Washington, D.C. remains the center of gravity for some of the most consequential cybersecurity leadership roles in the United States. Across cabinet departments, independent agencies, and congressional institutions, federal security leaders are responsible for protecting systems that support education, workforce management, transportation oversight, economic policy, and public trust. The executives in this group reflect the depth of cybersecurity leadership operating inside government today, combining policy fluency, operational experience, regulatory discipline, and enterprise-scale risk management.
Peter Hoang — CISO, U.S. Department of Education
Peter Hoang serves as Chief Information Security Officer at the U.S. Department of Education, where he leads cybersecurity for one of the federal government’s most sensitive civilian environments. His remit spans a multi-million-dollar enterprise cyber investment portfolio and the protection of more than 100 million identities tied to students and the public, alongside systems connected to over $100 billion in Title IV aid and grants and a broader education economy measured in the trillions. Hoang brings a broad background that crosses education, healthcare, defense, data analytics, consulting, and federal civilian missions, and he stands out for translating compliance-heavy security models into more risk-based, service-oriented enterprise cybersecurity programs. His work advancing the department’s FISMA maturity to record scores and his role on OMB’s CISO Council underscore both operational credibility and influence across the wider federal cybersecurity landscape.
Danielle Rowell — CISO, U.S. Office of Personnel Management
Danielle Rowell is the Chief Information Security Officer at the U.S. Office of Personnel Management, where she leads enterprise cybersecurity strategy for an organization central to the federal workforce itself. She oversees a large security portfolio and a broad set of responsibilities spanning data protection, identity and access management, compliance, and incident response across HR, financial, and benefits platforms that serve millions. Rowell’s profile is shaped by a modern executive approach that ties resilience, cloud security, zero trust, and AI-informed transformation to business outcomes rather than treating security as a standalone control function. Her emphasis on integrating cybersecurity into enterprise decision-making and building a culture of shared accountability makes her a notable example of the new generation of federal cyber leaders focused equally on protection, agility, and mission delivery.
Marquis Toson — CISO, Surface Transportation Board
Marquis Toson has served as Chief Information Security Officer at the Surface Transportation Board since 2017, bringing steady leadership shaped by experience across federal defense, law, and transportation environments. His background includes roles at the U.S. Department of Justice, the U.S. Marine Corps, Jacobs Technology, Accenture, and TSYS, giving him a blend of military, public-sector, and commercial technology experience. At the Surface Transportation Board, Toson represents the kind of long-tenured federal security leader who understands how to sustain and mature programs over time in smaller but strategically important government institutions. His career shows strong depth in information assurance, program management, and enterprise security operations, making him a credible and enduring presence in Washington’s federal cybersecurity community.
Tabitha Craig — CISO, Congressional Budget Office
Tabitha Craig serves as Chief Information Security Officer at the Congressional Budget Office, where she is building and directing a proactive security program for one of Washington’s most analytically important institutions. Her responsibilities include vulnerability management, zero trust adoption, incident response, and alignment with standards such as FISMA, NIST, GDPR, and ISO, all within an environment where integrity, confidentiality, and resilience are essential. Craig brings more than two decades of experience spanning federal service, private sector work, business development, and strategic program leadership, along with the perspective of an armed services veteran. What makes her especially notable is the combination of executive-level risk management and hands-on modernization focus, positioning her to shape security at an institution whose work informs national fiscal and legislative decision-making.
Dr. James S. Allen — Acting CISO, U.S. Commodity Futures Trading Commission
Dr. James S. Allen is the Acting Chief Information Security Officer at the U.S. Commodity Futures Trading Commission, where he stepped into the top security role after serving as Deputy CISO. His background reflects a long career across federal cybersecurity, including prior service as a Designated Approving Authority and Authorizing Official at the U.S. Department of Justice, as well as extensive military experience as a retired U.S. Navy Chief Petty Officer. Allen combines deep technical credibility with formal training in cybersecurity, public administration, and management information systems, supported by an unusually broad certification portfolio. In Washington’s federal cyber landscape, he stands out as a practitioner-leader with both governance expertise and operational depth, well suited to securing a financial regulator whose mission sits close to market stability and economic trust.
Why Federal Cybersecurity Leadership in Washington Matters
Federal cybersecurity leadership in Washington, D.C. carries an unusually broad mandate: protecting citizen data, enabling essential public services, securing regulatory institutions, and strengthening trust in government operations. The leaders in this group show how modern federal security roles increasingly require more than technical oversight alone. They demand mission awareness, interagency coordination, executive communication, and the ability to modernize institutions while managing risk at national scale. As cyber threats continue to evolve, the officials leading these programs will remain central to how the federal government protects both its own systems and the public it serves.
For more profiles of cybersecurity leaders shaping various industries, explore the CISOs to Watch tag.