10 Most Influential People in Gov't InfosecThe Influencers: Our Annual List of Top Cybersecurity Leaders
Identifying the top 10 influential people in government information security for the coming year, in many respects, is an easy undertaking: there are scores of individuals to choose from among potential candidates. Small wonder, a number of industrious practitioners and leaders work diligently to help safeguard government IT.
The hard job, of course, is deciding which 10 people to select for The Influencers list.
GovInfoSecurity, for the third year, presents 10 individuals we see shaping the way governments at all levels will approach information security. Nearly all of those selected in 2010 and 2011 - see the last two slides in this presentation - continue to influence local, state and federal agencies tasked with assuring the safety of information assets.
10. Donna Dodson
Chief, Computer Security Division, National Institute of Standards and Technology
Creating IT security guidance requires strong collaboration between NIST and its stakeholders, and Dodson is the facilitator of much of that interaction. Dodson knows how to engage successfully with the White House; civilian, defense and intelligence agencies; and industry on cybersecurity, keeping these constituencies focused on the issues. She is heavily invested in initiatives to secure cloud and mobile computing, the smart grid and supply chain.
9. Alan Paller
Research Director, SANS Institute
From his perch at the cybersecurity training institute, Paller is a one-stop knowledge center on federal information security efforts. Small wonder that Congressional, executive branch and industry leaders turn to Paller to pick his brain about how best the government should approach IT security. Paller is among the nation's foremost leaders promoting cybersecurity education for all age groups.
8. Christopher Painter
Coordinator, Office of the Coordinator for Cyber Issues, Department of State
Cyber doesn't recognize national borders, so getting nations to agree on how best to secure IT systems is a major diplomatic mission. For nearly a year, Painter has coordinated America's efforts to collaborate with other countries to strengthen cybersecurity globally. Painter came to his job at State after serving as White House Cybersecurity Coordinator Howard Schmidt's top lieutenant.
7. Daniel Lungren
Chair, Subcommittee on Cybersecurity, Infrastructure and Security Technologies, House of Representatives
The California Republican heads the panel that vets legislation and provides oversight on how the government protects not only its own IT systems but the nation's critical information infrastructure. Legislation he sponsors has the government encouraging - not dictating through new regulations - businesses to adopt information sharing and best practices to secure the critical IT infrastructure they operate.
6. Elayne Starkey
Chief Security Officer, State of Delaware
Starkey isn't intimidated by risks posed by new technologies; she seeks ways to allow their safe use. While most governments banned employee-owned smartphones from accessing their IT systems, Starkey developed a program incorporating seven controls to allow employees to use their mobile devices to access Delaware's networks.
5. David McClure
Associate Administrator, Citizen Services and Innovative Technologies, General Services Administration
Cloud computing could represent one-quarter of federal IT spending in the coming years, and McClure is helping lead the government's effort to vet cloud-computing vendors through the Federal Risk Authorization Management Program, known as FedRAMP, to assure the services contracted by departments and agencies are secure.
4. Jay Rockefeller
Chair, Senate Committee on Commerce, Science and Transportation
The West Virginia Democrat champions legislation to foster cooperation between the government and private sector to secure America's critical IT infrastructure so vital to national and economic security. He promotes initiatives to protect citizens' online privacy. Rockefeller also got the Securities and Exchange Commission to issue guidance on how companies report cyber incidents that could have an adverse impact on their finances or operations.
3. Ashton Carter
Deputy Secretary, Department of Defense
Carter pledges to pick up where his predecessor William Lynn III left off as the Pentagon's chief proponent on securing cyberspace, promising lawmakers during his confirmation hearing that he'll devote significant attention to cybersecurity and, more broadly, to strengthening DoD's ability to operate effectively in cyberspace.
2. Steven VanRoekel
Federal Chief Information Officer, White House Office of Management and Budget
The federal CIO's responsibilities go beyond security to encompass overall IT. Still, OMB is empowered to set IT security standards for agencies to follow. In reality, IT security and information management can't be separated, so many of VanRoekel's initiatives such as FedRAMP and data center consolidation will have a big impact on how the government secures IT.
1. Mark Weatherford
Deputy Undersecretary for Cybersecurity for the National Protection and Programs Directorate, Department of Homeland Security
Weatherford's appointment in November to the post to help create a safe and resilient cyberspace comes at a time when DHS is gaining more authority over non-military IT. To succeed, he must work well with stakeholders in and out of government. Weatherford's up for the task, having been the top security officer for two states and an enterprise responsible for the security of North America's bulk power system.
- Darrell Issa, Chairman, House Committee on Oversight and Governmental Reform
- William Lynn III, Deputy Secretary of Defense
- William Pelgrin, Chief Executive Officer, Center for Internet Security
- Thomas Carper, Chairman, Senate Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security
- Sameer Bhalotra, Deputy White House Cybersecurity Coordinator
- Susan Collins, Ranking Member, Senate Committee on Homeland Security and Governmental Affairs
- Michael Brown, Deputy Assistant Secretary for Cybersecurity and Communications, National Protection and Programs Directorate, Department of Homeland Security
- Marianne Swanson, Senior Adviser for IT Security Management, Computer Science Division, National Institute of Standards and Technology
- Christopher Ipsen, Chief Information Security Officer, State of Nevada
- Mac Thornberry, Leader, House Cybersecurity Task Force
- Barack Obama, President of the United States
- Howard Schmidt, White House Cybersecurity Coordinator
- Vivek Kundra, Federal Chief Information Officer
- Keith Alexander, Director, National Security Agency
- Robert Carey, Chief Information Officer, Department of the Navy
- John Streufert, Chief Information Security Officer, Department of State
- Joseph Lieberman, Chairman, Senate Committee on Homeland Security and Governmental Affairs
- Philip Reitinger, Deputy Undersecretary, Department of Homeland Security
- Ron Ross, Senior Computer Scientist, National Institute of Standards and Technology
- James Langevin, Co-Chair, House Cybersecurity Caucus
This is the third year GovInfoSecurity has published The Influencers list. Among those who will be most influential in 2012 are those who proved to be most influential in 2010 and 2011, such as White House Cybersecurity Coordinator Howard Schmidt, National Security Agency Director Keith Alexander, National Institute of Standards and Technology's FISMA Leader Ron Ross and legislative leaders such as Joe Lieberman, Susan Collins and Tom Carper in the Senate and Mac Thornberry and Jim Langevin in the House.
Three past Influencers no longer work in government - then Federal Chief Information Officer Vivek Kundra, Defense Deputy Secretary William Lynn III and Homeland Security Deputy Undersecretary Philip Reitinger -- but their new endeavors can still have an impact on the way government approaches IT security.
As we did last year, we added 10 new achievers to the roster of The Influencers for 2012.
What makes an Influencer? It's a combination of position and know-how. Plus, each of The Influencers has demonstrated the ability to lead and collaborate, characteristics of individuals who have a proven history on getting things done.
How did we choose the Influencers? We queried the GovInfoSecurity Board of Advisers and other government IT security thought-leaders and experts to identify candidates, with the editors making the final decision on the 2012 lineup of The Influencers.