Federal CISOs to Watch: The Leaders Securing America’s Government Agencies

Federal government cybersecurity operates under a set of constraints and obligations that no private sector security program fully replicates. FISMA compliance, agency-specific regulatory frameworks, congressional oversight, inspector general scrutiny, and the particular challenge of protecting systems that serve the American public create a security environment shaped by accountability at every level. The federal CISOs in this feature are protecting tax administration systems, transportation infrastructure, retirement funds for federal employees, housing finance oversight, homeland security operations, postal service oversight, and the nation’s foreign intelligence mission. Their backgrounds span military service, defense contracting, the intelligence community, and decades of federal IT leadership, and their programs reflect what it means to secure institutions that the country depends on.

Hanan AbuLebdeh — Chief Information Security Officer, US Department of Homeland Security

Hanan AbuLebdeh became CISO of the US Department of Homeland Security in December 2024, having simultaneously served as CISO of the Administration for Children and Families within HHS since May 2024. Before her CISO roles, she spent nearly six years at the US Department of Education as information system security branch chief, following nearly five years as infosec manager at the same agency, and before that served as a cybersecurity consultant supporting Federal Student Aid through Endeavor Systems. Her career at the Department of Education spans more than a decade of federal information security work covering FISMA compliance, NIST SP 800-53, vulnerability management, and security authorization across major federal student aid systems. She holds CISSP and CISM certifications. That federal civilian agency security foundation, built from hands-on FISMA compliance work upward through branch chief and CISO roles, informs how she now approaches the security governance mandate at one of the largest and most complex civilian departments in the federal government.

Damian Taylor — Chief Information Security Officer, USPS Office of Inspector General

Damian Taylor has served as CISO at the USPS Office of Inspector General since October 2022, bringing a career that spans twenty-two years as a United States Navy information professional, defense and intelligence community security leadership, and private sector CISO experience. His Navy career included tours as communications officer, information technology project manager, and assistant chief engineer, as well as a year-long cyber federal executive fellowship at the Potomac Institute for Policy Studies focused on emerging cyber technology risk assessment. After retiring from the Navy, he served as CISO at Joint Special Operations Command at Fort Bragg, followed by nearly four years as CISO at Landry’s, the Houston-based hospitality and gaming company. His background covers computer network defense, certification and accreditation, COMSEC, and the full range of operational security disciplines developed across naval service and special operations environments. That combination of military cyber operations, private sector CISO experience, and now federal OIG security leadership reflects a career built across every sector of the security landscape.

Van Patrick Bevill — Chief Information Security Officer, Federal Retirement Thrift Investment Board

Van Patrick Bevill has served as CISO at the Federal Retirement Thrift Investment Board since May 2018, overseeing security for the agency that administers the Thrift Savings Plan, one of the largest defined contribution retirement plans in the world, serving more than six million federal employees and members of the uniformed services. Before FRTIB, he spent nearly four years as CISO at the National Labor Relations Board and two and a half years as an IT specialist in information security at the Bureau of Engraving and Printing. His earlier career spans VP of technical operations at Untangle, VP and CTO at Advanced Data Exchange, director of operations practice at Customer Value Partners, VP of technology at eTelecare Global Solutions, and director of IT for Europe at eToys. That private sector technology and operations leadership background, applied across successive federal CISO roles at three agencies, reflects a leader whose cross-sector experience informs how he approaches the regulatory and operational demands of federal retirement security governance.

Jeff Harris — Chief Information Security Officer, Federal Housing Finance Agency

Jeff Harris joined the Federal Housing Finance Agency as CISO in August 2024, bringing a career built across the intelligence community, the US Navy, the Department of Homeland Security, and the US Small Business Administration. He served as US Intelligence Community CISO and acting IC CIO at the Department of the Navy, directed defensive cyber operations and led the ONI Cyber Incident Response Center at the Office of Naval Intelligence, and served as deputy director of IT applications at DHS Science and Technology. At the SBA, he spent six years as director of cybersecurity operations, including a seven-month stretch as acting CISO. His earlier career includes senior security architect roles at Camber Corporation and senior staff architecture and integration work at General Dynamics, and he began his career as a network switching systems operator in the United States Army. That progression from Army network operator through defense contractor, intelligence community CISO, and multiple civilian agency security leadership roles gives him one of the more varied federal security backgrounds in this feature.

