U.S. Announces First Cyber Chief
A retired Air Force General has been tapped to be the nation's first chief information security officer, the Obama administration announced this week.
Retired Brig. Gen. Gregory Touhill previously served as director of command, control, communications and cyber systems at the U.S. Transportation Command. Touhill currently serves as a deputy in the Department of Homeland Security's Office of Cybersecurity and Communications. The office focuses on protecting government networks and critical infrastructure.
The White House appointment follows the release earlier this year of the administration's Cybersecurity National Action Plan aimed at boosting overall cybersecurity within the government and for U.S. critical infrastructure. The need to improve cybersecurity was highlighted last year after a massive security breach at the U.S. Office of Personnel Management.
"In his new role as federal CISO, [Touhill] will leverage his considerable experience in managing a range of complex and diverse technical solutions at scale with his strong knowledge of both civilian and military best practices, capabilities and human capital training, development and retention strategies," the White House said in announcing the appointment on Thursday (Sept. 8).
While overseeing the Air Force's Transportation Command, Touhill served as its CIO overseeing its investment strategy for IT resources. In his new role, Touhill will work with a team within the Office of Management and Budget, indicating that the new CISO position would have critical budgetary authority over federal cybersecurity resources.
The White House also announced this week that a National Security Council staffer would assist Touhill. Grant Schneider, who currently serves as director of cybersecurity policy on the presidential advisory council would serve as deputy acting CISO, the administration announced.
Schneider currently focuses on developing U.S. cybersecurity policies to protect government data, networks and critical infrastructure.
It is thus far unclear how Touhill would work with the U.S. Cyber Command at Fort Meade, Md., which was formed in 2010 and exercises significant influence over U.S. cyber defenses. The White House is reportedly considering whether to elevate the Cyber Command to the status of a "unified command" on a par with, for example, U.S. Central Command. The proposal also reportedly calls for separating U.S. Command from the National Security Agency, the U.S. spy agency responsible for eavesdropping.
Meanwhile, Tony Scott, the U.S. chief information officer, noted this week that the Obama administration has proposed legislation to establish a $3.1 billion Information Technology Modernization Fund that would replace legacy IT systems that are "difficult to secure and expensive to maintain."
The administration also has been working to attract cybersecurity talent though its Federal Cybersecurity Workforce Strategy. The effort faces an uphill battle, so much so that President Obama raised the issue in an appearance at the South by Southwest confab in March.
"The reason I'm here really is to recruit all of you," Obama told an audience of digital entrepreneurs. "As I'm about to leave office, how can we start coming up with new platforms, new ideas, new approaches?"
