For its annual US Government Information Security Leadership Awards, (ISC)² recognized individuals and teams for improvements to information security in five categories: federal contractor, workforce improvement, technology improvement, community awareness, and process/policy improvement.
In the federal contractor category, Kenneth A. Buszta with Integrity Applications won the individual award for his work on improving the security posture of the Tomahawk missile command and control system. The US Air Force’s Military Satellite Communications Systems Wing’s certification and accreditation (C&A) team won the team award for planning and executing a “cradle to grave” C&A program that improved the security and integrity of $41bn in military communications assets.
In the workforce category, Thomas Schankweiler, chief information officer in the Department of Health and Human Services’ Office of the Secretary, won the individual award for developing and implementing a comprehensive information security program for the office. The team award went to the National Defense University’s Assuring the Information Infrastructure team for its work in educating government officials and military officers in information assurance and critical infrastructure protection.
In the technology improvement category, Kenneth Kurz, chief of the National Cryptographic Solutions Management Office at the National Security Agency, won the individual award for leading the federal government’s cryptographic capability transformation efforts and for creating a cryptographic risk assessment methodology. The US Air Force’s Lightweight Portable Security team won the team award for a project to develop trusted browsing and remote access for end nodes.
In the community awareness category, Erich Fronck, a network information security officer at the Department of Veterans Affairs, won the individual award for establishing a security awareness tracking process that has improved the agency’s security awareness training compliance. The team award went to the Global Cyber Security Management team at the Department of Homeland Security's National Cybersecurity Division, for elevating awareness throughout the cybersecurity community through various education and training efforts.
For process and policy improvement, the individual award went to April Giles, program manager and chief architect of the General Services Administration’s FIP 201 Evaluation Program, for creating the vision and identifying an appropriate protocol for certificate validation requests and responses for the service-based certification protocol. The team award went to the Defense Business Systems Acquisition team at the Department of Defense’s Business Transformation Agency, for process improvements in contractual language that has strengthened the security of the IT acquisition process.