Shelly Hartsook

Acting Associate Director for Cybersecurity Division, Cybersecurity and Infrastructure Security Agency
Department of Homeland Security

---

Shelly Hartsook is an Acting Associate Director within the Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division. She leads CISA’s efforts to build the capacity of its customers in addressing our nation’s most pressing cybersecurity challenges through the delivery of externally-facing cybersecurity services, including the capabilities under the Continuous Diagnostics and Mitigation (CDM) Program, and enabling support, including cybersecurity training, guidance, and resources. She also leads CISA’s oversight and engagement with federal agencies under the Federal Information Security Modernization Act (FISMA).

Ms. Hartsook joined CISA in October 2020 after spending more than fifteen years in the private sector as a leader in cybersecurity transformation for the Federal Government, where she was instrumental in shaping and advancing core practices related to Identity, Credential, and Access Management (ICAM) and adoption of multi-factor authentication. She specializes in defining and implementing new policies, strategies, architectures, and services in response to emerging cyber needs. At CISA, she led efforts to define a long-term strategic recovery roadmap in the wake of the SolarWinds incidents, which helped spearhead the future direction of CISA’s cybersecurity strategy. Ms. Hartsook has also helped drive several initiatives tied to Executive Order 14028 – “Improving the Nation’s Cybersecurity,” including implementation of Endpoint Detection and Response capabilities, advancing adoption of Zero Trust Architecture principles, improving logging, and the development of the Federal Enterprise Improvement Team.