More than a year after it suffered a sprawling breach that compromised the information of more than 22 million citizens, the Office of Personnel Management (OPM) has hired Defense Department Principal Deputy Chief Information Officer David De Vries as its permanent chief information officer (CIO).
De Vries has put in more than 35 years at Defense with the last seven spent in the Senior Executive Service in DoD CIO where he was key in helping the agency's IT operations move “to a single, secure department-wide architecture” much like the one to which OPM has committed, according to a release. Post-breach, OPM already has taken steps to strengthen its security posture, deploying two-factor strong authentication, providing continuous monitoring of IT systems, hiring a cybersecurity adviser, limiting remote access to government computers and creating a data loss prevention system that blocks the unauthorized exit of sensitive information from the agency's network.
OPM also instituted a cybersecurity awareness program and has centralized its IT security workforce under its first chief information security officer (CISO), Cord Chase, hired in April.
Beth Cobert, acting director of OPM, gave De Vries the nod in the Thursday release. “David has decades' worth of the technical and management experience necessary to hit the ground running as we continue our technology transformation efforts, and work with our partners at DoD to stand up the National Background Investigations Bureau (NBIB),” she said.
Lisa Schlosser, the former deputy federal CIO at the Office of Management and Budget, has been serving as OPM's interim CIO since March.