APM Welcome, APM North West Network Conference, Synergies Across Sectors
Introduction in 2015, the office of personnel management (opm) w
1. Introduction:
In 2015, the Office of Personnel Management (OPM) was
breached and millions of records with sensitive information
about US personnel was stolen.
The hackers stole fingerprints as well as data from SF-86 forms.
These forms contained personal and potentially compromising
information about people who went through background
investigations for a security clearance. This means that the theft
included information about alcohol consumption, affairs,
financial issues, and other sensitive data that could be exploited
by a bad actor or nation state out to recruit insiders for
espionage. Not only were applicants’ information stolen, but so
was information about family members and friends including
addresses, telephone numbers and Social Security numbers.
Reports after the attack indicated that the OPM had many
security gaps and if they had responded to the initial incident
correctly, perhaps the attack could have been significantly
minimized. For this exercise, students will examine the reports
about the breach and will assess the organizations incident
response.
· Conduct an incident response assessment. (CO5)
· Critique a ‘real world’ Incident Response and offer
recommendations for improvement. (CO5, CO8)
· Identify challenges related to incident response and the
consequences of poor incident response management. (CO5)
Instructions:
Read the following documents.
· Cichonsk, P., Miller, T., Grance, T., Scarfone, K.
(2012). Computer Security Incident Handling Guide
Recommendations of the National Institute of Standards and
Technology (Links to an external site.). [PDF file size 1446KB]
Retrieved from
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.8
00-61r2.pdf
2. · The OPM Data Breach: How the Government Jeopardized Our
National Security for More than a Generation (Links to an
external site.), (2016, Sep. 7). Committee on Oversight and
Government Reform U.S. House of Representatives, 114th
Congress. [PDF file size 4.25MB] Retrieved from
http://www.fdsys.gov
· Improving Security and Efficiency at OPM and the National
Background Investigations Bureau (Links to an external site.)
· (2017, Feb. 2). United States Office of Personnel
Management. [PDF file size 299KB] Retrieved from
https://www.opm.gov/news/testimony/115th-congress/opm-
testimony-before-house-oversight-and-government-reform-
improving-security-and-efficie Section Five: Assurance and
Security Considerationsncy-at-opms-national-background-
investigations-bureau.pdf
Review the NIST Incident Response Document then review the
OPM breach reports. You may also review outside reference
material. Think about the six stages of the incident handling
process: preparation, identification, containment, eradication,
recovery, and lessons learned. Assess the OPM breach during
each of the incident response stages. Select one stage and
discuss what went well and what was not handle properly during
each part of the process. Briefly assess the communication
following the breach.
For example, what happened once the breach was identified?
Was it identified in a timely manner? Was the attack contained?
Was communication handled effectively? Refer to the class
notes on Crisis Communications. What could have been done
differently regarding communicating to the public and to
Congress in regard to the breach?
Metrics
Standard
Maryland
3. Delaware
New Jersey
Texas
Alaska
Total Cost to Manufacture (per unit)
13,500
15,250
14,100
12,750
16,000
14,250
Manufacturing Cycle Time (time to complete single vehicle - in
hours)
15
18
16
12
12
14
Yield (percentage of cars produced to specifications first time
without rework)
98%
99%
97%
96.50%
97.50%
95.15%
Defective Rate/Recall Rate
2%
1%
3%
3.50%
2.50%
4.85%
Scrap Rate
2%