>> later, reactiongreta: this week, holy and castro -- hooley and castro -- julian castro. we have emily badger, a correspondent with washington post and john prior with politico. jon: i want to ask about the supreme court ruling in the housing case.

using data analysis alone and set of a proven 10. what does that mean for your agency? are we going to see more aggressive breaking news cases? julian: this has been just a tremendously important tool in ensuring communities can ensure themselves fair housing opportunities across the board whether it is race or disability or other protected classes. we have been doing this for 40 years now. what it does do is it gives us certainty as we go forward with complaints that we can fully use

this tool of impact, and we will use it. i believe in using it we will ensure that more people of different backgrounds have the opportunity they ought to have in america. emily: it is not about getting it over discrimination, the kind of discrimination where i will not rent to you because you are black, it's about getting different kinds of discrimination that exist in zoning laws and the formulas of how we decide where affordable housing in communities. can you give us a sense of how pervasive you think this type of subtler type of discrimination is in the united states echo julian: -- in the united states? julian: most of us remember the over discrimination you are talking about, or those of us who grew up after it remember seeing images of that end reading about it.

thankfully that kind of overt discrimination doesn't often happen. however there is a legacy of discrimination that exists and decisions that are made area policies that are put into place that has the same discriminatory effect. that is what this case is all about. this is the way the state of texas allocated low income housing tax credit. those residents in that housing are the minority. it may not have been intended as a way to aggregate authorities together in low income neighborhoods. this impact tool gives us the opportunity to go to communities and say, look, this discriminatory policy you are

having. is there a reason for why you are doing it this way? it is important for folks to know that if there is a legitimate reason they can then point that out and the burden then shifts to us or to the party that is complaining to show how they can do it differently in a way that is less discriminatory. that is an important part of the story here, because we are using statistics. we are talking about impact and not intentional discrimination. it is not simply going from the statistics to this is wrong. there is a burden shifting that happens that ensures there is a different way that it could be done that doesn't have the same discriminatory effect. jon: do you get mortgage lenders to pull back after this ruling and are you going to give them guidance on how they can avoid future claims like this? julian: they have been subject

to desperate impact for a while. everybody was looking to see what happened here at the supreme court level. we always look for to working with the lending community. we are not into the gotcha business with folks. ultimately, whether it is lenders or hud, we have the same goal getting more people into good quality affordable housing and ensuring it is done in a fair way. that is the spirit we are going to be going forward with. when we do see the instances that there is a discriminatory effect, not going to be afraid to enforce it. emily: the supreme court said

you cannot file these desperate claims. if the court had said that it would substantially undercut a piece of civil rights legislation. can you couch the importance by addressing what that alternative scenario would have meant? how problematic would it have been for people who care about fair housing to have lost this that we are talking about? julian: it would have been a significant low. the fair housing act was passed a weekend -- a week after martin luther king jr. was assassinated. it is the most effective law we have to combat dissemination in the housing realm. at the same time we do understand what the other tools are in place. there's a series of other laws that were passed. some of them that do allow the use of desperate impact, of course you would still have the ability to go after intentional discrimination where you could show it.

it would have been a significant blow to our ability to go after some of the more egregious cases where there isn't a discriminatory effect, but not intentional discrimination. jon: doesn't have any effect on the housing market in these communities as well? julian: i am very happy with the ruling on marriage equality. it is a landmark day and our nation and our world, the acknowledgment that when two people love each other, that they ought to be up to enter into marriage. i am happy as a texan that my home state they will have marriage equality. there are 15 states where we didn't have it.

there is no question marriage is a stabilizing influence in the household. marriage equalities is going to make the households and communities that much stronger, with regard to particular policy. one thing is a reverse mortgage program and the impact that you will have same-sex married couples of a surviving spouse rule, which we just changed basically says if you have a spouse that took out a reverse march -- a reverse mortgage the surviving spouse is allowed to stay into the home. now it is going to be uniformly available to same-sex couples.