Houman Rasouli — Chief Information Security Officer, Internal Revenue Service

Houman Rasouli became CISO of the Internal Revenue Service in June 2025, having served previously as deputy associate CIO overseeing a 1,200-person organization with a $600 million-plus annual budget and directing enterprise systems testing across approximately 300 tax system applications for a 550-person team with a $150 million-plus budget. Before the IRS, he spent fourteen years at the US Nuclear Regulatory Commission across branch chief, deputy assistant for operations, and director of resource management and administration roles, and served as a White House Leadership Fellow at the Office of Management and Budget, leading the federal government’s 2020 Presidential Transition activities across more than 200 agencies. He also led a 5-to-1 data center consolidation and major infrastructure modernizations earlier in his career at Hughes Network Systems and Telnet. His background in enterprise architecture, IT governance, strategic financial management, and large-scale program execution across regulated federal environments gives him a grounded operational understanding of the complex systems he now leads from a security perspective at the agency responsible for administering the US tax system.

Jennifer Link — Chief Information Security Officer, Central Intelligence Agency

Jennifer Link serves as CISO of the Central Intelligence Agency, bringing more than twenty-five years of information security architecture, risk management, and cyber resilience experience built across the Department of Defense and the Intelligence Community. Her career includes systems engineering at Northrop Grumman, information systems analysis in the United States Navy, and progressive senior executive service roles within the federal government spanning systems engineering, senior executive leadership, and ultimately the CISO seat at one of the nation’s most sensitive agencies. She has led multi-agency cybersecurity efforts, navigated complex national security regulatory environments, and provided executive guidance on national security risks and threat mitigation at the highest levels of the US government. Her contributions have been recognized with the US Navy’s Meritorious Civilian Service Award, the George H.W. Bush Intelligence Award, the President’s Rank Award, and the NRO Director’s Award. She holds a CISSP and ISSEP certification, a BA in information security from George Mason University, and an MA in national security and strategic studies from the Naval War College.

Laks Prabhala — Chief Information Security Officer, US Department of Transportation

Laks Prabhala joined the US Department of Transportation as CISO in September 2025, bringing a background that spans federal security leadership, consulting, and private sector technology roles. Before DOT, he served as CISO at Alpha Omega Integration, a federal IT services firm, and as cybersecurity and zero trust CISO advisory services lead at Accenture Federal Services. Before his consulting roles, he spent seven years as director and CISO of the IT Security Division at the Department of Justice’s Office of Justice Programs, overseeing security operations, information assurance, threat management, privacy, FedRAMP, and cloud security. His earlier career includes senior architecture and development roles at SENA Systems, NASD, Verisign, T. Rowe Price, and Raytheon, giving him a private sector technical foundation that spans financial services, telecommunications, and defense before his federal security career. At DOT, he leads security governance for an agency whose systems underpin aviation, rail, highway, maritime, and pipeline safety infrastructure across the United States.

Federal Security Leadership Carries a Different Kind of Weight

Private sector security leaders answer to boards, shareholders, and regulators. Federal CISOs answer to all of those stakeholders and to the American public directly. The systems being protected in this feature administer the nation’s tax collections, oversee the housing finance system, manage retirement savings for millions of federal workers, secure foreign intelligence operations, and keep the transportation infrastructure that connects the country running safely. That accountability, to citizens rather than customers, shapes how federal security programs are built, governed, and sustained across administrations, budget cycles, and the constant evolution of the threat landscape.