HOMELAND SECURITY PERSON OF THE YEAR
The GTSC Homeland Security Today Person of the Year is awarded to people who serve the homeland security mission in an exemplary fashion. These individuals have directly improved, executed, and/or engaged the proper people, agencies, or departments necessary to tangibly improve the nation’s prevention, protection, mitigation, or response capacity to make America safer.
PERSON OF THE YEAR: NATIONAL
Eric Hysen, Chief Information Officer & Chief Artificial Intelligence Officer, U.S. 
Department of Homeland Security
When surveilling the threat landscape, and then the people dedicated to mitigating it, Eric Hysen is at the top of everyone’s mind. His bio is filled with significant accomplishments and a meteoric rise at the Department of Homeland Security, most recently as Chief Artificial Intelligence Officer – the first of its kind – at the U.S. Department of Homeland Security. Mr. Hysen has been leading the information technology shop at DHS as Chief Information Officer since February of 2021 and fielding the most challenging time – technologically – in the Department’s history.
Artifical intelligence, quantum computing, and technologies like ChatGPT have been bubbling up for years and in November 2022 exploded onto the scene forcing government and industry to focus directly on its impacts and repercussions. After a short few months, the Administration was able to issue numerous Executive Orders for safety and security around the use of AI in government and named Hysen to the critical emerging role as Chief AI Officer. He is responsible for promoting AI innovation and safety across the Department and advises the Secretary and DHS leadership on AI issues and has already made a tremendous impact on guidance and guardrails around this critical development.
He does this while supporting and maintaining the digital infrastructure for the entire department and supporting the numerous components in the third largest Cabinet agency, with the most daily interaction with the public in the federal government. He continued and continues to align the Department’s Information Technology (IT) personnel resources and assets, including security, infrastructure, and delivery, to support core DHS missions.
His work will reverberate for many years and he is architecting our nation’s course for a safe and secure future in the age of AI.
MOST VALUABLE PLAYER
The MVP award is given to an official or team that modernizes and improves the operations and performance of an agency, component, or division to increase capacity, speed delivery, use innovation and improve performance. These leaders also focus on the future – developing strategies and plans to address our constantly changing, dynamic threat environment.
Bob Costello, Chief Information Officer, CISA, DHS
Today, the frequency of cyber-attacks against stakeholders in the “dot Gov” and critical infrastructure sectors have reached a level of frequency and intensity that requires CISA to unify all business and mission functions of the agency and cybersecurity community to counter our adversaries. From the SolarWinds event and the product vulnerabilities—CISA is at the center of the storm and Bob Costello as the CISA CIO is leading the fight to unify the agency’s business and mission capabilities to counter these threats. Bob is a 25-year veteran of the Federal IT community with much of his time spent leading mission critical efforts within ICE and CBP. His experience building partnerships within the Department and across the contractor community give him the technical and business acumen to solve the unification challenges within CISA that will enable the agency to meet the cybersecurity challenges of the next 10 years. His dedication to the mission of DHS, and the advancements he has made in his short time at CISA deserve the respect and recognition of the nomination board of reviewers.
EXCELLENCE IN ZERO TRUST
Award Patron: Acuity, Inc.
The Zero Trust Excellence Award recognizes outstanding achievements in the design, implementation, and management of Zero Trust architectures within the federal government environment. Rooted in the “never trust, always verify” philosophy, Zero Trust mandates that no individual, device, or application, regardless of its location or relation to the organization, is inherently trusted.
James Scobey, Chief Information Security Officer, U.S. Securities and Exchange Commission
Under the leadership of SEC CISO James Scobey, the Commission’s endeavor to implement Zero Trust principles showcases a proactive stance in bolstering cybersecurity, aligning with broader governmental directives to modernize cyber defense. Scobey‘s forward-thinking approach to cybersecurity embodies the “never trust, always verify” mantra central to Zero Trust. By navigating the complex journey of shifting towards a more identity- and data-centric security model, the SEC sets a commendable precedent for other federal agencies and financial entities, demonstrating the critical role of evolving cybersecurity strategies in safeguarding national financial systems and data.
Furthermore, the progress achieved under Scobey‘s leadership signifies a broader governmental transition towards contemporary cybersecurity models, which is crucial in navigating the increasing sophistication of cyber threats. The recognition of the SEC, and particularly CISO James Scobey, for its strides in Zero Trust implementation not only acknowledges the agency’s diligence but also underscores the importance of continuous cybersecurity enhancement in the federal sector, fostering a culture of excellence and adaptation that is vital in today’s rapidly evolving cyber landscape.
MOST VALUABLE PLAYER – DATA ADVANCEMENT
The MVP award is given to an official or team that modernizes and improves the operations and performance of an agency, component, or division to increase capacity, speed delivery, use innovation and improve performance. These leaders also focus on the future – developing strategies and plans to address our constantly changing, dynamic threat environment.
