CSRA Creates New Cyber Leadership Role To Keep Government Agencies Secure In Moving To Cloud
CSRA has promoted a technical expert to lead the company's security charge, tasking him with training the company's cyber-focused workforce and helping U.S. government agencies migrate to the cloud.
The Falls Church, Va.-based company - No. 14 on the 2017 CRN Solution Provider 500 - tapped Matt McFadden to spearhead security-related projects in the health, civilian, defense, Homeland Security, and military agencies, and work with vendors and those government branches to establish robust operating models, according to George Batsakis, CSRA's chief growth officer.
McFadden will also be responsible for improving cyber awareness, training, protection and skills within CSRA's 1,500 security-focused professionals, Batsakis said. He will be expected to uplift and upgrade CSRA's cyber talent across the company by pulling together repeatable offerings and capabilities, according to Batsakis.
"Cybersecurity is embedded in everything we do, so it's a little difficult to bucket or define these programs," Batsakis told CRN.
McFadden is expected to establish CSRA as a leading cybersecurity company and keep the company up to speed on the roles, technological capabilities, and vendor partnerships it's taking to market. Specifically, McFadden said, CSRA plans to focus on areas where cyber converges with existing technology, such as the need for risk management and authority to operate around cloud migrations.
Implementations differ between Microsoft Azure and Amazon Web Services, McFadden said, meaning that CSRA must remain flexible and capable of meeting its clients' cloud security needs regardless of the platform they use.
"At the end of the day, each cloud provider is different," McFadden said.
Government agencies increasingly recognize that they need to move to cloud to drive operational efficiencies, Batsakis said, but have long struggled to support the security requirement associated with the migration process. As a result, Batsakis said CSRA decided it needed focus and a leadership model around security that goes beyond simply embedding it into other technologies.
The government is also looking for more support to protect against insider threats, McFadden said, particularly as it relates to bolstering log analysis and monitoring as consumption of data skyrockets.
From an education perspective, McFadden said he's very interested in providing CSRA employees with hands-on technical training against new types of malware and other threats they haven't encountered before. CSRA has thus far built out a cyber institute, McFadden said, and run two internal hackathons.
McFadden's promotion will also provide CSRA with better focus on evaluating cyber vendors with new or emerging capabilities, Batsakis said. CSRA's top-tier vendor relationships are subject to quarterly analysis and review, according to Batsakis, and the company is planning to hold a conference in the next couple of quarters focused specifically on cyber.
CSRA excels at transforming agencies through its architecture and engineering programs, Batsakis said, and has a strong track record of maintaining federal accreditation as it relates to securely upgrading a client's mobile experience.
"We've turned the SOC [security operations center] lifecycle into an offering in and of itself," Batsakis said.
McFadden joined CSC in 2008 as a network intrusion subject matter expert, and became part of CSRA in November 2015 with the merger of SRA and CSC's North American public sector business, which is now CSRA. He had served as CSRA's chief technologist to Department of Defense customers since June 2016.