The panic that has set in over the breach of cyber-security in the Office of Personnel Management reminds me of nothing so much as Harry Truman’s famous wisecrack to the effect that it’s a recession when your neighbor is out of work and a depression is when you’re out of work. There have been major security breaches in private company after private company (Wal-Mart, Home Depot, Target, Neiman Marcus, Apple, Sony) and several government agencies (IRS, DoD, Medicaid, State Department). Very little has been done. Don’t tell me about how much money has been spent—that’s just measuring inputs. Results are determined by measuring outputs not by measuring inputs.
The one ray of hope that might come from the exploit is that the federal government might actually start taking cybersecurity seriously. They might start by asking a few questions. Why were these records digitized in the first place? Why were they exposed to the public Internet?
