Why Government Organizations Don’t Care: Perverse Incentives and an Analysis of the OPM Hack
Date
2016
Journal Title
Journal ISSN
Volume Title
Publisher
The Heinz Journal
Abstract
Many security experts have addressed the financial and personal security risks involved with the recent data breach at the Office of Personnel Management (OPM). This work supplements previous analyses of the event, and explores how the recently disclosed OPM breach has impacted the national security of the United States. By examining the elements of the breach - within the context of the stolen data and linkages to other data breaches - this work points to a larger offensive cyber campaign as the primary concern for U.S. leaders and policy makers. After thoroughly examining the details of the attack itself and its implications on DoD and national cybersecurity, we argue that government organizations lack appropriate incentives to secure their networks and personal data. The solution to this problem lies with organizational leaders, who must give guidance that incentivizes information security at the “tactical level.”
Description
item.page.type
Journal articles
item.page.format
Keywords
Office of Personnel Management (OPM)
Citation
James Twist, Matthew Hutchison, Blake Rhoades, Ryan Gagnon. "Why Government Organizations Don’t Care: Perverse Incentives and an Analysis of the OPM Hack". The Heinz Journal, 2016.