DOE Taps PNNL CIO To Improve Security

  /     /     /  
Publicated : 22/11/2024   Category : security


DOE Taps PNNL CIO To Improve Security


Federal agency brings in a national lab CIO to help implement a cybersecurity strategy that spans its diverse and autonomous operations.



Military Drones Present And Future: Visual Tour (click image for larger view and for slideshow)
The U.S. Department of Energy is looking to bolster its cybersecurity readiness with the appointment of Jerry Johnson, CIO of Pacific Northwest National Laboratory for the past eight years, as a senior policy and technical adviser.
Johnson had first-hand experience with one of the federal governments most serious cyber attacks. In 2011, he oversaw PNNLs response to a dual-pronged cyber attack that was likely part of a broader attack against government agencies and private-sector companies. The lab disconnected its network, conducted a forensics investigation and re-imaged its systems before going back online.
Some security experts surmised that the broader espionage campaign, dubbed
Operation Shady Rat
, originated in China. Johnson publicly shared the labs experience and
lessons learned
to help others prevent, and if necessary respond to, such attacks.
[ What does NASA plan for the coming year? Read
NASA Details 2013 Plans
. ]
At the Department of Energy, Johnson will work with CIO Bob Brese and his deputy CIOs to develop a cybersecurity strategy that spans the agencys disparate operations, which include 21 national labs and technology centers and four electric power authorities. Those largely independent organizations have their own cyber defenses and action plans. This will be an umbrella strategy, Johnson said.
DOEs Joint Cybersecurity Coordination Center, or JC3, supports agency-wide reporting and tracking of cyber incidents. Johnson will work with the agencys associate CIO of cybersecurity, Gil Vega, to advance those capabilities and implement a more comprehensive incident-response plan.
Johnson will also spearhead the DOEs response to a March 2012 report from the Government Accountability Office on national security risks associated with federal agencies IT supply chains. The GAO recommended that the departments of Energy, Homeland Security and Justice develop policies and procedures to guard against supply chain threats such as malware and counterfeit hardware that might exist in computer and networking equipment. The DOEs nuclear weapons operations are among the areas that will be assessed.
Johnsons experience makes him uniquely qualified to not only help improve the DOEs cybersecurity posture, but also to bridge cultural differences between the department and its labs, which are operated by private-sector companies or universities, are staffed by non-government employees, and in many cases are located far from Washington, D.C. In addition to having a hand in improving processes, Johnson will serve as a liaison between the DOEs Office of the CIO and the lab CIOs in the field, splitting his time between PNNLs campus in Richland, Wash., and DOE headquarters in Washington, D.C. This is going to be very beneficial, he said.
Brese took over as
the DOE CIO six months ago
, after serving as acting CIO. He was formerly deputy CIO of the National Nuclear Security Administration, another DOE organization that operates with arms-length autonomy. Energys Office of the CIO includes more than two dozen deputy CIOs and other technology directors.
Brian Abrahamson steps in as CIO at PNNL. Abrahamson had served as the labs chief enterprise architect since 2011. Before that, he was CIO and chief architect at Pacific Gas and Electric. PNNL director Mike Kluse, in a statement on the changes, said Abrahamsons industry experience makes him well suited for the lab CIO position.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DOE Taps PNNL CIO To Improve Security