CISA hires Navy cyber expert to help oversee vulnerability management

The Cybersecurity and Infrastructure Security Agency tapped a Navy leader in cyber and network operations Wednesday to lead its efforts to mitigate potential vulnerabilities and information security weaknesses. 

The nation's cyber defense agency named Sandy Radesky as the associate director of vulnerability management in a statement posted to CISA's official Twitter account.

Radesky, who previously served as the deputy command information officer for the U.S. Fleet Cyber Command since December 2020, is a longtime veteran of cyber operations, has spent most of her career supporting the Department of Defense.

She served as the director of analytics for the COVID-19 Countermeasures Acceleration Group beginning in June 2021, where she led a team of “data scientists, logisticians and technologists” to help optimize the process of distributing 400 million vaccinations as part Operation Warp Speed, according to her Navy profile. 

Prior to that, Radesky served as deputy director of operations at Joint Force Headquarters Department of Defense Information Network at Fort Meade, Maryland, helping oversee enterprise-wise command and control and cyberspace missions. 

A seven-year tenure at the Defense Information Systems Agency ultimately saw her lead the Global Operations Command Defensive Cyber Operations Security Center, its largest operational command tasked with safeguarding the DODIN network. 

The news comes as CISA and the entire federal government face an ever-increasing threat landscape of cyber vulnerabilities. Radesky's appointment was announced just days after the agency added another Microsoft zero day vulnerability to its catalog of known vulnerabilities that the company said can allow an attacker to gain system privileges after successfully logging in and running a specially crafted application. 

CISA has given all federal agencies until January 31 to patch the bug, titled CVE-2023-21674.

Radesky has also worked as an engineer and project manager for multiple information security and cybersecurity firms in the private sector, including as an engineer for MITRE and an information security analyst at CSC. She previously served as a communications operator in the U.S. Air Force, managing flight operations and computer security while spearheading network security infrastructure efforts, according to her LinkedIn. 

CISA director Jen Easterly said she was excited about Randesky's hiring in a tweet, noting her experience overseeing cybersecurity, policy and plans for the U.S. Navy's cyberspace operations during her tenure as the deputy command information officer for the U.S. Fleet Cyber Command.

The hiring announcement also follows the departure of Daniel Bardentstein from CISA, who has served as the agency's chief of technology strategy and delivery since December 2021. 

Earlier this month, CISA announced it had opened "a number of cybersecurity roles" within the organization through the Department of Homeland Security's Cybersecurity Talent Management System. The long-awaited cyber talent system was only responsible for hiring a single employee to DHS by May of last year, FCW learned at the time.