Howard to leave HUD for NRC

The Nuclear Regulatory Commission has selected Patrick Howard, chief information security officer at the Housing and Urban Development Department, to lead its new Computer Security Office. Howard will start his new position March 17, reporting to Darren Ash, NRC’s chief information officer and deputy executive director for information services.

The Computer Security Office is an organizational change that meets requirements under the Federal Information Security Management Act for an enterprise information security program.

Under Howard, HUD significantly improved information security, achieving an A+ on the 2006 FISMA score card. At NRC, which had a failing grade, Howard said he plans to improve compliance and the security program. His final day at HUD will be March 14.

Ash looks to Howard’s knowledge and experience in information technology security to strengthen NRC’s program.

“I know that Pat will provide vision, leadership and oversight in developing, promulgating and implementing an agency IT security strategy,” Ash said in a statement today.

Howard said HUD’s program has a good foundation and will be able to move forward, maintain compliance, and face challenges and new threats. Under his stewardship, HUD established a comprehensive IT security program, including a strategic plan, developed policies and procedures, and built an organization and staffed it with quality people. A lot of his success is in maturing the program and getting the most out of it, he said.

“I feel good about having accomplished something that will be long-lasting and have the opportunity to kind of run itself,” he said.

Howard has been active in the CISO community, advancing federal IT security initiatives. HUD will integrate the FISMA reporting tool from the Environmental Protection Agency, a shared-service provider under the Information Systems Security Line of Business, into its current software.

HUD also produced best-practices documents that it hopes to share with other agencies to improve the quality of their FISMA submissions. The products are policies and procedures, templates and instructions, frequently asked questions and answers, checklists, face-to-face training presentations and feedback. The aim is to have best practices that all agencies can use and have the same quality starting point. The best practices build on IT security guidelines from the National Institute of Standards and Technology.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.