U.S. GISLA® Winners
Congratulations to the 2014 U.S. Government Information Security Leadership Award Winners
Category: Community Awareness
- Erich Fronck, Regional Information Security Director for the Northeast Region at Veterans Administration (VA) led an awareness initiative utilizing a 100% stand-down approach that significantly raised the training compliance level for regional users. As a result, compliance rose to 99.62% in this sizable region with the number of individuals deficient in training decreasing from approximately 8,000 to less than 2,000. The success of this initiative has contributed to the improvement of the VA’s overall security posture.
Category: Federal Contractor
- Sunny Tuteja, Founder, President, and Chief Executive Officer of AssurIT Consulting Group developed a Plan of Action and Milestones (POAM) Dashboard for the U.S. Department of Agriculture’s, Natural Resources Conservation Service, that brought previously unavailable visibility into the difficult and costly task of managing POAMs. His unique and innovative dashboard delivered a strategic view of system weaknesses that resulted in an expected closure of over 75% of the agency’s POAMs and an overall improved security posture at the Natural Resources Conservation Service.
Category: Process/Policy Improvement
- Jeff Harriss, Team Lead, Access Control, OCIO-ITS-IOD Operations Security Branch at USDA set out to reduce the significant number of users granted elevated (administrator) permissions on their desktop computers in order to reduce risk within the USDA’s user base of 37,000 accounts. Jeff worked closely with customer development communities to pilot and test a solution that would not only resolve technical and procedural issues, but one that built and fostered positive working relationships with customer stakeholders, helping to speed adoption. By March of 2014, the number of Local Administrators had been reduced from 10% of the population to less than 1% and increased the overall security of this sizable user base.
Category: Technology Improvement
- Jaime Vargas, Chief Information Security Officer (CISO) of the Department of Homeland Security (DHS) Office of the Inspector General (OIG) designed, developed, and implemented an Information Security Continuous Monitoring (ISCM) Program for the IT Infrastructure of the OIG that encompassed a state-of-the-art architectural solution using automated tools to support the implementation of the Risk Management Framework, and improved the effectiveness of the safeguards and countermeasures that remediate vulnerabilities. As a result, OIG’s FISMA compliance scores ranked amongst the highest in the federal government. OIG stands as a model component within DHS for information security compliance.
Category: Workforce Improvement
- The Cyberspace 200/300 Professional Continuing Education (PCE) Team, led by Dr. Robert F. Mills, Director of the Center for Cyberspace Research for the Air Force’s Cyberspace Technical Center of Excellence. Dr. Mills and his 27-member team faced the herculean task of planning, establishing, and implementing intermediate and advanced cyber security courses (Cyber 200/300) by applying innovative tactics, such as developing 40 joint network attack/defend/exploit capstone exercises with multiple virtual networks to give real-world hands-on training. This initiative ultimately contributed to the graduation of approximately 400 U.S. Department of Defense joint and allied cyber professionals and has provided the AF cyberspace security workforce with a learning continuum that fills a critical void in cyber workforce education.