A Senate committee passed a funding boost Thursday for the Office of Personnel Management to modernize its IT systems, but it fell short of extending emergency funds to shore up its security in the wake of two massive cyber breaches.
Sen. Barbara Mikulski, D-Md., proposed adding $37 million to OPM’s fiscal year 2016 budget, mostly “to accelerate the completion of its IT modernization to thwart cyber attacks,” she said during a Senate Appropriation Committee markup hearing.
Republicans objected to her proposal. In the end, the committee approved $264.5 million for OPM, or $24 million over fiscal 2015 funding levels. The White House had requested $272 million. As part of the package, the committee appropriated $21 million for IT and cybersecurity enhancements. On June 17, the House Appropriations Committee signed off on the administration’s full request for OPM.
Sen. John Boozman, R-Ark. — the vocal dissent to committee Vice Chairwoman Mikulski’s emergency proposal — acknowledged the “need to spend whatever it takes to keep this information safe,” but said “I also believe that this was more than a money problem — this was a management problem.”
“Here’s what the American people are really looking for:
accountability, a plan for the future and confidence in the ability of agencies
to protect their sensitive information,” Boozman said. “OPM was the target now, but it will be
another agency in the future.”
“I don’t know what they want to spend this money for, but I
do know there’s lots of controversy on the plan they’ve got proposed.”
Mikulski hoped OPM could complete its yearslong IT modernization project sooner with more funding.
“I don’t want to punish the federal employees for whatever
management did or did not do,” she said. “We need to get cracking on fixing the IT
The committee did, however, pass her amendment that would provide at least 10 years of credit monitoring and identity
theft protection, and $5 million in liability protection to victims of the two OPM breaches announced in June. Mikulski said this goes
beyond what the administration is proposing.
In total, the two hacks compromised the personal information of more than 22 million current and former federal employees, and federal security clearance applicants. So far, OPM has proposed free full credit and identity monitoring for three years to anyone affected by the breaches, but other lawmakers are considering legislation that would extend that coverage for life.