Brig. Gen. Greg Touhill, the first former federal chief information security officer, has signed on as president of the recently formed Cyxtera Federal Group (CFG), the federal contracting arm of secure infrastructure company Cyxtera Technologies.
Touhill, who was not kept on as federal CISO once President Donald Trump assumed office, will oversee CFG’s work with federal agencies. Cyxtera Technologies launched CFG as a means to connect public sector agencies with technology already being used in the private sector.
During his time in the White House, Touhill developed a five-step strategic plan for shoring up federal cybersecurity efforts. The CISO position he occupied was created by the Office of Management and Budget through the Cybersecurity National Action Plan, and left Touhill in charge of developing cyber practices across the federal government.
Prior to his CISO nomination, he served as a deputy assistant secretary at the Department of Homeland Security.
“The ways that the federal government can improve are codified in the strategic plan that I put together — the strategic goals while I was the Federal CISO,” Touhill told CyberScoop. “Harden the workforce, treat information as an asset, do the right things the right way, continually innovate and invest wisely, and then finally, make informed cyber risk decisions at the right level.”
Touhill noted that the federal government has a long way to go in terms of implementing the best cyber security practices across agencies, with organization, inventory and basic security measures among the top priorities.
“I don’t believe the federal government has a really good count on how many federal data centers it has.” said Touhill. “It doesn’t matter if its [military] or [government], I don’t think they have a really good handle on where their information is. I know that the federal government recognizes that they have too many data centers that are expensive to maintain and to operate. Further, the government made a mandate years ago to do a cloud-first strategy, and that has not necessarily taken as firm a hold as it needs to. If I take a look at the cybersecurity posture of the federal government, there’s a lot of folks out there who still aren’t doing the basics.”
The move to private sector enables Touhill to “make a difference in the community” that he helped foster during his time in the public sector.
“We want to take the innovative technologies that we’ve already brought to the private sector and bring that to the federal government.” Touhill told CyberScoop. “I’ll tell you, based on my experience at both the dot-mil and the dot-gov, the federal government could definitely use the solutions that Cyxtera provides to better protect the peoples’ information. The capabilities that Cyxtera brings to the table will really help make the government more effective, more efficient and more secure.”