Whistleblowers and risk

Share

Written by

Inside_Scoop-StoryPage

Another VA whistleblower

A whistleblower has approached the House Committee on Veterans’ Affairs with another string of outrageous accusations that have Committee Chairman Rep. Jeff Miller, R-Fla., requesting an inspector general investigation.

According to Miller, the whistleblower claims that more than 10,000 health care records at the VA’s Health Eligibility Center in Atlanta have undergone deliberate “purging or deletion.”

“Today’s troubling news highlights VA’s ongoing mismanagement and calls into question VA’s ability to adequately care for our nation’s veterans and I look forward to the OIG’s report so we can address this problem head-on,” Miller said in a statement released Tuesday.

A source close to the investigation tells Inside Scoop that the agency’s IT leaders have been working with the IG on its investigation “for quite some time.”

Meanwhile, the whistleblower also alleges a continued backlog of 600,000 pending benefit enrollment applications and 40,000 unprocessed applications discovered in January 2013.

Federal cyber risk – who’s the enemy?

The massive data breach at the Office of Personnel Management is being called the federal government’s ” Sony moment” and some tell Inside Scoop that a big chill may be coming to government because of it.

“If every chief security officer or director of an agency is fired after a breach there’s going to be a very long line at the unemployment agency,” Cris Thomas, strategist at Tenable Network Security, tells Inside Scoop.

Inside Scoop recently got a chance to ask U.S. Chief Information Officer Tony Scott if it was time for a governmentwide chief information security officer — after all, OPM and other agencies have been reporting vulnerabilities for years without any higher authority in government demanding and or tracking remediation efforts.

“In most agencies, we do have a chief information security officer and that’s where really most of the government work takes place,” Scott said. “I think at the moment I’m not feeling the urgency for [a U.S. federal CISO]. I think we’ve got a pretty good model.”

But Inside Scoop spoke to a senior administration official who’s been involved in national cybersecurity policy for nearly 20 years who has a very different perspective. According to the official, there’s a tremendous reluctance at senior government levels — mostly political appointees — to leverage the Department of Homeland Security and other government-developed cybersecurity tools. “They’re afraid of the NSA,” the official said. “They look at NSA as a signals intelligence agency and they’re more concerned about the NSA listening to their communications than they are the Chinese or the Russians.”

I guess we will see just how much influence Secretary of Homeland Security Jeh Johnson actually has over federal cybersecurity. He recently ordered the deployment of the latest, most advanced version of the Einstein intrusion detection system — known as Einstein 3 Accelerated, or E3A — to all federal civilian agencies by the end of 2015.

VA’s realignment

Inside Scoop has learned that former VA CIO Steph Warren began an initiative in June to adapt the Office of Information and Technology to the new myVA district alignment model. In January, VA announced an effort to realign its many organizational maps into one map with five regions to better serve Veterans. The new regions under the MyVA alignment will allow VA to begin the process of integrating disparate organizational boundaries into a single regional framework to enhance internal agency coordination.

“The team is ready to share the draft plan, but they want your input before finalizing it,” a June 20 email from the OI&T360 Team read. “As OI&T employees, you know better than anyone how to serve our customers well, so please share any ideas you may have for improving this plan.”

Got some Inside Scoop to share? Send it to dan.verton@fedscoop.com or follow me on Twitter @DanielVerton and direct message me.

-In this Story-

Agencies, Commentary, cris thomas, Cybersecurity, dan verton, Department of Veterans Affairs, Departments, Inside Scoop, Jeff Miller, NSA, Office of Personnel Management (OPM), OPM hack, Sony, steph warren, Tenable Network Security, Tony Scott, VA CIO, VAOIT, whistleblower
TwitterFacebookLinkedInRedditGoogle Gmail