Michael Duffy

Acting Federal Chief Information Security Officer
Office of Management and Budget

---

Michael Duffy serves as the interim Federal Chief Information Security Officer, responsible for driving cybersecurity policy, planning, and implementation across the Federal Government.

Prior to joining the White House, Duffy was the Associate Director for Capacity Building within the Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division. In that role, he oversaw the management, growth, and modernization of CISA’s external cybersecurity service portfolio including the federal civilian government’s flagship cybersecurity program – the Continuous Diagnostics and Mitigation program, which provides agencies with foundational cyber capabilities and enables interactive, operational cyber defense for the Federal IT Enterprise. At CISA, Duffy transformed how CISA coordinates with interagency and critical infrastructure partners to influence, communicate, and implement government-wide priorities; built the cybersecurity directives program which established the federal government and CISA as an industry leader in cybersecurity; spearheaded strategic efforts to drive resiliency and operational visibility across the federal enterprise; established the Federal Enterprise Improvement Team to advance and unify collective cyber defense; and designed and matured the United States’ first government-wide shared cybersecurity services office which provides modern security capabilities to over one hundred agencies, dozens of critical infrastructure entities, and protects over four million assets.