emily: some of what we have been talking about his abstract legal theory. it is also close to what has been happening in communities. communities like cleveland and new york are you one of the things the country has become very aware of is segregated housing and concentrated poverty is underlying the tension in these communities. fair housing is part of the solution to that. do you think those stories are related to it we are talking about in fair housing? it is solving it as an important part. julian: having this tool will make a difference in trying to expand housing opportunity. a good example is zoning laws that say you have to have a

certain lot size or other planning laws that are passed with the effect of either excluding both or aggregating people in poverty. to the extent that we can analyze the discriminatory effect of those laws or look at the way private actors implement policies or take action, then it will make a difference. it is a matter of striking a balance. we are not there to go in with a gotcha mentality. the fact there is there are a lot of instances you see where there is an impact created and there may or may not be a legitimate governmental or business reason to do it. jon: what you say to those in baltimore and west ferguson

where they feel neglected by the government and private investors. you have spent almost a year now running hud. what do you say to them from your perspective, knowing how that bureaucracy works? julian: i hope they know they have a very strong and willing federal partner. some of the most impactful work the obama administration has done centers around play space work. we focused on lifting up to the east side of san antonio and hud was our strongest partner in doing that. the department of education with a promised neighborhood grant. the best thing for those communities that they can do is work across their silos. the mayor working with the housing director with the college leadership, leadership

with the transit agency, public utility and school system. that is what we did in san antonio and that is what the federal government is trying to do across the board, housing education with the epa and the transportation. and together holistically holding up the east side of san antonio or places like west baltimore. emily: what about the efforts -- greta: what about the administration's efforts to break up these areas to make section eight housing, affordable housing, more affluent? why that effort? julian: there was a researcher out of harvard that showed when families moved to places of higher opportunity that especially young people have better educational and economic outcomes. for me that means we need to see

communities spread their vouchers out and allow these folks to get into areas of opportunity. one of the things we are looking at doing right now is reworking how we set the amount of the voucher so that families can get into areas. the families of higher opportunity, where the access to better jobs, better transportation opportunities, it is a matter of striking the balance between aggregating poverty in the local community but not forgetting about some of these most distressed neighborhoods. the house committee impressed you on this.

do you plan on engaging that are making it a goal? julian: one of the things they did press me on is the outcomes of your work. what we all want is our assistance to be temporary for folks. we want folks to be able to get out and get on the track that they want to get on and working hard to get to. the majority of the folks we serve are disabled individuals. the calculus is different there. of the working age people we serve, 43% of those households are working. often times in this nation we had the sense there is this group of out -- group of folks out there that it's lazy and doesn't want to get ahead. my assumption has been that the people we serve want to get

ahead. a decent number of them are hard-working and the other ones want to get onto a better path. one of the things we are doing is trying to figure out, ok with our initiatives how can we make them more effective than they have been in the past? how can we better measure the outcomes of that work so we know what adjustments we need to make and we can show in this resource constrained environment under sequestration lie there is a very strong value to these programs, and that is the priority of my administration at hud. i think we can get there before the end of the term. emily: you mentioned this misperception that i think his wife's credit -- that is widespread. that they are lazy, that they are passive recipients of this that they are enjoying a really

nice life while having the government pay for all these kinds of bills. it has become a big part of our political conversation in deciding on how to invest in these programs, in a way that has become a bit problematic. do you perceive that? do you feel like there is the sense that people are not worthy recipients and making it hard for us to extend these programs and making it easier for people in congress to attack them? julian: i think that's part of it there is this stereotype of folks who live in subsidized or public housing. you have some new people who at one time or another crew up in public housing area and howard schultz, the ceo of starbucks, is a fantastic example of that. several of the congress members that i sat in front of in the

financial services committee had at one time or another lived in public housing. the truth is we do have many many families that live in public or subsidized housing that are hard-working, that have good values, but our country beating to the forward progress of the nation. -- but contributing to the forward progress of the nation. we did end welfare as we knew it. now it has kind of faced the fact that we have a lot of folks that are working hard, who need temporary public assistance, and our job pot to be how can we be supportive of them and give them the tools as they work hard to move up and out? emily: one and four people who qualify for housing aid from hud truly ever get it.

julian: there no doubt our commitment to the housing needs of americans has dwindled. we are not meeting those needs in terms of the money that is allocated. we only serve wanted for programs. many cities have thousands of people on waiting lists. and we have at the same time in affordable housing crisis right now. research has demonstrated that from the national low income housing coalition and from the urban institute. now is an ideal time to have this conversation about all of these issues, the fact we need to invest in opportunities or americans, and we need to make sure those opportunities are equal across the board.

