Why Government Organizations Don’t Care: Perverse Incentives and an Analysis of the OPM Hack
Loading...
Authors
Twist, James
Hutchinson, Matthew
Rhoades, Blake
Gagnon, Ryan
Issue Date
2016
Type
Journal articles
Language
Keywords
Office of Personnel Management (OPM)
Alternative Title
Abstract
Many security experts have addressed the financial and personal security risks involved with the recent data breach at the Office of Personnel Management (OPM). This work supplements previous analyses of the event, and explores how the recently disclosed OPM breach has impacted the national security of the United States. By examining the elements of the breach - within the context of the stolen data and linkages to other data breaches - this work points to a larger offensive cyber campaign as the primary concern for U.S. leaders and policy makers. After thoroughly examining the details of the attack itself and its implications on DoD and national cybersecurity, we argue that government organizations lack appropriate incentives to secure their networks and personal data. The solution to this problem lies with organizational leaders, who must give guidance that incentivizes information security at the “tactical level.”
Description
Citation
James Twist, Matthew Hutchison, Blake Rhoades, Ryan Gagnon. "Why Government Organizations Don’t Care: Perverse Incentives and an Analysis of the OPM Hack". The Heinz Journal, 2016.
Publisher
The Heinz Journal