How DoD's Bob Lentz changed the role of chief information security officer

There has been a changing of the guard for the Defense Department's chief information security officer.

As Federal News Radio has been telling you, Robert Lentz, the long-time chief information security officer at the Department of Defense, is stepping down.

What challenges lie ahead?

Lewis Shepherd is the former senior technology officer at the Defense Intelligence Agency and currently chief technology officer for Microsoft's Institute for Advanced Technology in Governments.

He's also author of the blog Shepherd's Pi.

He brought the Daily Debrief analysis on Tuesday, saying Lentz profesionalized and improved the degree of information assurance at DoD and in the national intelligence community.

"I would put that in . . . three areas of activity that didn't get a lot of attention, but that Bob focused on during his tenure. Only one was internal to DoD from my way of thinking. The other two were external. The internal one was that he actually brought very much a new mindset to information assurance. He was very much partial to agile thinking -- to risk mitigation and risk management, not risk avoidance and to too many people these are cliches. They weren't to Bob. He actually knew what it meant to take an approach where you measured and controlled risk, as opposed to just simply avoiding it."

In addition, Shepherd pointed out that Lentz knew it was useless to try and secure everything, so Lentz decided to choose what was most important to secure, instead.

"Bob very much reached out to -- I think in an unprecedented way -- to the private sector and to Silicon Valley on information security. As DoD's chief information security officer he really, in an absolute sense, he has no parallel, but in the private sector, because of the enormous scale and scope, so it was actually very much welcomed from the Valley when he got involved."

Shepherd also credits Lentz with changing the degree of the partnership that existed between the Defense community and the Defense Department -- and the Intelligence Community and the Defense Department.

Identity management has also become a hot-button issue lately, and Shepherd said Lentz was on the forefront of this topic, as well.

"Bob's been out front on that. . . . Identity management becomes a really critical component to designing systems not only to provide access for users. So, for DoD users, particularly in the field, to be able to login securely and to access the information that they need to have access to, and to be able to access only the information they need to have access to, that's absolutely critical from an identity management standpoint."

Shepherd added that the position of chief information security officer at DoD is going to inherently change because of the Obama Administration's desire for a cybersecurity 'czar'.

"Working with that individual is going to be absolutely critical for Bob's replacement -- and also working with the Intelligence Community under the DNI team. So, that critical partnership between the DoD, the Intelligence Community, DHS, the rest of the federal government and particularly the private sector is something that is really going to keep DoD busy."

(Copyright 2009 by FederalNewsRadio.com. All Rights Reserved.)