jon: how do you make the case to congress this is in affordable housing crisis? julian: some of the most productive things we do is go to members -- go with members to their districts. a republican from missouri very knowledgeable. chairs one of the subcommittees on housing. there were two points that came out of that. heard from some residents and also got a chance to see some of the housing developments. there are more resources that are needed to secondly was, if the money is not coming in drones how can you get better about administering these programs that are less burdensome?

we want to figure out how we can be more efficient and lower the burden of regulation in a smart way. there is a tremendous need out there and we need more resources to invest. greta: if i can ask you about the housing sector in general the federal reserve is thinking about raising interest rates. you have your posts on the housing industry. what is your advice to them? julian: we have seen the housing markets -- housing market make tremendous progress. they have inched up higher than they have been in the last year or so. this past month we saw a huge jump in home sales, which is fantastic. what we see often times is the demand is outstripping supply. the federal reserve will be thoughtful and cautious as they

move forward. my advice to consumers out there is that they should take a second look at home ownership. folks who may not want to buy a home ought to think about that. there have been protections put into place so we don't slide back in the housing crisis. a lot of people have become discouraged. they ought to give that a second look, because homeownership makes more sense than renting. jon: one of the things left undone to do that is fannie mae and freddie mac. the height of the crisis. it is almost seven years.

congress seems stalled on that. does the obama administration plan to do something about them administratively? these two companies control so much of the homebuying market. other talks to how to set them up? or how to do them without legislation? julian: our first focus has been on housing finance reform. we are hoping congress will come together and housing finance form -- finance reform. he believes taxpayers should not be on the hook the way they were before. we need to ensure that folks of modest means can get access to credit. there is still the hope that congress will come to a compromise on syntel finance housing reform. perhaps it is not comprehensive. i believe that is the

conversation first. jumping and you believe the ultimate endgame will become of the net -- will be a part of the next white house? julian: significant progress will be made with this congress. the best way to have a good future is make the present very productive. i'm trying to do a great job at hud. the way i'm going to measure myself is on january 20, 2017, did we create more opportunity for everyday folks in the united states? if the answer is yes, that i think this tenure will have been a success. emily: i want to ask this question about urban development side and housing development. we are at a unique moment where because of the city research that suggests where you live is fundamental to your success in

life because of what has been happening in baltimore and ferguson people are paying attention to america's problems and cities. what it means for them to be successful and what has not been true since the 1960's. do you think there is a moment now for the country to take an interest in the problems of the cities? julian: i believe we are living in the century of cities. certainly the way america is falling in love again with cities. and particularly millennial's like the urban lifestyle, who are putting off homeownership and renting in urban cores and cities. we see the issues and challenges we have had in ferguson and baltimore.

it is an excellent time to be addressing america's urban challenges. the way we are doing that is through a lot of our space work. taking a holistic view of lifting up communities, that it is not about housing, that it is about housing and jobs and education and transportation and the environment. breaking through those silos and encouraging local communities to do the same. greta: we thank you for being this week's newsmaker. and we are back with emily badger of the washington post and john pryor of politico. emily, let me begin with you about what is happening on capitol hill. he heard from the secretary about what his agencies trying to do. republican controlled house and senate, what are they saying on housing? emily: one of the things that struck me is our nation's

commitment to housing is dwindling. i think this is true of the public in general, but it is true of the budgets that congress is putting forward. we have been looking at budgets that would significantly be smaller for a lot of the core things that hud does. trying to provide housing assistant -- housing assistance to low income families. as has been true in lots of other realms, we have seen funding cut for all kinds of other things. in a way that speaks to our commitment to this. jon: castro has tried to make the case for some of his programs. the exchanges get pretty heated. on the senate side the appropriations committee approved of a budget. it was called the home program.

truly poor areas have cut that down. not just on the cash but on the rental side. greta: are republicans listening? jon: they have their agenda. for them they are looking at cutting some of these programs. susan collins on the appropriations committee said in cutting that home program that prevented them from making cuts across the board. we are trying to make the pitch that they are doing this as painlessly as possible. it is just not in line with some other realities.

greta: what are they looking at? what legislation is pending? emily: one of the issues is hud is planning to write a new rule that says what committees need to do to consider fair housing. how race is a factor in housing patterns how they have discrimination in their communities. essentially trying to defund this. there have been some explicit attention where part of congress is trying to undo -- it will be a substantial part of the new rulemaking coming out of it.

