While the U.S. Government has been remarkably opaque about the recently discovered security breach at the Office of Personnel Management (OPM), we know that personal information on at least 21.5 million present, former, and prospective federal employees was lost. The Feds claim Chinese hackers are at the bottom of it, which is disputed by the Chinese government. This, to me, raises a number of questions, especially about the possible role of IT outsourcing firms and implications for organizations beyond OPM. Does IT outsourcing make your data more vulnerable? Yes, I believe it does.

It’s easy to blame the Office of Personnel Management for its own troubles. Oversight was lax. The agency failed a security audit and […]