Elizabeth Puchek, Chief Data Officer, U.S. Citizenship & Immigration Services
Elizabeth Puchek, Chief Data Officer for U.S. Customs and Immigration Services is using data to shape the first-ever USCIS Data Strategy and build a data-centric culture to secure one of the nation’s most critical missions: immigration. But it’s not just about the strategy – data quality and data standards are her priority which blazes the trail for the further use of automation technologies that can take efficiency, speed, and accuracy to unprecedented levels. Puchek is leading USCIS to a data driven culture that sets the organization up for long term improvement and paves the way for further use of emerging technologies like AI, machine learning, Large Language Model chat GPT and more. In just under 90 days, Beth established and chaired a cross-directorate working group to develop the strategy’s four goals, launched an agency-wide communication campaign, and completed the formal review and approval process to gain the Director’s concurrence. The strategy formed the foundation for the new organizational design for the OCDO, which is responsible for managing data assets and fostering a data-driven culture at USCIS. She oversaw the development and deployment of Streamline Case Processing solution, which over the last three quarters has saved over 500K hours in process forms. Beth is supporting the strategic plan by promoting data consumption among all of her staff by publishing enterprise-wide dashboards—the Director’s Snapshot, the Domestic Receipts Dashboard, the USCIS Strategic Performance Measures Dashboard, and the Electronic Filing Dashboard–to help facilitate leadership decisions; to launch the Data Management Council, and to complete several data sharing agreements with the Department of Labor and Department of State that improve the efficiency and effectiveness of benefit adjudications. She also has her eye on the need for her data analysts to be on the same page, so she created an Analyst Basic Training to provide a consistent baseline for the agency’s data analysts and is currently expanding this training to provide Analyst Intermediate Training for more advanced topics. Puchek’s roots in homeland extend to 8 years at U.S. Customs and Border Protection (CBP) where she held progressively advanced roles, including Advisor to the Commissioner, Chief of Staff for Enterprise Services, and Director of Systems Engineering.
Carin Quiroga, Chief Data Officer, ICE
This past year has been an incredible year for the Office of the CDO. Succinctly put, Carin is able to make people care about data and its use in an unprecedented way. It is through her enthusiasm that she brings people to the table to discuss the exciting things, do the hard things, and align on the many many tasks it takes to follow through. In this year alone she has led an IT data modernization effort, opened a data bodega, and started a data empowerment program. The IT Data Modernization project took place at the enterprise level. It builds on ICE’s data modernization progress to date, and follows an executable roadmap towards ICE’s future as a data driven organization. As of August 2023 twelve (12) of the sixteen (16) identified priorities have moved into new phases of execution. This program has established clear owners, captured existing efforts and dependencies, and focused on incremental progress to modernize ICE’s data and IT ecosystem. Carin also opened the ‘Data Bodega’. An inaugural effort of removing data silos and providing ‘one stop shopping’ for what will someday maintain a catalog of all data available throughout ICE. Still in its infancy, this working group requires many discussions and engagement across many offices as everyone aligns on the security needs of a law enforcement agency. Phase I is well underway with a launch date expected at the end of September. This pilot will provide access to four (4) foundational non-sensitive datasets to better inform decision making at all levels of engagement. Another star in Carin’s year, has been the Data Empowerment Program. This program launched with a Data Literacy Survey in July 2023 and had a response rate of 49%. The aim was to gather a baseline understanding of the data literacy landscape at ICE. From the information received, the Data Empowerment Program will help employees advance their data literacy skills, thought sponsored lunch & learns, communication of various self-paced trainings available, sharing of data standards and policies, as well as related book, article, and podcast recommendations for keeping those interested up-to-date on the latest and greatest technologies and information available.
While these are just a few examples of the work being done in the CDO office. The effort of creating measurable change to make the agency more data driven, and in turn responsive to change is evident in everything Carin does. We think big, start small – and always make forward progress.
BACKBONE
Often the “back-end” side of the mission is the most neglected, and yet often the most important. Recipients of the Backbone award have accomplished extraordinary feats to ensure that the support functions of an agency maximize efficiency, support mission and account for new advancements and technology.
Kristen Himes, Lead, Center of Excellence Service Governance, Cybersecurity Division, CISA
Kristen Himes, CISA’s Cybersecurity Division Center of Excellence Service Governance Lead, is nominated for the Backbone Award in recognition of her exceptional contributions to modernizing and improving the operations and performance of CISA Cybersecurity Shared Services Office (CSSO). Kristen has consistently demonstrated her commitment to increasing support capacity, accelerating delivery, promoting innovation, and improving overall performance by dedicating her efforts to standardizing service operations and management across the agency. Recognizing the need for a centralized tool to enable streamlined operations and improve transparency across services and workflows, last year Kristen embarked on creating a comprehensive solution. Starting with Protective DNS, a cornerstone CISA-provided service, she meticulously analyzed the operational requirements, identified common pain points across service stakeholders, and designed a tool that now addresses these challenges effectively and enables stronger collaboration within and outside of CISA. The service operations management tool developed by Kristen empowers the Protective DNS team to effortlessly oversee all aspects of their day-to-day operations. To date, almost 10 service functions are in use to enable teams to track customer demands and change requests; manage incidents and change requests; and streamline onboarding and knowledge management. The tool enables real-time visibility into Protective DNS service operations and frees up the Protective DNS team to focus on accelerating customer adoption and service expansion. The most exciting aspect of Kristen’s creation is its scalability and potential for future use. The tool has been designed with a flexible framework that allows it to be easily adapted and applied to other services across CISA. Its modular architecture and configurable features empower teams to leverage the tool while introducing configuration to align to their specific service offerings and requirements. By developing and now scaling this service operations management tool, Kristen has paved the way for future CISA advancements. The tool has immense potential for widespread adoption for various CISA services, as it provides a standardized, efficient, and transparent approach to managing service operations and diverse customer groups. Kristen is dedicated to innovation, focused on delivery excellence, and committed to delivering high impact, innovative solutions to enable CISA to deliver mission-oriented services.