jon: they're working on a proposal to restructure hud putting on these programs in different directions. another thing castro touched on to his fannie and freddie. we don't know what the future high -- future finance housing system is going to look like. it looks like it is going to the end of the next administration. greta: what is being talked about, dealing with fannie and freddie right now? jon: last year the senate committee passed a way -- passed a bill the white house is backing. the more liberal side of that committee abolishes fannie and friendly -- a bunch is fannie and freddie and replaces it. they want to restrict the government's role in the market even more. there is a consensus that fannie and freddie need to go.

the question is what replaces them. right now the talks are trying to bridge that gap. they haven't picked a whole lot lately. greta: what about those that are advocates for fannie and freddie? jon: they are having a stronger influence. they are saying a lot of the things that are fixed might be easier politically, putting some controls in place, some firewalls between taxpayers and fannie and freddie and just keep them doing what they are doing. greta: on the supreme court decision and housing discrimination is that the end of it or is there more to come? and whether or not people can prove discrimination.

emily: there can be discovered nation act that is not over. if you are doing those things through your zoning laws. her immunity you could potentially be liable under the fair housing act. the supreme court added some very specific cautions about the context of how you can do that. now we need to see where it were -- see how it works out. greta: thank you both for being a part of newsmakers. them unlike many of us the first families take vacation time. like presidents and first ladies, a good read could be the perfect companion for your summer journeys. what better book than one that appears inside the personal life of every first lady in american history? presidential historians on the lives of 45 american women.

a great summertime read. available for public affairs as an e-book, three your favorite bookstore or an online bookseller. himthem i'm not one of those that believe in psychiatric examination. i believe most of these historians should be on the couch themselves, rather than psychoanalyze people they have never met. on the other hand, when i meet people i don't judge them in terms of whether they have a firm handshake or eye contact. what i try to do when i meet people is listen to what they say. you don't learn anything when you are talking. >> one of the many tragedies of richard nixon is he was not very self-aware.

nixon did have a psychiatrist. he wasn't technically a psychiatrist. he was careful not to have nixon think he was analyzing him. nixon went to him because he had psychosomatic illnesses in the 50's. the doctor gave him some mild therapy. even though nixon went to one, he hated psychiatrists and was always denouncing them. he was afraid at looking at himself in a realistic way. he says i don't carry grudges. richard nixon was one of the great grudge carriers of all time. he can beat on self reflective. >> evan thomas, author of being nixon. the inner turmoil of richard nixon, focusing on the personal

stories associated with our nation's 37th president. tonight on c-span's q and a. >> next and how -- next a house oversight hearing on breaches an employee records at the office of personnel management. the witnesses include the agency's director and opm's inspector general and chief information officer. so far two data breaches have been confirmed by the white house. estimates suggest 32 million current and former federal workers may have been affected. this year -- this hearing is under three hours. morning. the oversight committee is coming to

$529 billion, $529 billion is how much the federal government has spent on i.t. since 2008. roughly $277 million has been spent at the office of personnel management, roughly 80% of that money has been spent on legacy systems and we're in a situation here where the hurricane has come and gone and just now opm is wanting to board up the windows. that's what it feels like. this is a major, major security breach. one of the biggest if not the biggest we have ever seen. this demand all of our attention and great concern about what happened, how we're going to prevent it from happening in future and what are we going to do with the information now because there is no simple easy solution. but i can tell you, oftentimes it feels like one good trip to best buy and we could help solve this problem and would be a whole lot better than where we are today. there are a lot of questions

that remain about what happened last month. and the uncertainty is very disconcerting to a host of people. and it's unacceptable to this committee and the congress. the most recent public reports indicate that many more american wrs affect bid the breach than originally disclosed. federal workers and their families deserve answer ons the scope of the breach and the tups of personal information compromised. because of this outstanding questions we still don't understand the extent to which the breach threatens our national security. but the risk is significant. only the imagination limit what is a foreign adversary could do with detailed information about a federal employee's education career, health family, friends and perm hab it. i ask unanimous consent to enter into the record a letter from the federal law enforcement officers association. i want to read part of it. here are the concerns about the office of personal management

