Possible candidates for OFPP, cyber czar emerge

The rumor mill is hot with potential names for key management positions in government. While the Trump administration is weeks, if not months away from filling many of the most important Office of Management and Budget, General Services Administration and the Office of Personnel Management jobs, we are starting to hear some rumblings of potential candidates.

Let me start with two hot rumors.

I’m hearing Joshua Steinman could be the next White House cyber czar, replacing Michael Daniel, who served in that role — also known as White House Cyber Coordinator — for four-plus years.

Steinman already is working in the government in some respects. He is a Navy reserve officer and serves as an “official interlocutor between the Department of Defense and Silicon Valley as a member of Defense Innovation Unit-Experimental (DIUX), the DoD ‘embassy’ in Silicon Valley,” according to his LinkedIn page.

Advertisement

He also leads the strategic efforts at ThinAir, which provides enterprise security software at the end-user and data layers.

Trump recently named two other technology appointees. Reed Cordish as the assistant to the President for intragovernmental and technology initiatives, and Gerrit Lansing as deputy assistant to the President and chief digital officer.

Cordish met with eight technology industry associations on Jan. 19, where he talked about the need to continue and even boost federal IT modernization efforts that began a few years ago.

Cordish comes to the White House after serving as a principal and partner of The Cordish Companies, an international real estate development and entertainment company.

Lansing worked on the Hill since 2010 and most recently was the chief digital officer for the Republican National Committee.

The other name to keep an eye on is Emily Murphy for a possible job at GSA or the Office of Federal Procurement Policy.

Sources say Murphy recently left her staff job at the House Armed Services Committee and could be in line for a bigger role in the administration.

Murphy was a political appointee during the President George W. Bush administration, where she worked at GSA and the Small Business Administration.

An email to Murphy seeking comment was not returned.

Murphy is one of the few procurement experts on Capitol Hill, so moving into the administration to work on acquisition issues at GSA or OFPP would make perfect sense.

While Steinman and Murphy are just rumors, there were some surprising changes, including Greg Touhill, leaving as the federal chief information security officer. Many thought with the White House naming Touhill only four months ago he would stick around into the next administration, especially with the focus on cybersecurity.

Touhill wrote in a post on LinkedIn that he is “recharging my batteries and looking for the next great adventure.”

“During my service as the U.S. chief information security officer, I have focused on execution of best practices to better manage our cyber risk posture. Frankly, we don’t need more policies, we need to execute the ones we have and eliminate the ones that no longer are aligned with contemporary best practices. I believe best practices bring you compliance yet focusing on compliance doesn’t always deliver best practices or best results. Having formed the federal CISO Council across all departments and agencies, we’ve launched a solid risk management construct that is already yielding results. For example, we bought down our collective risk by raising implementation of multi-factor authentication on privileged user accounts from just over 30 percent to nearly 99 percent by the end of 2016,” Touhill wrote on a post on LinkedIn. “There remains much to do to improve our cybersecurity risk management posture. We need a better architecture focused on shared services capabilities rather than one built on organization charts. We need accountability and ownership built into our culture. We need to intelligently leverage cloud computing and mobility solutions that produce effective, efficient, and secure results. We need to do regular risk assessments across each department and agency. We need to better train and regularly exercise our personnel. As I depart, I’ve left in place a solid flight plan and a great team of innovative professionals in the CISO Council and OMB who will follow through and execute what it takes to better manage our cyber risk. As they do so, I will remain a faithful wingman, ready to help as needed.”

Return to the Reporter’s Notebook