The Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of two leading cybersecurity experts to support the agency’s COVID-19 response efforts. Josh Corman is joining CISA as a Visiting Researcher, and Rob Arnold will join CISA’s National Risk Management Center as a Senior Cybersecurity and Risk Management Advisor.  Corman and Arnold were both hired using authorities granted under the CARES Act, which allows agencies to hire staff to temporarily support the COVID-19 response.

“The COVID-19 pandemic has resulted in noticeable shifts in cyber risk calculations for organizations of all sizes,” said CISA Director Christopher Krebs. “The hardware, software, and services that underpin our connected infrastructure have absolutely been tested and stressed in this telework-heavy environment.  At the same time, certain organizations and sectors of our economy have become more attractive targets for adversaries.”

“This changing threat landscape demands an ‘all-hands-on-deck’ approach and for us to bring the best and brightest minds to the front lines, and the authority granted to us by the CARES Act makes it possible to quickly recruit and add top experts to our team,” added Director Krebs.  “Josh and Rob are two examples of the type of innovative leaders that will help us build up our technical capabilities while at the same time improve our engagement with our industry and security researcher community partners during this critical time.”

Josh Corman has an extensive private sector and nonprofit background in IT security and public policy.  Corman recently served as the Chief Security Officer at PTC and the Director for the Cyber Statecraft Initiative at the Atlantic Council’s Brent Scowcroft Center for Strategy and Security.  He is also the co-founder of IAmTheCavalry.org, a non-profit collection of volunteers dedicated to improving cybersecurity in areas that can save lives.  Corman was also a member of the Congressional Health Care Industry Cybersecurity Task Force, which developed a report on the state of cybersecurity in the healthcare industry.  In his new role, he will advise on CISA’s integrated industry engagement efforts supporting the COVID response, provide cybersecurity expertise on healthcare infrastructure, and support CISA’s control systems and life safety initiatives.

Rob Arnold most recently served as the founder and CEO of Threat Sketch, a strategic cyber risk management firm that helps small organizations manage cybersecurity at the executive level.  He has a wealth of experience in advising businesses and organizations in implementing cyber risk management practices. In addition to co-founding the North Carolina Center for Cybersecurity and authoring a book that explains cyber risk management to business executives, Arnold serves on multiple academic advisory boards for cybersecurity degree seeking programs. At CISA, he will focus on helping the agency better understand shifts in cyber risk from COVID-related factors and how the critical infrastructure community can best fortify its defenses in response.

"CISA will continue to utilize its flexible hiring authority under the CARES Act to strengthen its cybersecurity workforce in the face of the COVID-19 pandemic," says CISA.

 More information on career opportunities at CISA is available at CISA.gov/careers.