data breaches. our demands and list of questions remain understand answered. they represent the law enforcement officers from 65 agencies. opm turned its back on federal law enforcement officers when i failed to protect sensitive information from an inexcusable breach. it's a miscarriage of its obligations. the very lives of federal law enforcement officers are now in danger and their safety and security of innocent people including their families are now in jep party does of opm's nail your and continued ignorance in the severity of the breach. the information lost includes personal financial, location information of these officers and their families leaving them vulnerable to i a tack and retaliation from criminalance terrorists currently and forerly

investigated by the united states of nerk. without objection i'll enter this into the record. without a full understanding of the scope or the cost of the project. in fact the agency kept the project from the inspector general for more than a year. the ig determined opm's chief information officer quote initiated this project without a complete understanding of the scope of opm's dpising technical infrastructure of the scale or cost of the effort required to mitigate it to the new environment. end quote. because of these concerns the question is quote possibly making opm environment less secure and increasing the cost to taxpayers. they awarded a seoul source contract without going through the process of complete competition. i would like to enter into the record without objection this article from the "washington post." this is may 13th.

defense firm that employed drunk high contractors in of gan stan may have wasted $135 million in taxpayer dollars. these are the recipients of a seoul source contract to try to help clean up this mess. they were formerly known as scientific corporation. they're now known as impeer tus corporation. they have a good list of very impressive military personnel who are involved and engaged. maybe this is the right decision. but when it is a seoul source contract it begs a lot of questions. no doubt we need to move fast but this organization has had a lot of problems in the past and it begs a lot of questions. noigs data security problem we have a data management problem. it is unclear why so much background information related to security clearances was readily available on the opm system to be hacked. it is unclear to me why there is a need for sf 86 background information, the sf 86 is the standard form 86 what the

employees fill out. why was this background information on the network if the applicant isn't currently being investigated? part of the reason we're in this mess is that a lot of the information that information and background checks that we're not engaging in was still on the system. if information isn't accessible on the network, it can't be hacked. if a security clearance isn't under investigation it's a best practice that others use and probably should have been used in this situation as well. we have to the a better job of anticipating our adversaries and protecting information from unnecessary exposure. one of the concerns is this legacy system that we're using is a cobalt. the language used a cobalt. i would ask unanimous consent to enter into the record a "wall street journal" article from

april 22nd 1963. cobalt can help users cut cost when changing models government spurs process. 1963. i wasn't even born yet and that's the system that we're operating on in this day and age when technology is changing moment by moment minute by minute. without objection i enter that into the record. yesterday ms. archuleta stated that no one is personally responsible for the opm data breach and instead blamed the hackers. hackers certainly have a lot of culpability on their hands. they's no doubt they are that various actors that are going to be attacking the united states. we take numerous hits on a daily basis. but i disagree that nobody is to be held personally responsibility. personal accountability is paramount paramount. they are chashlged with the responsibility of carrying out

their duty. as the head of the agency ms. arch la let that is responsible for the security of the opm network and managing any risks. while she may have inherited a lot of problems she was called on by the president and confirmed by the senate to protect the information maintained by opm. during her confirmation in 2013 she stated that i.t. modernization would be one of our main priorities yet it took a security breach in march of 2014, five months after the confirmation to begin to process of developing a manplan to fix the problem. that was just the beginning of starting to think of how to fix the problem. the shift is blame is inexcusable. i really hope we hear solid answers. it's not going to be good enough to say we'll get you that information. it's under investigation. there's a security -- no. we're going to answer questions. federal workforce, the people affected, they need to hear that.

we're different. we're unique in this world because we're self critical and we do have hearings like this. i would also ask unanimous consent to enter into letters into the record. one was a flash audit done june 17th of this year from patrick mcfarland the flashl audit information improvement project. without objection i will enter that into the record. i will ask unanimous consent to enter into the record the june 222 22nd response by the director of the office of pers until management, ms. archuleta and ski to enter that into the report without objection. so ordered. we also have some contractors here and we appreciate their participation. they have answers -- we have questions that need to be answered as well. we need their cooperation to figure this out. a lot of what was done by opm

