Andy Ozment

Dr. Andy Ozment has worked in cybersecurity for almost twenty years as an operator, programmer, policymaker and executive. He is currently the Assistant Secretary for Cybersecurity and Communications at the Department of Homeland Security (DHS). In this role, Dr. Ozment is charged with protecting the government against cyber attacks and helping the private sector protect itself.

Dr. Ozment’s office helps its private sector and government customers by responding to incidents, sharing information, developing and promulgating best practices, and increasing our nation’s cybersecurity capacity. In leading this office, Dr. Ozment oversees a budget of more than $1 billion and leads a workforce of over 600 federal employees and several thousand support personnel.

At DHS, Dr. Ozment has led the U.S. government’s response to dozens of incidents in the government and private sector. During his tenure, his teams have been called in to find and remove the intruders at OPM and separately to travel to Ukraine to better understand and share information about the cyber attack that turned off power to over 200,000 customers. His team built and operates a classified, government-wide intrusion prevention system and is working with federal agencies to deploy endpoint monitoring solutions across millions of government computers. By establishing policy with clear metrics and holding agencies accountable, Dr. Ozment has driven a measurable decrease in the cyber risk faced by government agencies.

Prior to joining DHS, Dr. Ozment served at the White House as the President’s Senior Director for Cybersecurity where he led a team that developed national policy and coordinated federal cybersecurity efforts. He was responsible for the development and implementation of the President’s Executive Order 13636 on Improving Critical Infrastructure Cybersecurity. He then oversaw the resulting development of the NIST Cybersecurity Framework. Dr. Ozment also led the development of the National Strategy for Trusted Identities in Cyberspace, a signature initiative by the Administration to improve online authentication.

Before joining the White House, Dr. Ozment led an operational security group at DHS that oversaw compliance, metrics and security authorization for the Department’s Chief Information Security Officer. Previously, Dr. Ozment served in cybersecurity or technical roles with the Office of the Secretary of Defense, National Security Agency, Merrill Lynch and Nortel Networks.

Dr. Ozment earned a Bachelor of Science degree in Computer Science from Georgia Tech. While studying in the United Kingdom on a Marshall Scholarship, he earned a Master of Science degree in International Relations from the London School of Economics, and a Ph.D. in Computer Science from the University of Cambridge.

The opinions expressed in this blog are those of Dr. Andy Ozment and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

Putting the privacy into cybersecurity at DHS

DHS helps you make your control systems more secure

DHS helps you make your control systems more secure

After a zero-day exploit to the maritime transportation sector, DHS's National Cybersecurity and Communications Integration Center notified potentially-affected U.S. ports about the threat. They described the apparent vulnerability...

ISAO standards organization sets guidelines for sharing information

University of Texas at San Antonio (UTSA), the Information Sharing and Analysis Organization (ISAO) Standards Organization, published four guidance documents on creating and operating an ISAO.

National cyber incident response plan: We need your input

National cyber incident response plan: We need your input

A presidential directive directed the Department of Homeland Security (DHS) to develop a National Cyber Incident Response Plan (NCIRP) to outline both the private sector and the government’s cyber incident response roles and...

Advancing cybersecurity through automated indicator sharing

Advancing cybersecurity through automated indicator sharing

As the number of cybersecurity incidents increase, both the government and the private sector have worked together to introduce an info-sharing program to help address the threats.

Cyber incident response: Who does what?

Cyber incident response: Who does what?

“Who in the government will help me if we face a significant cyber incident?”

Load More