Approximately 14 million records exposed in the largest theft of government data ever seen

Approximately 14 million records exposed in the largest theft of government data ever seen

cloud securityAccording to recent estimates from investigators, as many as 14 million federal employees’ records may have been compromised in the Federal office of Personnel Management OPM, which manages background checks, pension payments and job training across myriad federal agencies. FBI investigators suspect China-based hackers in the attack.

In response, the White House is pushing to get various government agencies to take “aggressive actions to upgrade the federal government’s technology infrastructure and protect government networks and information, implementing tools and policies.” These steps include immediately patching any vulnerabilities; restricting privileged user access to sensitive information; requiring multi-factor authentication procedures to access federal networks; and employing electronic “indicators” provided by the Department of Homeland Security to highlight when attacks happen.

This reactive approach to cyber security has put the government behind the ball when it comes to cyber security and highlights large gaps in the government’s approach to cyber security policy. Today’s cybersecurity landscape demands a proactive approach to preventing and detecting cyber security breaches.

This may require a shift in how many C-level executives are thinking about security. Getting hacked is no longer a sign of weakness in an organization; everyone is going to get hacked. The weakness comes into play when the intrusions expose sensitive data and are allowed to remain in the comprised network for a length of time.

ACE IT Solutions helps businesses of all sizes and industries develop a cyber security program that will fit their specific needs and risk tolerance. The best place to start is with a free security assessment. Contact ACE IT Solutions at 646.558.5575 to start developing your cyber security program or improve and modernize the security practices you already have in place.