- Yesterday, the House Committee on Oversight and Government Reform questioned several senior Education Department officials, focusing on the agency's cybersecurity shortcomings.
- The committee also scrutinized CIO Danny Harris' conduct, calling into question his relationship with a vendor and the extra income he earned from his side business doing handiwork, which included detailing cars and installing home entertainment systems, according to the Federal Times.
- The committee's chairmen Rep. Jason Chaffetz, R-Utah said that the department's IT failings were directly tied to Harris and felt the agency's IT department and cybersecurity efforts would flourish under someone else's leadership. Following the three-hour hearing, Harris collapsed and was taken to the hospital.
While federal agencies have worked to improve cybersecurity practices under the direction of federal CIO Tony Scott and his cybersecurity strategy, the education department has failed to meet outlined standards. The agency posted negative scores during last year's 30-Day Cyber Sprint and had a failing grade for the FITARA, which called for progress in data center consolidation, IT portfolio saving, development and risk assessment transparency.
Harris originally joined the education department as CIO in 2008 and since then he failed "by virtually every metric" to "adequately secure the department's systems," said Chaffetz, according to the Federal Times.
“When the CIOs fail to bring both high management and ethical standards to their work, institutions suffer, systems are weakened and the data of millions of Americans are endangered,” Chaffetz said.
The inspector general for the Department of Education found Harris's conduct in violation of at least 12 laws, but the Department of Justice refused to press charges.
Many experts have urged the federal government to invest more in cybersecurity, hoping to avoid another OPM disaster. With the continued threat of cyberattacks, it is unlikely that government leaders will tolerate poor performance and questionable leadership in IT departments.