Ex-DHS Official Becomes Sony's CISO Reitinger Served as a Voice of Obama's Cybersecurity Policies
Philip Reitinger, a top Obama administration cybersecurity policymaker during its first two years, is the new chief information security officer and senior vice president of Sony, the media and entertainment company victimized by a massive breach of its PlayStation online gaming system last April (see Breach Gets Sony to Create CISO Post).

Sony Corp. Tuesday said Reitinger, who served as the Department of Homeland Security's deputy undersecretary for the National Protection and Programs Directorate from March 2009 to this past June 3 (see Reitinger Resigns Top DHS Cybersecurity Post), is responsible for assuring the security of Sony's information assets and services. According to a Sony statement, Reitinger oversees information security, privacy and Internet safety across the company, coordinating closely with key headquarters groups and working in partnership with the information security community to bring the best ideas and approaches to Sony.

Whether it's Reitinger's resume, the importance of the CISO post or both, Reitinger reports to Nicole Seligman, Sony executive vice president and general counsel and corporate executive officer. When Sony first said it would create a CISO position, the company said the job would report to Sony Chief Information Office Shinji Hasejima, who like Reitinger, is a senior vice president.

Sony reported the information of 77 million customer accounts were exposed between April 17 and 19. That means personal information of more than 100 million customer accounts has been exposed.

At the time, DHS said it was working with Sony through its United States Computer Emergency Readiness Team to gain a better understanding of what caused the breach that exposed personally identifiable information including names, addresses, passwords and, possibly, credit card information. U.S.-CERT falls under DHS's National Protection and Programs Directorate.

Reitinger often testified before Congress, relaying the Obama administration's thoughts and policies on cybersecurity matters.

Before joining DHS, Reitinger held key IT security positions at Microsoft and the departments of Defense and Justice. He graduated from Vanderbilt University with a bachelor of electrical engineer and computer science degree as well as Yale Law School.

While at DHS, Reitinger advocated what he characterized as a healthy cyber ecosystem; without moving to this new computing environment, he said, functioning in today's Internet-tied world could be threatened.

"Unless people start to really pay attention to the threat and how we need to drive fundamental change, we're in a world that is going get worse from day to day and month to month and year to year," Reitinger said in an interview with GovInfoSecurity.com posted last April (see Reitinger's Quest: Build a Safer Internet). "And, we're going to be in a place eventually where your television is going to complain that it's being attacked by your refrigerator and isn't able to operate anymore. None of us wants to live that world."

Reitinger, in that April interview, spoke about the threats that faced organizations such as Sony and individuals from those who would do them harm. "The truth about Internet right now is that offense wins," Reitinger said. "If somebody wants to break into your computer, and they have the time and resources to apply, they will be able to get in. If you want to defend your computer completely, you better not connect it to the Internet, not use it, not even power it on. So we got to get to a different place."

In his new role, Reitinger's new assignment is to help get Sony to that different place.


About the Author

Eric Chabrow

Eric Chabrow

Executive Editor, GovInfoSecurity & InfoRiskToday

Chabrow, who oversees ISMG's GovInfoSecurity and InfoRiskToday, is a veteran multimedia journalist who has covered information technology, government and business. He's the former top editor at the award-winning business journal CIO Insight and a long-time editor and writer at InformationWeek.





Around the Network