Podcast: Lessons from OPM hack to improve federal cybersecurity

The Cybersecurity Podcast crew interviews the primary author of the US House Oversight and Government Reform Committee report looking into last year's Office of Personnel Management cyberattack.

The Office of Personnel Management (OPM) breaches were among of the most significant cyberattacks in history, and now serve as a cautionary tale for many in Washington and beyond. But what do we know a year later? What are some of the lessons the federal government needs to learn? 

To answer those questions and more, The Cybersecurity Podcast crew interviews John Costello, the senior technical adviser of the US House Oversight and Government Reform Committee report looking into the attacks.

"I don't think it was necessarily understood the level of threat OPM was facing," says Mr. Costello, who spent last year on Capitol Hill as a Science and Technology fellow through TechCongress. "I don't know if there's anyone to blame for that, but to military and intelligence personnel, it's second nature to say, 'Of course OPM is a target. The Social Security administration is a target. The Education Department is a target.

"But I don't think if you're in leadership [of those organizations] you'd necessarily view it in that lens," he continued. "I think that culture is changing."

Also on this episode, podcast cohost Peter W. Singer from New America discusses local cybersecurity challenges and Passcode's Sara Sorcher talks about a new report from George Washington University about active defense. 

Listen to the podcast on iTunes | Soundcloud | Stitcher