VA fills out security staff with CISO

The Veteran Affairs Department has brought Jaren Doherty onboard as chief information security officer. He previously was CISO at the Health and Human Services Department.Doherty, who also has the title of associate deputy assistant secretary for cybersecurity, fills a critical position in the department, which restructured its information technology environment in the past year to improve its management and security. He started at VA Feb. 4. Doherty replaces Pedro Cadenas Jr., who resigned in July 2006. Robert Howard, VA’s chief information officer, and later Adair Martinez, deputy assistant secretary for information protection and risk management (IPRM), have been responsible for VA’s IT security as the department centralized its IT organization. VA decided to put IT authority under the CIO following the theft of a laptop PC that contained personal data on millions of veterans and which was later recovered. IT security staff report to Martinez. Doherty also was CISO at HHS’ National Institutes of Health, where he supervised IT management security, privacy and the information systems security officers in each of the 28 NIH institutes and centers. He received his bachelor’s degree from the University of Idaho and his master’s degree from George Washington University. He also is a certified information systems security professional.Since VA centralized its IT operations, information protection also has become an enterprise effort, which includes privacy records management and incident response, Martinez said. The IT oversight and compliance group is much larger than before centralization. And the network and security operations centers have been combined. “This is a new ballgame. This is a more robust group,” she said. In addition to Doherty, Andres Lopez also joined VA’s IT staff Feb. 1 as director of business continuity. Prior to VA, Lopez was an intelligence officer in the Army. And Charles Gephart becomes director of IT field security operations. “The new IPRM leaders have impressive credentials, which will serve the VA well since they will be responsible for providing guidance for critical information protection initiatives,” Martinez said.