was contracted out. and there are very legitimate questions in particular that mr. cummings and others have asked and that's why i'm pleased to have them invited and participating as well. so it will be a full and robust committee hearing. we appreciate the participation. without objection the chair is authorize today declare a recess at any time. i should have said that without objections so ordered. should have said that at the beginning. now i would like to recognize the distinguished ranking member mr. cummings for his opening statement. >> thank you very much mr. chairman. this is a very important hearing and we're here today because foreign cyberspies are targeting millions of our federal workers. opm has made it clear that every month there are 10 million

efforts to pierce our cyberspace. these folks are hacking into our data system to get information about our employees. private information about them their families, their friends and all of their acquaintances. and they may try to use that information in their espionage efforts against united states personnel and technologies. mr. chairman i want to start by thanking you. last week we held a hearing on cyberattacks against opm. and this morning we have an opportunity to hearing from opm's two contractors who offer suffered mayor data breaches, usis and key point. some people in your shoes might have merely criticized the agency without looking at the whole picture. but you agreed to my request to bring in the contractors and you deserve credit for that, and i

thank you. on monday night i received a letter from usis, representatives finally providing answers to questions i asked more than seven months ago, mr. gee neatty. seven months ago. seven months ago. the letter disclosed that the breach at usis affected not only dhs employees but our immigration agencies, our intelligence community and even our police officers here on capitol hill. but it took them seven months. the night before the hearing, the give me that information. but not only to give me the information but members of congress that information.

my immediate concern was for the employees at these agencies. and i hope that they were all alerted promptly. but there's no doubt in my mind that usis officials never would have provided that information unless they were called here to testify today. so i thank you again mr. chairman. i have some difficult questions for usis. i want to know why this company paid millions of dollars in bonuses to its top executives after the justice department was sued against the company for allegedly defrauding the american taxpayers of hundreds of millions of dollars. i can hardly wait for the answer. i want to know why usis used these funds for bonuses instead

of investing in adequate cybersecurity protections for highly sensitive information our nation entrusted to it. mr. giannetta i want to know if you as the chief information officer of usis received one of those bonuses and i would love to know how much it was and what the justification for it was. i understand that you just returned from italy. welcome back. so this is probably the last place you want to be. i also understand you're leaving the company in a matter of weeks. but i want to know why usis has refused for more than a year to provide answer to our questions about the board of directors. mr. hass i also have different questions for you were for key point. at least week's hearing i said

one of our most important questions is whether the cyberattackers were able to penetrate opm's networks using information it obtained from one of its contractors. as i asked last week, did they get the keys to opm's networks from its contractor. yesterday director archuleta answered that question. appearing before the senate appropriations committee she testified and i quote theed a very vary leveraged a compromised key point user to gain access to key point. the weak link in this case was key point. mr. hess i want to know how this happened. i appreciate that opm continues to have confidence in your company. but i also want to know why key

point apparently did not have adequate logging capabilities to mon for the extent of data that was stolen. why didn't you invest in these safeguards. mr. chairman, to your credit one of the first hearings you called after becoming chairman was on the risk of third-party contractors to our nations cybersecurity. at that hearing on april 20th multiple experts explained that federal agencies are only as strong as their weakness link. if contractors have inadequate safeguards, they place our government systems and our government workers at risk. i understand that we have several individuals here sitting on the bench behind our panel of witnesses who may be called to answer questions if necessary. mr. jobe who is the cio of key

point. thank you for allowing them to be here. as we move forward it is critical that we work together. we need to share information recognize what outdated legacy systems need to be updated and acknowledge positive steps when they do occur. above all, we must recognize that our real enemies are outside of these walls. they are the foreign nation states and other actors that are behind these devastating attacks. and with that i yield back. >> thank the jap. i'll hold the record open for five legislative days for any members who would like to submit a written state. we're pleased to have representative bosh ra come stock. i ask you now to consent that our colleague from virginia be able to fully participate in today's hearing. no objection so ordered.

