The White House has reportedly fired its chief information security officer Cory Louie leaving another key internal cybersecurity position open less than a month after former Federal CISO Gregory Touhill resigned from his post.
Louis was let go late last Thursday, according to Steve Clemons, Washington editor-at-large at The Atlantic, who is credited with breaking the story. The White House has not yet publicly commented on any such personnel move. However, Paul Innella, CEO of TDI Security, a consulting firm that regularly briefs government representatives on executive transitions, told SC Media in an interview that Louie is, indeed, no longer with the administration, based on his intimate knowledge of the Washington cyber-security community.
"Everybody in the cyber-security community saw this coming," said Innella, who warned that the simultaneous absence of a US CISO and White House CISO means, "We don't have two very critical CISOs that should be watching the house," leaving cyber experts "a little trepidatious about what going to happen next, mostly in terms of how this is going to affect national security".
A former Secret Service special agent and former security executive with Google and Dropbox, Louie was appointed to the position in 2015 by President Barack Obama, who created the role as part of his Cybersecurity National Action Plan. Louie's primarily responsibility has been protecting the president's and his staff members' digital assets from cyber-threats.
Cory and other government cyber-security officials had reportedly been encountering challenges while attempting to secure the new administration, in light of President Donald Trump's reported use of an unsecured Android phone to post tweets, as well as Trump staffers' use of a private email server (something Trump repeatedly criticised Hillary Clinton for doing as secretary of state).
Noting such reports, Innella acknowledged concerns within cyber-security circles that the current administration may have no concrete transition plan in place to replace Louie or Touhill. He even acknowledged the possibility that Trump could eliminate one or both recently created positions, thus rolling back some of Obama's key cyber-security measures. "Having a federal CISO is a critical component and the White House, being an absolutely treasured national asset, needs a CISO of its own," Innella stated.
To fill the two vacant CISO positions, Innella recommended that Trump seek out an experienced deputy CISO or a powerful private-sector cyber-security expert who would know how to work with federal CIOs and the US CERT, and who also understands the ins and outs of federal procurement.
SC Media reached out to the White House press office for comment.