The Department of Homeland Security official responsible for coordinating federal responses to hack attacks will depart next week, according to DHS.
During her three years in office, Ann Barron-DiCamillo, head of the U.S. Computer Emergency Readiness Team, has been a mainstay on Capitol Hill and on the industry conference circuit, breaking down DHS' role in handling data breaches.
U.S. CERT lead a governmentwide probe last spring and summer into the theft of records on 21.5 million security personnel and their families at the Office of Personnel Management.
Homeland Security has yet to name a replacement for Barron-DiCamillo. Her last day in office is Feb. 26, DHS spokesman S.Y. Lee told Nextgov. Homeland Security officials declined to discuss the reasons for her leaving or when she announced her intention to resign.
Barron-DiCamillo's division is the operational unit of DHS’ National Cybersecurity and Communications Integration Center, or NCCIC (pronounced N-Kick).
The departure comes at a turning point for the NCCIC. Last December, Congress mandated DHS activate a system to provide the government and private sector a real-time heads up on cyber dangers. On Tuesday, the department issued instructions to industry and privacy guidelines to all for sharing threat indicators, like the subject line of a phishing email, or the IP address of the computer from which it originated.
Last August, DHS appointed two heads to fill a lengthy leadership void at the NCCIC.
Andy Ozment, who also serves as assistant secretary of the Office of Cybersecurity and Communications, assumed overall responsibility of the office, while John Felker, then an HP cyber executive, now manages daily operations.
Barron-DiCamillo consistently has stressed her personal responsibility to keep confidential the public and private sector investigations that U.S. CERT supports.
Testifying at a House hearing last June, she said, "Like many Americans, I too am a victim of these incidents … Although I am appearing today ready to provide information to this committee, I do so with some concern" about losing the trust of victims who open up to U.S. CERT.
Her organization relies on voluntary cooperation from agencies and firms who believe they might have been hacked.
"I worry that U.S. CERT appearing before this committee will have a chilling effect on their willingness to notify us," Barron-DiCamillo said. "We especially need private companies to continue to work with government and to share information about cyberthreats and incidents so that through greater shared awareness we can all be more secure from those who to seek to do us harm."
The cyber guardian has also said information security all comes down to taking a moment to pause at the keyboard.
"You click on a link of an email and all of those security mechanisms all of that defense-in-depth just goes out the window,” Barron-DiCamillo said last April at a Defensive Cyberspace Operations and Intelligence summit in Washington. Federal agency staff, in particular, must realize "how quickly you can be patient zero if you don’t think.”
FCW first reported Barron-DiCamillo's resignation.