The Department of Education’s inspector general has repeatedly reported the agency is “vulnerable to security threats.” The watchdog simultaneously investigated Chief Information Officer (CIO) Danny Harris – who received more than $200,000 in federal bonuses – for side businesses that involved his subordinates, according to House Committee on Oversight and Government Reform Chairman Jason Chaffetz .
“Taxpayers deserve the best in our CIOs, but they are not getting the best at the U.S. Department of Education,” the Utah Republican said Tuesday. “The morale in the office of the CIO is at an all-time low due to the dysfunctional environment Mr. Harris’ has cultivated.”
Nonetheless, the Department of Education has received failing cybersecurity grades even though the agency houses 139 million Americans’ personal information, including Social Security numbers, according to Chaffetz. The agency is also responsible for more than $1.2 trillion in loans, which is about the size of financial corporation Citibank.
Morale in Harris’s office has also deteriorated, according to Chaffetz. He noted, for example, that the investigation began after whistleblowers reported Harris’s home theater business and the high turnover rates in the cyber office.
Meanwhile, Harris operated a side business “involving home theatre installation and car detailing” and used his Education Department subordinates as both employees and clients. It also earned him around $10,000 though he didn’t report that to the agency, according to Deputy Inspector General Sandra Bruce.
“You’re a very, very busy man,” said Rep. Carolyn Maloney . “I can understand how there are cyber problems at the education department.”
The Democrat from New York noted Harris was also an adjunct professor at Howard University.
Harris also faced allegations he helped award a friend with a noncompetitive Education Department contract. The IG found the cyber chief didn’t influence the award, though Harris later vacationed with the contractor.
Additionally, the IG reported Harris broke 12 federal laws or policies relating to his outside businesses, such as failing to report his extra income, according to Chaffetz.
“It appears you’ve failed in your mission,” Rep. John Mica told Harris. “Your ethics were questionable. Your activities were not proper.”
“I don’t think you can find any more ineptness or misconduct in any senior official before us,” the Florida Republican continued. “Who was involved with approving his bonuses when he was failing?”
He also said CIO more likely stands for “chaos, ineptness and outrage.”
But Education Department officials disputed wrongdoing, falling back on the Department of Justice’s decision not to prosecute Harris.
Harris didn’t violate ethics rules and “having counseled Dr. Harris on the issue, I feel confident he understands and will not take any future actions in violation of the rule,” said Education Department Assistant General Counsel for Ethics Susan Winchell.
Education Department Acting Secretary John King Jr. refused to say whether Harris did anything wrong or violated policy or law, only that cyber chief had a “lapse in judgement” and deferred to Winchell’s ruling.
Harris was apologetic.
“I fully understand and take responsibility for how some of my actions could allow questions to arise about my impartiality,” he told the committee. “This is unacceptable. I have not engaged in any of the actions that raised questions since prior to the IG’s investigation.”
Harris also insisted that his ventures were merely hobbies, though the IG found a business card for “Harris-Audio/Visual Innovation” that included a logo and listed Harris as “Owner/Operator.”
The cyber chief also said the Education Department’s cybersecurity improved.
“Since November, the department has made progress in a number of areas, which I would be pleased to discuss further,” Harris said. The cyber chief noted, for example, that he created a team to “ensure that all corrective actions are resolved.”
“Cybersecurity is absolutely critical to the government,” Harris said. “However, it’s only one of my responsibilities. One should look at the totality of my leadership, not just cyber. It is only one aspect of my job, though it is a critical aspect.”
Read more at DailyCaller.com.