Cybersecurity expert talks about what federal breach means for federal defense

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

HUNTSVILLE, Ala. (WHNT) - After a cyber breach potentially affected all federal employees, it leaves many wondering what it means for our federal defense against breaches.

All personnel information for every current and former federal employee -- possibly at risk.

"I'm somewhat surprised that the scale is so large but I'm not surprised that the breach happened," said Jamie Miller, president of Mission Multiplier.

Miller says no one is 100% secure, and emphasizes that the government does have encryption to protect personnel information.

"The government is doing good work to protect that data, it's just unfortunately our adversaries are moving so fast," explained Miller. "There's malware, new vulnerabilities that come out everyday, every hour, thousand of new vulnerabilities are identified."

He says that federal cyber agents usually do spot checks that are only a snapshot.

"Your point-in-time assessments, audits and compliance checks really just make sure you're okay for that moment in time," he said.

Problem is, the data breaching world is in constant motion.

"So we have to evolve to something called 'continuous monitoring,' monitoring the adversary, monitoring the threat environment."

A process that takes resources that hackers are dedicating to code-cracking.

"We need to have more training, we don't have enough workforce available thats competent, that's capable, it's a relatively new field."

Miller says hacks and breaches happen all the time, and it's made easier with so much information we push out, but when the sensitive most critical information has been breached, thats when there's a problem.