The Department of Veterans Affairs (VA) has named Lynette Sherrill as the agency’s permanent chief information security officer (CISO) and deputy assistant secretary for information security, according to VA CIO Kurt DelBene.
Sherrill served as acting CISO at VA since February, following the retirement of Paul Cunningham.
“I am proud to announce that Lynette Sherrill is named the deputy assistant secretary for information security and chief information security officer (CISO) for VA effective August 28,” DelBene said in a statement to MeriTalk. “As CISO, Ms. Sherrill will lead cybersecurity programs and risk management activities to protect veterans and ensure secure and reliable operation of VA information systems.”
“In her seven months as acting CISO, Ms. Sherrill has already led high-profile efforts, including the development of VA’s new Zero Trust First Cybersecurity Strategy – the heart of OIT’s approach to security excellence,” he added. “Additionally, she is driving efforts to implement continuous evaluation of systems and metrics, allowing OIT to respond to cyber threats in real time. As she begins her role as the permanent CISO, I’m confident she will continue to lead with vision and passion in service of our nation’s veterans.”
As CISO, Sherrill will oversee how the VA is addressing the recommendations from its fiscal year 2021 Federal Information Security Modernization Act (FISMA) audit.
During a House Committee on Veterans’ Affairs Subcommittee on Technology Modernization hearing in June, Sherrill said the agency was conducting a “deep dive” into the recommendations and noted the VA wants to “move these remediations forward on the most critical systems.”