Don’t let the irony be lost on you. The Director of DISA says they’re considering opening up the National Background Investigation Bureau’s data to hackers – this time of the white hat variety.
Federal News Radio’s Jared Serbu reports on the remarks made by Maj. Gen. Sarah Zabel, DISA’s vice director, at a recent AFCEA NoVa annual Air Force IT Day.
“I’ll confess, I was horrified when I first saw the suggestion,” she said. “My reaction was, ‘No, you can’t tell everybody about the business logic in our systems.’ Then I started thinking about it. Why not? The business logic isn’t the secret, it’s the underlying data, so let’s put the source code out there.”
The initiative follows a successful ‘Hack the Pentagon’ program and the currently underway ‘Hack the Army.‘ The only problem for OPM – it faced a pretty significant hack already, which makes any attempt to promote the effort a little ill advised.
Even Zabel admitted the idea horrified her at first. But faced with a system that is going to be a prime target from the moment it’s online, she notes it may be worth exposing the source code in order to help protect the data behind it.
How Open Source Code Could Improve the OPM Image
While OPM definitely needs to search for a different branding platform than the Defense Department’s ‘Hack the Pentagon’ initiatives, the idea of opening up its code could actually be good for the government’s image. A main issue behind the OPM hack was the agency’s antiquated infrastructure. They weren’t following best practices or even their own internal recommendations for how to improve security. Opening up source code isn’t just a great way to improve security, it can be a great way to bring in new minds.
Government has a significant talent acquisition problem, particularly in cybersecurity. Opening up code may be a great way to bring in great minds from other agencies to help improve OPM security.