Obama Administration names first-ever federal Chief Information Security Officer

The White House recently appointed retired Brigadier General Gregory J. Touhill as the US CISO, to bolster cybersecurity efforts in government.

Obama creates new Federal Chief Information Security Officer Post

Retired Brigadier General Gregory J. Touhill is set to become the first-ever federal Chief Information Security Officer (CISO) of the US, the White House announced in a blog post late Thursday.

The appointment of Touhill as CISO is part of a larger set of cybersecurity initiatives that the president outlined in the Cybersecurity National Action Plan (CNAP) earlier this year. Touhill, who currently serves as the Deputy Assistant Secretary for Cybersecurity and Communications in the Office of Cybersecurity and Communications (CS&C) at the Department of Homeland Security (DHS), will work as the CISO to "drive cybersecurity policy, planning, and implementation across the Federal Government," the blog post said.

According to the blog post, Touhill's new role as CISO will be a part of the Office of Management and Budget (OMB), where he will lead a team of cybersecurity professionals. As noted by ZDNet's Stephanie Condon, Touhill worked on the response to the major OPM hack that happened in 2014-2015.

SEE: Information security policy template (Tech Pro Research)


President Obama speaking at the National Cybersecurity Communications Integration Center in 2015

Image: White House/Pete Souza

In addition to naming Touhill as the CISO, the White House also noted that Grant Schneider would assume the role of Acting Deputy CISO. Schneider currently works as the Director for Cybersecurity Policy on the National Security Council staff at the White House.

"In creating the CISO role, and looking at successful organizational models across government, it became apparent that having a career role partnered with a senior official is not only the norm but also provides needed continuity over time," the blog post said.

Now that Touhill has been appointed, the question becomes whether or not he is the right person for the job. Bob Gourley, co-founder of the cybersecurity consultancy Cognitio and former CTO of the Defense Intelligence Agency, said that Touhill is known for getting things done "for the right reason."

"His leadership style is one of continuous action and engagement," Gourley said. "He is also a continual learner and has a deep knowledge of the technology that makes up the modern enterprise as well as the globally interconnected IT of the internet. Greg has been given a huge task and no one is better qualified than him for this, but all of us in the community should do everything we can to support him in this."

Touhill's appointment is the latest in a series of strong moves the Obama administration has made to strengthen its cybersecurity posture. Earlier this year, a $19 billion budget was proposed for cybersecurity in 2017, and more recently the Pentagon's Cyber Command was elevated to the status of Unified Combatant Command (UCC), giving it more power.

The 3 big takeaways for TechRepublic readers

  1. Retired Brigadier General Gregory J. Touhill has been appointed the first federal CISO for the US.
  2. Grant Schneider will also assume the role of Acting Deputy CISO, bringing 20 years of technical experience to the job.
  3. The appointment of a CISO was part of the president's Cybersecurity National Action Plan (CNAP), and is the latest in a number of moves to improve US cybersecurity.

Also see