CYS596 – Capstone Project: M1A1 Short Paper: OPM Breach


M1A1 Short Paper: OPM Breach

This activity will address module outcomes 1, 2, 3, and 4. Upon completion of this activity, you will be able to:

  • Identify elements of computer security and controls. (CO 1, 2)
  • Examine encryption concepts and their application. (CO 1, 2)
  • Recognize the process and importance of authenticating user identity. (CO 1)
  • Analyze the importance of information security and the potential consequences following a breach. (CO 1, 2, 5)

On June 4, 2015, the United States Office of Personnel Management (OPM) revealed that the personal information of approximately 4.2 million federal employees was compromised as a result of a cyber intrusion. Later, in what is considered one of the largest breaches to date, the OPM reported that the security information of 21.5 million individuals was further compromised in a separate cyber attack.

As a result of the breach, national security was affected, the director of the OPM was asked to step down. Many wonder how the attack happened and what could be done to protect U.S. citizens in the future. Understanding the attack and how to minimize these types of breaches is essential.

For this assignment, you will be asked to examine reports regarding the OPM breach and write a short analysis about the source of the attack, the methodology, the consequences, and the response.

Read the articles related to the OPM Breach:

Write a short, 1-3 page paper and respond to the following questions:

  • Describe the attack. Based on the readings:
    • Who were the attackers (threat agents)?
    • What was their motivation?
    • What data did they access?
    • What assets and systems were attacked?
    • How did they carry out the attack?
    • How did they attempt to avoid detection?
    • What were the obvious (and not so obvious) consequences of the attack?
    • What gaps were there in OPM defenses?
  • According to the report from Congress, what could have been done to prevent or minimize the impact of such an attack (manage risk and reduce impact)?
  • What has been done to improve security at the OPM?

Use the American Psychological Association (APA) style (most current edition) for writing your assignment.