Skip to content ↓ | Skip to navigation ↓

The Obama Administration has appointed its first-ever federal Chief Information Security Officer (CISO), tasked with driving “cybersecurity policy, planning, and implementation across the Government.”

Brigadier General (retired) Gregory J. Touhill (Source: Air Force)

Retired Brigadier General Gregory J. Touhill has accepted the position, announced U.S. Chief Information Officer (CIO) Tony Scott and Cybersecurity Coordinator J. Michael Daniel on Thursday.

The position was created earlier this year as part of President Barack Obama’s Cybersecurity National Action Plan (CNAP) – a $19 billion initiative aimed at improving the nation’s cybersecurity posture.

As the current Deputy Assistant Secretary for Cybersecurity and Communications in the Office of Cybersecurity and Communications at the Department of Homeland Security, Touhill has focused on the development and implementation of operational programs designed to protect government networks and critical infrastructure.

In his new role as Federal CISO, Touhill is set to “play a central role in helping to ensure the right set of policies, strategies, and practices are adopted across agencies and keeping the federal government at the leading edge of 21st century cybersecurity,” read the announcement.

Touhill will be responsible for leading a team of cybersecurity professionals within the Office of Management and Budget (OBM) – a team who has been at the forefront of driving policy and implementation of leading cyber practices across federal agencies, said Scott and Daniel.

In addition to Touhill’s appointment, the White House also announced Grant Schneider as Acting Deputy CISO. Schneider currently serves as the Director for Cybersecurity Policy on the National Security Council staff.

“In creating the CISO role, and looking at successful organizational models across government, it became apparent that having a career role partnered with a senior official is not only the norm but also provides needed continuity over time,” said the announcement.

Strong cybersecurity depends on robust policies, secure networks and systems and, importantly, a cadre of highly skilled cybersecurity talent,” read the announcement.