Why Plugging the Cyber Breach Is the 2nd Biggest Problem at OPM
The agency’s most important job is not getting done.
Beth Cobert has just walked into the toughest job in Washington. Tens of millions of federal employees and their families have had their personal information stolen. Members of Congress have called into question the competence of the Office of Personnel Management in allowing the cyber breach to happen -- or in figuring out how to make sure it doesn’t happen again. In fact, OPM -- established to serve the government’s employees -- is being sued by the unions representing some of them.
In stepping in as acting director, Cobert has a monumental problem on her desk. President Obama couldn’t possibly have named anyone better for the job. But as hugely important as this job is, it’s the second most important one she faces.
That’s certainly not because the cyber breach is a second-banana problem. It’s an enormous crisis because it affects every federal employee, directly or indirectly, as well as individuals considering whether they might want to become one. In dealing with it, Cobert will have plenty of help: from the FBI, the Homeland Security Department, the director of Office of National Intelligence, and surely from the National Security Agency and the CIA. In fact, she’ll have to manage the problem by managing everyone trying to help her manage the problem.
But there’s an even bigger problem with which OPM has been struggling for a very long time, which cuts right to the core of its mission: The agency is called the Office of Personnel Management because its most important job is managing the government’s personnel -- making sure the government gets the talent it needs.
Just about everyone who’s looked at this mission has concluded that it’s not getting done. And it’s a job that, as the federal government is currently organized, only OPM can do.
The process for hiring new employees is broken. Lots of eager young potential employees, who want to join the government to make an impact, give up and look for work elsewhere because the application process is so lengthy and complicated. The government doesn’t do a very good job of figuring out what kind of employees it needs and determining how best to hire them -- and keep them. OPM’s most important job is talent management, and that job isn’t getting done.
When the job doesn’t get done, the consequences are huge. It’s not hard to track many of the biggest recent problems back to talent problems. The limping launch of the Affordable Care Act website was due, in large part, to not having the right people with the right skills in charge. The Government Accountability Office has repeatedly pointed to weaknesses in acquisition management for mega-cost-overruns and poor performance in federal contracts, in defense, energy, and space, and around the rest of the government. The federal government is making $125 billion a year in improper payments because it doesn’t have the right employees in place to make sure that only those who deserve government payments get them.
Over the years, OPM’s strategic capacity -- the ability to take a governmentwide look at the talent it needs and to build a system to supply it -- has steadily eroded. Some agencies, like NASA and the Commerce Department, regularly soar to the top of the Partnership for Public Service’s “Best Places to Work” rankings because they have done the job on their own. They’ve figured out that people matter, and how to get the people they need. But if we rely on an agency-by-agency approach, we’ll get some agencies that do well and others that fall far short. Government’s work is much too important to trust to a hit-or-miss approach, especially when the misses cost billions of taxpayers’ dollars and undermine citizens’ confidence in government.
Cobert has the cyber breach squarely on her desk. It will occupy a huge amount of her time. It’s also a problem in which she can count on lots of reinforcements.
But she also has another imperative: taking advantage of the white-hot heat generated by the cyber breach to retool OPM for its most important mission. The importance of retooling its efforts to management the government’s personnel can’t be exaggerated.
And not only does the crisis create a huge opportunity. It also frames an existential crisis for the agency itself. OPM can’t tackle the cyber breach issue without building the broader capacity to do its mission. And it won’t ever be able to regain the confidence of Americans if it doesn’t solve both problems: the second most important issue on Cobert’s desk -- the cyberbreach -- and the most important issue of all -- its capacity to shape the government’s talent.
It’s impossible to imagine anyone who understands that issue better than Cobert -- or anyone better equipped to solve it.