Mr. Donald Heckman is the Acting Deputy CIO for Cybersecurity. Mr. Heckman is responsible for ensuring the department has a well-defined and well-executed $8 billion cybersecurity program. He is responsible for coordinating cybersecurity standards, policies and procedures with other federal agencies, coalition partners and industry.
Mr. Heckman began his career at NSA in 1983. He has served in a variety of technical and management positions over his career, including project engineer, program manager and manager up to Deputy Directorate level. He has also led several DoD-wide IA programs and initiatives. He is a key leader who has a deep technical knowledge of all aspects of the Information Assurance (IA) mission and has attained the Master level in the NSA Engineering and Physical Science Technical Track program and he is a Certified Information Systems Security Professional (CISSP) by the International Information Systems Security Certification Consortium (ISC)2. He has received numerous awards from the Defense, and Intelligence communities in recognition of his vision, leadership, and accomplishments including the Meritorious Presidential Rank Award in 2017. He was appointed to the Senior Executive Service in October 2005.
Prior to Mr. Heckman’s current assignment he served as the Deputy Chief to the Cybersecurity Solutions (CSS) Group. He led the organization in developing capabilities that span a large variety of technology areas, to include cloud & enterprise services, merged voice and data, mobile, high speed networks, cross domain and authentication to support a spectrum of national security customer environments ranging from key management infrastructures, strategic and tactical high speed network communications, to military weapon systems and architectures. Additionally he was selected to be the Assistant Deputy Director of Trusted Engineering Solutions (TES) within the Information Assurance Directorate (IAD) and Chief of the IAD’s Architecture Group. He has held key NSA leadership positions supporting Information Assurance, Systems Security Engineering and Key Management missions. Additionally, he served as the NSA/CSS Representative (NCR) to DISA/Deputy NCR STRATCOM for JTF-GNO. He also led the establishment of the DoD’s Cryptographic Modernization and Global Information Grid Information Assurance Portfolio (GIAP) offices.
Mr. Heckman graduated from Johns Hopkins University with a Master of Science degree in Electrical Engineering and he received a Bachelor of Science degree in Electrical/Computer Engineering from Drexel University.
Mr. Heckman resides in Bel Air, MD. He enjoys reading and golfing. He and his wife Michelle are proud parents to their three children, Alysha, Emily and Zachary.
Deputy Chief Information Officer for Cyber Security – which is also the Chief Information Security Officer or CISO
for the Department of Defense – is responsible for ensuring that the Department has a well-defined and well-executed cyber security program. This organization is also responsible for coordinating cyber security standards, policies, and procedures with other federal agencies, coalition partners, and industry.
DCIO CS oversees Cybersecurity Strategy, Policy, and Workforce, including technology innovation and the Risk Management Framework, as well as Cybersecurity Implementation and Acquisition Integration, such as acquisition oversight; identity and access management, or IDAM; and lifecycle risk management, standards, and integration. It also oversees efforts to improve Defense Industrial Base cyber security.
This organization focuses on advancing cyber basics and improving cyber defenses, which are two of DoD CIO’s top priorities. DoD is getting better at cyber basics by transitioning from passwords to more secure means of granting access, ensuring the patching is up to date, and cleaning up operating systems. And DCIO CS is improving cyber defenses on its networks through means such as secure configuration, fast patching, and web-content filtering. The top objective of DCIO CS is to ensure successful mission execution in the face of cyber warfare by a capable adversary.