A Federal hiring freeze ordered in a January 2017 presidential memo resulted in “significant” staffing reductions across the State Department – including the inability to fill two Senior Executive Service cybersecurity positions, which then delayed implementing an enterprise risk management program for IT systems.
A State Department Office of Inspector General (OIG) report found that Civil Service on-board staffing levels declined by 6.3 percent from January 2017 to August 2018 for IT series employees. The OIG said that there were “difficulties in supporting new and ongoing IT initiatives.” This included a Department-wide system migration to cloud and modernization efforts.
Further, the report found that the Bureau of Information Resource Management within the agency had to delay implementing a data encryption initiative, postpone implementing an identity management system by 18 months, and delay information assurance reviews for the agency’s systems.
A seven-month delay in the development of a “modernized software platform to conduct human rights vetting of security assistance recipients” also impacted the Bureau of Democracy, Human Rights, and Labor.
Additionally, the OIG report found that the Bureau of Diplomatic Security (DS) Computer and Technical Security Directorate experienced staffing shortfalls that impeded the development of tools and procedures to respond to malicious cyber activity.
The report does not include recommendations because the hiring freeze is over.
