search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

  1. SEI
  2. Publications
  3. Digital Library
  4. Secure by Design, Secure by Default

Secure by Design, Secure by Default

May 2023 Podcast
Greg Touhill

Gregory J. Touhill, director of the SEI CERT Division, talks with Suzanne Miller about secure by design, secure by default, a longstanding tenet of the work of the SEI and CERT in particular.

Publisher:

Software Engineering Institute
Subjects

Listen

Watch

Abstract

Gregory J. Touhill, director of the SEI CERT Division, talks with Suzanne Miller about secure by design, secure by default, a longstanding tenet of the work of the SEI and CERT in particular. The SEI has been in the forefront of secure software development, promoting an approach where security weaknesses are addressed, prevented, or eliminated earlier in the software development lifecycle, which not only helps to ensure secure systems, but also saves time and money.

In this podcast, Touhill also discusses the CERT strategy in support of SEI sponsors in the U.S. Department of Defense (DoD), the Department of Homeland Security (DHS), and the Cybersecurity Infrastructure Security Agency (CISA) and his vision for the future of cybersecurity and the role of the CERT Division.

About the Speaker

Greg Touhill

Greg Touhill

Gregory J. Touhill is director of the SEI’s world-renowned CERT Division, where he leads a diverse group of researchers, software engineers, security analysts, and digital intelligence specialists ...

Gregory J. Touhill is director of the SEI’s world-renowned CERT Division, where he leads a diverse group of researchers, software engineers, security analysts, and digital intelligence specialists working together to research security vulnerabilities in software products, contribute to long-term changes in networked systems, and develop cutting-edge information and training to improve the practice of cybersecurity.
Touhill was appointed by former President Barack Obama to be the first chief information security officer (CISO) of the United States government. Previously, he served in the Department of Homeland Security (DHS) as deputy assistant secretary in the Office of Cybersecurity and Communications. Before joining the Software Engineering Institute, he was president of Appgate Federal, a provider of cybersecurity products and services to civilian government and defense agencies.

 

Touhill is a 30-year veteran of the U.S. Air Force where he was an operational commander at the squadron, group, and wing levels. He served as a senior leader of military cybersecurity and information technology programs, culminating as the chief information officer of the United States Transportation Command, one of the nation’s 10 combatant commands. A combat veteran, he is the recipient of numerous awards and decorations including the Bronze Star medal and the Air Force Science and Engineering Award. He retired from the Air Force with the rank of brigadier general.

 

Touhill received his bachelor’s degree in political science (minor in engineering) from the Pennsylvania State University, a master’s degree in systems management from the University of Southern California, a master’s degree in strategic studies from the Air War College, and a certificate from the Harvard Kennedy School. He maintains both the CISSP and CISM certifications. He is an adjunct faculty member of the CMU Heinz College of Information Systems and Public Policy and the Deakin University (Australia) Centre for Cybersecurity Research and Innovation. A member of many organizational boards and committees and recipient of many awards, Touhill was recognized by Security Magazine as one of its Most Influential People in Security and by Federal Computer Week in the Federal 100. He is the co-author of the books Cybersecurity for Executives: A Practical Guide and Commercialization of Innovative Technologies.

Read more