USA's first Federal CISO steps down suddenly

The USA’s first Federal CISO, General Gregory Touhill, has stepped down abruptly just four months after taking on the role.

In a LinkedIn post, Touhill confirmed he is leaving federal service after nearly 33 years, but did not give a reason for his departure.

Touhill also used the post to provide a parting message to the government urging a focus on improving the execution of best practices for managing cyber risk.

“Frankly, we don’t need more policies, we need to execute the ones we have and eliminate the ones that no longer are aligned with contemporary best practices,” he said.

“I believe best practices bring you compliance yet focusing on compliance doesn’t always deliver best practices or best results. Having formed the Federal CISO Council across all departments and agencies, we’ve launched a solid risk management construct that is already yielding results.”

Touhill provided recommendations for improving the government’s cybersecurity risk management, including building accountability and ownership into the federal government’s culture, conducting regular risk assessments across each department and providing better training for personnel.

“As I depart, I’ve left in place a solid flight plan and a great team of innovative professionals in the CISO Council and OMB who will follow through and execute what it takes to better manage our cyber risk. As they do so, I will remain a faithful wingman, ready to help as needed,” he said.

President Obama created the Federal CISO position as part of his Cybersecurity National Action Plan announced early last year. It is unclear whether the incoming Trump administration will appoint a successor to the role.

US Federal CIO Tony Scott also had his last day in the role yesterday.

Image courtesy US Coast Guard Academy.

Follow us on Twitter and Facebook