Roster changes Archives

The federal government is restructuring cybersecurity leadership, as Congress prepares to debate legislation early this year that could increase the Homeland Security Department's cyber workload. On Friday, DHS officials announced John Streufert, a pioneer in threat-monitoring at the State Department, will be joining Homeland Security as the new director of its national cybersecurity division. The transfer follows the recent appointment of Marc Weatherford, a technical expert, to run DHS' cyber program, as opposed to the usual legal eagle.

John Streufert, State's chief information security officer, propped up an automated "continuous monitoring" system there that has since become the de facto protocol for detecting network vulnerabilities. At DHS, he will be responsible for instituting a program aimed at curbing risks to the nation's critical infrastructure underpinnings, such as dam networks and transportation linkages. Nearly all the competing cybersecurity bills would position Homeland Security as the lead agency for working with industry to safeguard commercial networks.

Streufert will "work to maintain and strengthen our collaborations with public, private and international entities to secure the nation's critical cyber infrastructure," Weatherford, the first-ever DHS deputy undersecretary for cybersecurity, wrote in a blog post announcing the hire.

Weatherford's position was created last year to elevate Homeland Security's cybersecurity profile, according to computer experts who have advised the Obama administration. He previously served as chief security officer at the North American Electric Reliability Corporation, a standards-making group of power grid operators.

Despite Streufert's groundbreaking efforts, federal auditors this summer bashed the execution of his department's continuous monitoring program for focusing only on Windows-based systems and not tracking weaknesses throughout all of State's domestic and global offices.

DHS officials on Friday also said goodbye to retiring Rear Adm. Mike Brown, who had served as DHS director for cybersecurity coordination. He was the department's liaison to the Pentagon's U.S. Cyber Command, during a time when the Homeland Security and Defense departments began to better synchronize U.S. networking resilience, officials said.

The National Nuclear Security Administration has named Robert Osborn as chief information officer to fill a vacancy created last February when the former CIO took a job at the Naval Criminal Investigative Service. James Cavanaugh, associate principal deputy administrator, had been serving as acting CIO.

The agency, which manages the U.S. nuclear weapons stockpile, has endured a number of embarrassing data breaches over the years.

"I am pleased that Bob has agreed to take on this very challenging assignment, and welcome him to our NNSA leadership team," NNSA Administrator Thomas P. D'Agostino said in a statement. Osborn, a 26-year Marine Corps veteran, was previously the deputy director for Command, Control, Communications and Computer Systems for the U.S. Transportation Command at Scott Air Force Base, Ill.

Among the difficulties he will confront is overseeing a fleet of supercomputers that researchers use to simulate the aging of the stockpile without testing nuclear materials underground. A December Government Accountability Office report found serious weaknesses in the agency's plans for recovering and reconstructing classified supercomputing systems in the event of a disaster or service disruption.

Also, NNSA has tangled with a series of information security lapses dating back to 1999. That year, a scientist transferred classified information from computer systems at the agency's Los Alamos National Laboratory onto unmarked discs and then removed the discs from the site. Another instance: In October 2006, evidence seized during a drug-related investigation in Los Alamos, N.M., revealed that classified information on a thumb drive had been improperly removed from the lab.

Osborn's predecessor, Linda Wilbanks, served from Oct. 2004 until early last year, before leaving to become the CIO of NCIS. "She was a highly valued senior executive that took the opportunity for greater challenges elsewhere in the federal government," NNSA spokesman Damien LaVera said.

The new CIO will advise NNSA leaders on hardware and software acquisitions, as well as oversee the agency's information management and cybersecurity efforts. He holds a master's of science degree in information management from Syracuse University.

Deloitte & Touche LLP has nabbed the former Federal Aviation Administration cybersecurity chief to expand its threat intelligence business, officials at the consulting company announced on Tuesday.

Col. Michael F. Brown, who had been FAA's chief information security officer since 2001, will now serve as a senior manager in Deloitte's federal technology risk practice, a division that designs strategies for risk management and cybersecurity.

"The addition of Col. Michael Brown shows Deloitte's commitment to build our capabilities in cybersecurity," said Ray Winn, Deloitte managing partner for federal audit and enterprise risk services.

Before working at FAA, Brown was the chief information officer at the Army National Guard. He retired from the Army in 2001 with 32 years of service behind him, including a stint as the director of the Army's information assurance office. While in the service, Brown oversaw the vulnerability analysis of all weapons systems that supported the service's first digitized force.

Chase Garwood, until recently chief information officer for the National Protection and Programs Directorate at the Homeland Security Department, last week started work as the chief technology officer for US-VISIT (a.k.a. the United States Visitor and Immigrant Status Indicator Technology program).

The CTO position is a new one at US-VISIT and it marks a return for Garwood, who worked there under CIO Scott Hastings when the office was set up after the Sept. 11 terrorist attacks to create a system that would check the identity of foreign visitors entering the United States and check when they left. US-VISIT completed the entry part of the system (in 2006), but has yet to complete a system that verifies when a foreigner leaves.

In announcing Garwood's move, US-VISIT Director Robert Mocny wrote in an e-mail:

This is a new position for US-VISIT, and one that we are excited about, as Chase will spur technological innovation to help achieve our most urgent priorities. . . . Chase will [stand] up US-VISIT's first executive-level Chief Technology Office. Chase embodies the technical know-how, is networked with the requisite stakeholders, and understands that horizon thinking and advanced technology will be vital to US-VISIT's big picture strategic planning efforts.