HOMELAND’S HUMAN FIREWALL
Homeland’s Human Firewall is a new award to recognize the tireless efforts and achievements of those keeping our cyber infrastructure protected.
Daniel Daly, Deputy Director, Information Assurance Division, TSA
Daniel Daly serves as the Deputy Director for TSA’s Information Assurance Division (IAD). He’s a former US Marine Officer who brings to TSA a wealth of experience in cybersecurity along with exemplary leadership skills which is evident in his daily interactions with over 55 government personnel and more than a hundred contractor support partners. Mr. Daly is responsible for a myriad of activities while serving as Acting Director of IAD and the Deputy Chief Information Security Officer. He has been instrumental in leading TSA’s Security Operations Center in achieving two consecutive designations by the Department of Homeland Security as a Cybersecurity Service Provider and Center of Excellence. He is a vital part of the Chief Information Security Officer’s leadership team ensuring the SOC is responsive to an evolving threat landscape where TSA faces over a billion security events on a monthly basis. Mr. Daly is a consummate representative of the Chief Information Officer’s office, ushering in new cybersecurity initiatives to support the TSA’s core mission to protect the nation’s systems to ensure freedom of movement for people and commerce. He serves as an excellent mentor to IAD leaders at varying levels, consistently leading by example and raising the bar for his peers. Mr. Daly provided subject matter expertise in the co-creation of the most recent TSA cybersecurity roadmap, integrating the TSA Enterprise cybersecurity key objectives for the next few years. He is also responsible for leading the TSA Zero Trust program; Mr. Daly established an integrated project team to comply with Executive Order 14028 and OMB 22-09. He has been the driving force to obtain additional funding in support of Zero Trust and the development of an effective strategic approach. Mr. Daly is an excellent partner, evident through his strong support of other program offices within TSA; for example, he provided critical input in the authoring of the most recent Security Directives for TSA’s industry partners. He also led his team to develop a new threat hunting activity which complimented the threat intelligence program under his Focus Operations Branch. Mr. Daly has also led a very effective team cyber engineers which are responsible for executing penetration testing against the agency authorized systems. The results of these tests have been extremely beneficial to TSA, identifying security deficiencies for remediation before an adversary could potentially exploit them. The culmination of all Mr. Daly’s efforts has had a positive and significant impact on TSA’s overarching security posture and the prevention serious harm to the TSA Enterprise and the core mission objectives of TSA to support the traveling public. The Office of Information Technology has been faced with a major challenge with its DEVSECOPS activities; routinely facing self-imposed stumbling blocks associated with the lack of established processes and coordination between the multiple teams within DEVSECOPS. This resulted in a backlog of applications and severely impacted the agile methodology for software development as required by the Chief Information Officer. Mr. Daly took up the challenge of addressing this critical mission area to untangle and promote a more coordinated approach to developing and authorizing applications in support of program offices across TSA. He first initiated an integrated project team to address each of the groups specific activities, processes, and objectives. One of his major goals was to align the Risk Management Framework (RMF) with the principles of an agile methodology, as RMF is a mandatory requirement for the Information Assurance Division under the Federal Information Security Management Act. Mr. Daly’s leadership was a key factor in bringing together key stakeholders to develop an end to end process which included the equities of all stakeholders. This new process was approved by the TSA Chief Information Security Officer. However, it would require some additional actions to add the “Speed to Delivery” as subsequently identified by TSA’s new CIO. Once again, Mr. Daly was quick to accept the challenge of improving speed in which applications are delivered to the production environment. He leveraged multiple teams to develop a 30-60-90-Day plan to ensure the development activities no longer faces a minimum nine-month duration period from “development to production” delivery timeframe. The teams analyzed current practices, processes, and mandatory security policies and federal guidance to streamline the Risk Management Framework activities. Through Mr. Daly’s keen understanding of both the application development requirements and the RMF requirements, he was able to lead the team towards the development of a new plan that satisfies the Chief Information Officer’s requirement to deliver applications at an expedited pace to better support program offices across TSA. The results of his leadership culminated into receiving executive approval.
