CISA hires cyber risk experts to meet emerging threats

cybersecurity (Rawpixel/ 

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency brought on two hired hands to help it grapple with shifting infrastructure cyber risks as the COVID-19 crisis grinds ahead.

The agency brought on Josh Corman as a visiting researcher and Rob Arnold to join CISA's National Risk Management Center as a senior cybersecurity and risk management advisor. The positions are temporary and set up under CARES Act authority, according to a July 22 CISA statement.

"The COVID-19 pandemic has resulted in noticeable shifts in cyber risk calculations for organizations of all sizes," said CISA Director Christopher Krebs in the statement. "The hardware, software, and services that underpin our connected infrastructure have absolutely been tested and stressed in this telework-heavy environment. At the same time, certain organizations and sectors of our economy have become more attractive targets for adversaries."

Krebs said the shifting threats require an "all-hands-on-deck" approach by CISA to get the best cybersecurity talent to the front lines.

In their positions at CISA Arnold and Corman, he said, will help the agency build technical capabilities, as well as bolster engagement with industry and research communities.

Corman will work on integrated industry engagement efforts supporting the COVID response, provide cybersecurity expertise on healthcare infrastructure, and support CISA's control systems and life safety initiatives, according to CISA.

Arnold, said the statement, will help the agency understand how cybersecurity risks have shifted from COVID-related factors and how the critical infrastructure community can best fortify defenses in response.

Both have deep experience with managing infrastructure cybersecurity issues, according to CISA.

Before being hired by DHS, Corman was the chief security officer at industrial software provider PTC and director for the Cyber Statecraft Initiative at the Atlantic Council's Brent Scowcroft Center for Strategy and Security. He also co-founded the non-profit, group that volunteers to help improve cybersecurity for public safety.

He was also a member of the Congressional Health Care Industry Cybersecurity Task Force that developed a report on the state of cybersecurity in the healthcare industry.

Arnold has deep experience in translating cyber risk to business. He founded and is CEO of cyber risk management adviser Threat Sketch which helps executives at small organizations understand and act against cybersecurity threats.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at [email protected] or follow him on Twitter at @MRockwell4.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected