• United States



by Dave Gradijan

VA’s General Counsel Resigns

Jul 21, 20062 mins
CSO and CISOData and Information Security

Tim McClain, the general counsel of the U.S. Department of Veterans Affairs (VA) since 2001, is resigning under fierce criticism for his hand in creating a fractured security environment that led to a recent data breach involving 26.5 million veterans, reports.

According to the article, McClain’s resignation is effective on Sept. 1. Although recent statements by VA Secretary Jim Nicholson and members of the U.S. Senate Committee on Veterans’ Affairs commended his leadership and service at the agency, Computerworld reports, he was subjected to much criticism recently regarding his views on the agency’s security structure.

In one memo from August 2003, McClain said that responsibility for information security under the Federal Information Security Management Act (FISMA) rested not with the VA’s CIO, but with the respective organizations within the agency, Computerworld reports. In another memo in April 2004, McClain recanted his original statement, saying the CIO had the responsibility for ensuring information security, but didn’t have the authority to enforce it across the agency.

In an interview, Bruce Brody, former VA CISO from 2001 to 2004, said those two memos and McClain’s opinions led to a fragmented security environment at the VA. “The [opinions] were very protective of the existing culture, and obviously that is the core problem,” he told Computerworld.

Compiled by Paul Kerstein

For more information, read Data Theft at the VA.

Keep checking in at our Security Feed for updated news coverage.