USCIS's cyber culture was transformed by Barney, prioritizing user needs
In a significant move for cybersecurity, Shane Barney, former Chief Information Security Officer (CISO) at the U.S. Citizenship and Immigration Service (USCIS), implemented zero trust capabilities during his tenure. This shift received wide support from program leaders, emphasising collaborative leadership endorsement.
One of the key challenges Barney faced was managing the massive scale of daily security log data, which could reach up to 20 Terabytes. This volume required robust infrastructure to collect, analyse, and respond to security events, integral to zero trust operations that depend on continuous verification.
To address this challenge, Barney likely leveraged automation. Automated log ingestion, analysis, and response would be necessary to process the vast amounts of security events and enforce dynamic trust decisions effectively. This automation likely enabled continuous monitoring and validation of user and device behaviour, rapid detection of anomalies, and automatic enforcement of access policies in real time.
The funding for these zero trust capabilities was tens of millions of dollars, with the majority of the budget aimed at fixing networking and data issues. The USCIS directorate heads allocated all the money Barney asked for without him even being present or defending it.
Barney's success was evident when the agency program offices fully funded his request for zero trust capabilities. He knew he had successfully changed the culture at USCIS when this milestone was achieved.
The goal was to get the network under control and bring data under a zero trust umbrella through meta tags and a central dictionary. However, proper network segmentation and transactional monitoring remain key challenges in USCIS's zero trust progress.
USCIS interacts with 16-17 million people around the world, making data control a significant challenge. Despite these challenges, Barney's approach prioritised understanding which risks are more significant for the organisation, focusing on aligning cybersecurity with end user goals to prevent the introduction of unaware risks.
After almost seven years at USCIS, Barney left in May 2021. Today, he serves as the CISO for Keeper Security, where he continues to drive innovation in the field of cybersecurity.
References:
[1] https://www.fedscoop.com/uscis-cio-shane-barney-talks-zero-trust-and-the-future-of-cybersecurity/ [2] https://www.fedscoop.com/uscis-cio-shane-barney-takes-on-zero-trust-security-challenge/ [3] https://www.nextgov.com/ideas/2021/04/how-uscis-is-taking-zero-trust-cybersecurity-next-level/170699/ [4] https://www.nextgov.com/ideas/2021/04/how-uscis-is-taking-zero-trust-cybersecurity-next-level/170699/ [5] https://www.fedscoop.com/uscis-cio-shane-barney-takes-on-zero-trust-security-challenge/
- The federal workforce at USCIS was reimagined under the leadership of Shane Barney as he implemented zero trust capabilities, focusing on automation, data-and-cloud-computing, and technology to tackle large-scale security log data and enforce dynamic trust decisions.
- In his new role at Keeper Security, Barney continues to drive change in the workforce reimagined by cybersecurity, prioritizing cybersecurity and end user goals while facing challenges such as data control and network segmentation.
