of millions of current and former federal employees.
Senators Mark Warner, D-Va., and Angus King, I-Maine, wrote in a June 10 letter that OPM should receive an additional $21 million in fiscal 2016 to continue and finish cybsersecurity upgrades it has already begun and to evaluate additional measures the agency may need to take.
The breach may have exposed the Social Security Numbers, date and place of birth, and current and former addresses of about 4 million current and former employees. Family members were not affected, according to sources familiar with the investigation into the breach.
The breach – which occurred in December – also went undetected until April, when OPM upgraded its cybersecurity defenses and detected the incursion.
"As the keeper of sensitive data — including personally identifiable information for 32 million federal employees and retirees — OPM has a huge responsibility to maintain and consistently upgrade their cybersecurity controls," the senators wrote.
King and Warner wrote that while sequestration-level spending caps are complicating the current budgeting process the data breach illustrates how critical cybersecurity is for national defense.
The funding request would also finance a sustained security operations center to oversee OPM's cybersecurity posture as well as real-time monitoring of its network servers to detect and respond to malicious activity.
"While OPM may need to revise their request further in light of the most recent attack, it is abundantly clear that technology and cyberattackers evolve in real time and the federal government needs more resources and budget certainty to keep their infrastructure current and strong."