Skip to content
Gregory Touhill
Naked Security Naked Security

The US gets its first Chief Information Security Officer

Touhill will head up programs designed to protect US government networks and critical infrastructure

The United States Government now has its first Chief Information Security Officer: Brigadier General (retired) Gregory Touhill.

Touhill will play the strategic role you’d expect America’s CISO to handle: “driv[ing] cybersecurity policy, planning, and implementation across the Government.”

Per the government’s welcome-aboard press release, he’ll:

…leverage his considerable experience in managing a range of complex and diverse technical solutions at scale with his strong knowledge of both civilian and military best practices, capabilities, and human capital training, development and retention strategies.

Whatever you may think of the Obama administration, they do know the jargon…

Touhill spent the past two-and-a-half years as “Deputy Assistant Secretary for Cybersecurity and Communications in the Office of Cybersecurity and Communications (CS&C) at the Department of Homeland Security (DHS)”.

That’s a mouthful: in something closer to English, he’s been focusing on “the development and implementation of operational programs designed to protect our government networks and critical infrastructure.”

Prior to that, Touhill worked his way up through military roles in security, IT, and elsewhere – including two years as CIO for the U.S. military transportation combatant command, two as US Defense Attache in Kuwait, and another two as Commander of the 81st Training Wing at Keesler Air Force Base, where he led a billion-dollar rebuilding project after Hurricane Katrina. (We learned all this from his LinkedIn page, which you can check out yourself. Yay for transparency.)

Touhill’s appointment is part of the outgoing Obama administration’s effort to build out a professional government-wide information security organization before splitting town in January.

Obama’s February Cybersecurity National Action Plan (CNAP) included a laundry list of plans, ranging from public/private partnerships to promote multifactor authentication to a proposed $3.1 billion fund for upgrading insecure legacy systems.

It aims to ramp up more federal civilian cyberdefense teams, identify at-risk IT assets more aggressively, and widen access to shared services, so individual agencies needn’t build, own, run, or defend their own IT “when more efficient, effective, and secure options are available.”

Touhill reports to US government CIO Tony Scott, formerly of VMware and Microsoft. (We told you about some of his work late last year.) He’ll also have temporary help from Grant Schneider, the government’s new Acting Deputy CISO.

Of course, as Fortune points out, all of this might be temporary. These appointments are made by the President, and can be unmade by the next President, whether that’s Clinton or Trump.

Clinton has seemed generally comfortable with the Obama administration’s direction on cybersecurity (though she might be a bit busy with other cybersecurity issues of her own at the moment.) As for Trump, well, there’s this, this, this, and this, and we’ll let you judge for yourself.

4 Comments

Obama’s modus operandi – hire czars that have NOTHING to do with the job at task. And then you wonder why data breaches like the OPM one happen. This guy probably got appointed because of some donation he made to Obama, just like most of Obama’s cabinet appointees.

You obviously didn’t read the article or the press release. The guy is a retired Air Force General, who has served in both Cybersecurity and non-Cybersecurity roles, including managing major projects. Been taking reading lessons from your candidate?

Well, he has his work cut out for him, trying to get everyone to use secure servers, preventing contractors from USBing data to Wikileaks. Maybe a president Trump will fire him and replace him someone who has a secret plan to eliminate hackers.

“Touhill’s appointment is part of the outgoing Obama administration’s effort to build out a professional government-wide information security organization before splitting town in January.”

Touhill seems like a guy with the right stuff, but the scary aspect to this administration’s efforts appears when you consider the driving force behind so much of what Obama has done: that one line about “never let a crisis go to waste.”

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?