we now recognize the panel of witnesses pim i'm pleased to welcome katherine archuleta director of office of personnel management. we have patrick mcfarland, the office of personnel management, ms. danah seymour, chief information officer of the office of personnel management ms. anne baron -- help me here decamilo, emergency readiness team at the united states department of homeland security. mr. eric hess is the chief executive officer of key point government solutions and mr. rob giannetta is the chief information officer at usis. all witnesses are to be sworn before they testify. so if you will please all rise and raise your right hand. do you solemnly swear or affirm

that the testimony you're about to give will be the truth, the whole truth and nothing but the truth? thank you. let the record reflect that all witnesses answered in the affirmative. in order to allow time for discussion, please limit your verbal testimony to five minutes and obviously your entire written statement will be made part of the record. we will start first with the director of the office of personnel management ms. archuleta first. you're now recognized for five minutes. >> chairman ranking member cummings and members of the committee, thank you for the opportunity to testify before you again today. i understand and i share the concerns and the frustration of federal employees and those affected by the intrusions into opm's i.t. systems. although opm has taken significant steps to meet our responsibility, to secure personnel data of those we serve, it is clear that opm

needs to dramatically accelerate those efforts. as i testified last week, i am committed to a full and complete investigation of these incidents. and we continue to move urgently to take action to mitigate the long standing vulnerabilities of the agenciesyies systems. in march of 2014 we released our plan to secure the aging legacy system. we began implementing the plan immediately and in fiscal years 2014 and 2015 we directed nearly $70 million towards the implementation of new security controls to better protect our systems. opm is also in the process of developing a new network infrastructure environment to improve the security of opm infrastructure and i.t. systems.

once completed, opmi.t. system wills be migrated into this new environment from its current legacy networks. many of the improvements have been to address critical immediate nudes such as security vulnerabilities in our network. these upgrades include the installation of additional fire walls, we strix of remote access without two-factor authentication continue use monitoring of all connections to and sure that legitimate connections have access and deploying anti-malware software to prevent the cyber crime tools that could compromise our net works. these improvements led us to the discovery of the malicious activity that had occurred and we were immediately able to share the information so that

other agencies could protect their networks. i also want to discuss data encryption. opm does currently utilize encryption when possible. i've been advised by security experts that encryption in this instance would not have prevented the theft of this data because the malicious actors were able to steal privileged user accounts and credentials and could decrypt the data. our i.t. security team is actively building new systems with technology that will allow opm not only to better identify intrusions but to encrypt even more of our data. in addition to new policies that were already implemented to centralize i.t. security duties under the cio and to improve oversight of new major systems development, the i.t. plan recognize that further progress was needed and the oig's '14

report credited opm for progress in bolstering our security process and procedures and for committing critical resource to the effort. with regard to information security governance the oig noted that opm implemented significant positive changes and removed its designation as a material weakness. this was encouraging as i.t. governance is a pillar of the strategic i.t. plan. regarding the weaknesses found with authorization the oig has recommended that i consider shutting down 11 out of the 47 opmi.t. systems because they did not have current and valid authorization. shutting down systems would mean that retirees could not get paid and that new security clearances could not be issued. of the systems raised in the 2014 audit 11 of those systems

were expired. of those one, a contractor system is presently expired. all of the system r raised in the '14 audit have been extended or provided a limited authorization. opm is offering credit monitoring services and identity theft information with csit for the approximately 4.2 mill your current and former civilian employees. our team is continue to work with them to make the online sign-up experience quicker. they're expanding staffing at call centers. i've taken steps to ensure that greater i.t. restrictions are in place even for privileged users. that includes removing remote access for privileged users and requiring two-factor authentication. we're looking into further protections such as tools that mask and redact data that would

not be necessary for a privileged user to see. i want to share with this committee some new steps that i'm taking. first, i will be hiring a new cybersecurity adviser that will report directly to me. that cybersecurity adviser will work with opm ooerks cio to manage on joining response to the incident complete development of the plan and assess whether long term changes to the architecture are needed to ensure that its assets are secure. this individual is expected to be serving by august 1 president second, to ensure that the agency is leveraging private sector best practices and expertise, i'm reaching out to chief information security officers at leading private sector companies that experience their own significant cybersecurity challenges and i will host a meeting with these experts in the coming weeks to

help identify further steps the agency can take. as you know, public and private sectors both face these challenges and we should face them together. i would like to address now the confusion regarding the number of people affected by two recent related cyber incidences at opm. first, it is my responsibility to provide as ak sateccurate information to congress, the public and more importantly the affected individuals. second, because this information and its potential misuse concerns their lives, it is essential to identify the affected individuals as quickly as possible. third, we face challenges in analyzes the data due to the form of the records and the way they are stored. as such i have deployed a