DoD's Robert Carey Leaving GovernmentLongtime Leader of Federal CIO Council's IT Security Committee
The federal government is losing an IT leader who put an employee-friendly face on information security.
Robert Carey, the longtime head of the federal Chief Information Officers Council's information security and identity management committee, is retiring from the federal service effective March 28.
Principal Deputy CIO at the Department of Defense since October 2010, Carey previously served as the Navy's CIO for nearly four years. He interrupted his tenure as Navy CIO to serve in Iraq in 2006 and 2007 as a captain in the Navy Reserve.
"I'm taking some time off, then on to national security things from another perspective," Carey said in an e-mail message. He didn't explain what "national security things" he would do.
Insuring PII's Integrity
He was a strong advocate of privacy and the safe use of personally identifiable information. "While we need to use PII on a daily basis, we also need to ensure its security and integrity to protect our personnel," he said. "What this boils down to is a change in our culture that emphasizes the vital importance of PII. Because of the threat identity theft presents, it is as important as classified information and it must be treated that way. Accountability is key at all levels of the workforce to include leaders and managers."
While embracing moves to employ big data to help monitor the activities of government and military personnel and contractors with security clearances, Carey was sensitive to those individuals under greater scrutiny by the government (see Protecting Against the Insider Threat).
"We have more positive knowledge about our workforce for what it's doing and not doing than we did in the past," he said. "That's good, but to the nominal national security workforce member, it's a little bit of a change. This makes people uncomfortable for a while until such time as it becomes standard.
"We trust them implicitly but we need to mitigate what they could do. It isn't anything against them. It's about just making sure that the information stays on the proper side of the firewall."