DCIO Cyber security

DCIO CS focuses on defending DoD missions against cyber attack


Photograph of Thomas Michelli         Mr. Thomas P. Michelli is the Acting Deputy CIO for Cybersecurity.   He is responsible for overseeing the Department of Defense's cybersecurity program to include relevant cybersecurity standards, policies and procedures partnering across the government and industry. Mr. Michelli joined government service in 2006 after spending time in the private sector. In the federal sector, he served as the Chief, Information Operations Division for the Defense Threat Reduction Agency (DTRA). He subsequently jointed the Defense Logistics Agency (DLA) in several senior leadership roles, including serving as the DLA’s first Director of Intelligence. He ultimately was appointed to the Senior Executive Service in 2010 and was the DLA’s Executive Director of Enterprise Solutions, J64. Following DLA, he was the CIO for U.S. Immigration and Customs Enforcement (ICE), Department of Homeland Security (DHS) in Washington, D.C.

Photograph of Mr. Donald Heckman         Mr. Donald Heckman is the Principal Director, Deputy CIO for Cybersecurity.   He is responsible for ensuring the department has a well-defined and well-executed cybersecurity program. He also responsible for coordinating cybersecurity standards, policies and procedures with other federal agencies, coalition partners and industry. He began his career at NSA in 1983 and served in a variety of technical and management positions over his career, including project engineer, program manager and manager up to Deputy Directorate level. He has also led several DoD-wide IA programs and initiatives. He is a key leader who has a deep technical knowledge of all aspects of the Information Assurance (IA) mission and has attained the Master level in the NSA Engineering and Physical Science Technical Track program and he is a Certified Information Systems Security Professional (CISSP) by the International Information Systems Security Certification Consortium (ISC)2.


DoD Seal    

Deputy Chief Information Officer for Cyber Security – which is also the Chief Information Security Officer or CISO

for the Department of Defense – is responsible for ensuring that the Department has a well-defined and well-executed cyber security program. This organization is also responsible for coordinating cyber security standards, policies, and procedures with other federal agencies, coalition partners, and industry.

DCIO CS oversees Cybersecurity Strategy, Policy, and Workforce, including technology innovation and the Risk Management Framework, as well as Cybersecurity Implementation and Acquisition Integration, such as acquisition oversight; identity and access management, or IDAM; and lifecycle risk management, standards, and integration. It also oversees efforts to improve Defense Industrial Base cyber security.

This organization focuses on advancing cyber basics and improving cyber defenses, which are two of DoD CIO’s top priorities. DoD is getting better at cyber basics by transitioning from passwords to more secure means of granting access, ensuring the patching is up to date, and cleaning up operating systems. And DCIO CS is improving cyber defenses on its networks through means such as secure configuration, fast patching, and web-content filtering. The top objective of DCIO CS is to ensure successful mission execution in the face of cyber warfare by a capable adversary.