OPM Breach Analysis: Many Failures Highlight the Cost of Risk Ignorance

Summary Bullets:

  • OPM’s data breach may have been prevented by any number of widely used security controls.
  • However, OPM’s biggest failing was in not applying security controls in measure equal to its risk.

Given the catastrophic nature of the recently discovered data breach at the U.S. Office of Personnel Management (OPM), it’s clear both the investigation and the finger-pointing will continue for some time. However, it’s not too soon to highlight not only the security controls that may have prevented or mitigated the damage, but also the inevitable disaster that will result for any organization which fails to implement information security in equal measure to its risk. Continue reading “OPM Breach Analysis: Many Failures Highlight the Cost of Risk Ignorance”