Cyber Security

Floor Speech

BREAK IN TRANSCRIPT

Mr. McCONNELL. Mr. President, on another matter, here is a headline from an Associated Press article that ran yesterday: ``Federal Agencies Are Wide Open to Hackers, Cyberspies.'' That headline is scary enough, but read just a little further, and it gets even worse.

Passwords written down on desks. Outdated anti-virus software. ``Perceived ineptitude'' in information-technology departments.

The federal government, which holds secrets and sensitive information ranging from nuclear blueprints to the tax returns of hundreds of millions of Americans, has for years failed to take basic steps to protect its data from hackers and thieves, records show. In the latest example, the Office of Personnel Management is under fire for allowing its databases to be plundered by suspected Chinese cyberspies in what is being called one of the worst breaches in U.S. history. OPM repeatedly neglected to implement basic cybersecurity protections, its internal watchdog told Congress.

Let me repeat that--``one of the worst breaches in U.S. history.'' If you are looking for something scary to tell the kids around the campfire tonight, I would suggest reading the rest of the article. It gets a lot worse. To call this alarming would be quite an understatement.

So when the head of the agency that allowed that big breach to happen testified before a Senate subcommittee yesterday, you would think she would have come with a detailed action plan. You would think she would have announced that heads were rolling. You would think she said this could never ever be allowed to happen again under her watch. That is what the American people expect when a breach happens in the private sector and information is stolen. Why should they not expect as much from the public sector? But what did we hear instead? World-class buck-passing. World-class buck-passing. A complete lack of accountability and urgency. That tired and predicable excuse that the absence of leadership can be solved by throwing a few more dollars at the problem.

Well, Congress can certainly look at the funding angle. I know we will. But as we learned yesterday, it was not just the old stuff that was breached, it was the new stuff, too. More money is not going to solve a management problem, either. Let's be honest. This appears primarily to be a management problem. This appears primarily to be a management problem.

Here is what the American people were really looking for the OPM Director to address: Accountability. Accountability. A plan for the future. Confidence in the ability of the bureaucracy they hired and rarely, if ever, can fire to break out of the stereotype and show they can put the people's concerns first.

I thank Chairman Boozman for holding that hearing. We learned a lot, but it is not the end of the story. The OPM Director will testify tomorrow before Chairman Ron Johnson's homeland security committee, too. I hope she will take that opportunity to articulate a credible plan of action. I hope she will better address the legitimate concerns of the American people. That means a resolve to get to the bottom of what happened. That means giving the American people renewed confidence in a creaking bureaucracy. And that means pledging to work with policymakers to enact real reforms rather than simply accepting failure.

Whatever happens tomorrow, one thing does not change: the need for the Intelligence Committee's cyber security bill we tried to pass earlier this month. I am going to continue working with my colleagues toward that end. In the meantime, I look forward to seeing what happens in tomorrow's committee meeting.

Source