Obama appoints Washington's first-ever federal government CISO

But is a retired brigadier general really the best person for the job?

President Barack Obama has appointed a retired brigadier general as the first chief information security officer (CISO) for the US federal government as part of his Cybersecurity National Action Plan, announced in February.

Brigadier general Gregory Touhill (pictured) will be charged with driving cybersecurity policy, including planning and implementation across the US federal government.

Touhill is currently the deputy assistant secretary for cybersecurity and communications in the Office of Cybersecurity and Communications (CS&C) at the Department of Homeland Security (DHS). In this role, his remit is the development and implementation of operational programmes intended to protect US government networks and critical infrastructure.

"In his new role as federal CISO, Touhill will leverage his considerable experience in managing a range of complex and diverse technical solutions at scale with his strong knowledge of both civilian and military best practices, capabilities, and human capital training, development and retention strategies," according to the US government CIO Tony Scott, revealing the appointment in a blog posting.

Touhill's team will work under the Office of Management and Budget (OMB), the largest office within the Executive Office of the President of the US. The most prominent function of the OMB is to produce the President's budget.

At the same time, the US government also named Grant Schneider as acting deputy CISO.

"In creating the CISO role, and looking at successful organisational models across government, it became apparent that having a career role partnered with a senior official is not only the norm but also provides needed continuity over time," claimed Scott.

Schneider currently serves as the director for cybersecurity policy on the National Security Council staff at the White House, where his remit is the development and oversight of cybersecurity policies to protect government data, networks, and systems. He has more than 20 years of technical skills that he will bring to the new role.

"Building on the Cybersecurity Workforce Strategy to identify, recruit, and retain top talent, the CISO will play a central role in helping to ensure the right set of policies, strategies, and practices are adopted across agencies and keeping the federal government at the leading edge of 21st century cyber security," concluded Scott.

Strong demand for CISOs, whether in the UK or US, has seen a surge in remuneration for candidates who can fit the right profile.