Four government leaders who exemplify excellence in cyber security were honored June 14 by security, storage and systems management solutions provider Symantec, of Mountain View, CA. The leaders were presented with the company's Cyber 4 Awards at its Government Symposium held at the Ronald Reagan Building and International Trade Center in Washington, DC.
The Symantec Government Symposium Advisory Group selected winners based on their strong leadership, innovative approaches and willingness to go "above and beyond" to make a difference in government cyber security. The awards recognize one winner in each of four categories — U.S. Congress/Capitol Hill, Federal-Civilian, Federal-Department of Defense and State and Local government.
"Our Congressional leaders and public servants in government IT security and management are on the front lines, shaping important policy and protecting our critical data infrastructures," Symantec Public Sector Vice President and General Manager GiGi Schumm said in a statement. "Symantec — along with our platinum sponsors, General Dynamics Advanced Information Systems and HP — is honored to recognize these individuals' leadership, dedication and innovation through the 2011 Cyber 4 Awards."
This year's Cyber 4 winners were
- Rep. Michael McCaul (R-TX), who serves on the House Committee on Homeland Security, is chairman of the Subcommittee on Oversight, Investigations and Management, and sits on the Subcommittee on Cyber Security, Infrastructure Protection and Security Technologies. He is also co-founder and co-chair of both the Congressional Cyber Security Caucus and the Congressional High Tech Caucus and is vice chair of the Speaker's High Tech Working Group. He has been instrumental in raising awareness about proactively addressing cyber security, while embracing the importance of technology innovation and a strong public-private partnership to combat threats and protect our national critical infrastructure.
- Dion Herbert, deputy, Bureau of Diplomatic Security, Office of Computer Security, Enterprise Security Services, Department of State, where he reviews and implements new and existing cyber security tools for the Bureau of Diplomatic Security, the security and law enforcement arm of the Department of State. He is responsible for securing the perimeter for diplomatic missions and initiatives, assessing technology and consulting on methods to support the business goals and objectives of more than 80,000 users. He has played a leading role in spurring cross-organizational discussion and was the point man in the department's recent data loss prevention initiative, bringing five disparate groups together to determine how they can leverage technology to improve the agency's security posture.
- Tony Sager, chief, Information Assurance Directorate's Vulnerability Analysis & Operations Group, National Security Agency, where he advanced the development of Security Content Automation Protocols (SCAP), which uses standards to enable automated vulnerability management, measurement and policy compliance evaluation. He also supported the U.S. Air Force's initiative to save millions of dollars by standardizing the security settings on desktops across its enterprise. This initiative spurred the Office of Management and Budget to duplicate standard baselines for the entire federal government for improved security and reduced costs. He has championed critical security automation standards and served as a key liaison between industry and government agencies to develop consensus on standards and protocols.
- Alex Pettit, chief information officer, Office of State Finance Information Services Division, State of Oklahoma, who, in April 2010, became Oklahoma's first state chief information officer. His first key initiative was to evaluate the state's security posture and develop a plan to provide measurable, standardized security policies and procedures across agencies. He has also worked with the state legislature to introduce a bill which would consolidate many IT functions under his management. He has been a force driving security and IT processes standardization across the state, as well as disaster recovery planning, crisis leadership and emergency operations.