Top 5 influential IT security thinkers

Share this article:
Top 5 influential IT security thinkers
Top 5 influential IT security thinkers

SC's 2011 influential IT security thinkers

• Sameer Bhalotra, White House deputy cybersecurity coordinator
• Eric Cowperthwaite,
chief information security officer, Providence Health & Services
• Suzanna Schmeelk,
teacher, University of Maryland
• John Streufert,
chief information security officer, U.S. Department of State
• Peiter "Mudge" Zatko,
program manager at the Defense Advanced Research Projects Agency (DARPA)

Social networking, hacktivism, advanced persistent threats, cyberespionage, mobile malware, the entry of portable, handheld devices (smartphones, tablets) into the enterprise environment...these are just a few of the most prominent challenges security professionals must contend with each day. This year-end special section focuses on people who represent the highest degree of professionalism in the security space, individuals who stand out for their technical skills, managerial prowess, insight and advocacy. As well, interspersed are some of the highlights in the year's strongest trends, including top breaches and threats, merger and acquisition activity and legal developments, as well as some of the nuttiest news stories in the cybersecurity world.



Sameer Bhalotra
Age: 35
Occupation: White House deputy cybersecurity coordinator
Personal: Married, two children
College: B.S., chemistry and physics, Harvard University; Ph.D., physics, Stanford University
Recent accomplishments: executive branch development of cybersecurity legislation proposal, National Strategy for Trusted Identities in Cyberspace, and cybersecurity management reform

The three weeks from the end of April to the middle of May was a memorable time for Sameer Bhalotra, the White House's deputy cybersecurity coordinator. Bhalotra, along with his boss, White House Cyber Coordinator Howard Schmidt, oversaw the release of not one, but three major initiatives on cybersecurity. For Bhalotra, who signed on in July 2010, this was the outcome of long days facilitating lengthy meetings with two dozen executive agencies.
Along with Schmidt, Bhalotra is the architect of the administration's cybersecurity legislative proposal, released on May 12. But there was more. Four days later came the first International Strategy for Cyberspace. Previously, on April 26, his office released its National Strategy for Trusted Identities in Cyberspace (NSTIC), which seeks to establish clear privacy rules and greater security within a proposed identity ecosystem.

Accolades abounded for the 35-year-old Bhalotra, whose meteoric rise has taken him from a doctorate in physics at Stanford into the intelligence community, the Senate and his current post.

He achieved what no one in the Department of Homeland Security or the White House was able to do before by bringing the players together and getting them to work harmoniously, Alan Paller, research director for the SANS Institute, says of Bhalotra's work on the legislative blueprint.

Bhalotra was sought for that mission. Soon after his appointment, Senate Majority Leader Harry Reid, D-Nev., asked the administration to weigh in on cybersecurity considering the 50-plus bills floating around the Hill. With this golden opportunity, Schmidt's office decided on a comprehensive approach. It was a minefield – within the executive branch, as well as between government and industry – but Bhalotra navigated it skillfully.

But, Bhalotra prefers to deflect attention from himself. “I'm proud to be yet another hard-working member of the White House staff,” he says. “This was a team effort. Our leadership in the West Wing takes cybersecurity seriously.”

“He's a little publicity shy, actually more than a little,” says Robert Rodriguez, a friend of Bhalotra's and the founder of the Security Innovation Network. “He likes to work under the radar. But he's the man behind all of it…Those were three huge accomplishments.”

On the legislative proposal, Bhalotra coordinated massive intergovernmental collaboration among such agencies as the FBI, National Security Agency and departments of Defense, Commerce, Justice and Homeland Security.
“Managing that process was a great experience,” Bhalotra says. The goal was to come up with recommendations to give Congress, of which securing America's critical infrastructure and information sharing between DHS and industry stand out. Its release “was a great and clear end to a very rigorous process,” he says.

Bhalotra's training for this process came during his nearly four years in the Senate. In 2007, he was brought onboard in a unique bipartisan role as a top staffer for the Senate Select Committee on Intelligence. He quickly seized on cybersecurity as a major issue and became an expert among Beltway staffers on the topic.

Bhalotra found few colleagues there dedicated exclusively to cybersecurity. So he began an informal group, where he gathered Senate and House staffers monthly to discuss cybersecurity and their work. These “cyber jams” allowed his peers to get briefings from officials, information on important issues and visits to security companies. What began with a half-dozen people grew to more than 30, Bhalotra says.

In the Senate, Bhalotra gained many admirers, among them committee chairs Jay Rockefeller, D-W.Va., Kit Bond, R-Mo., and Dianne Feinstein, D-Calif. His reputation led to Schmidt's call. And he brought this knowledge of how Congress works to the White House.

“He knows where the money is spent,” says Paller, who calls Bhalotra brilliant and catalytic in his influence. “He's a wonderful bridge between the two.”

From a young age, Bhalotra, who grew up in New England, worked with computers. He'd tinker with electronics in his home, taking apart computers, VCRs and telephones. His parents were “amazingly tolerant,” he says. “I was lucky I didn't burn down the house or electrocute myself.”

Bhalotra carried this passion to his undergraduate years at Harvard, where he studied physics and chemistry and even taught classes on laboratory electronics as an upperclassmen. His graduate school thesis covered optical sensing in electronics. At Stanford, where he earned a doctorate in physics, his research was funded by the secret Defense Advanced Research Projects Agency (DARPA).

Bhalotra returned east to accept a position with the CIA, where he was assigned to the director's staff. Next, he moved to the office of the director of national intelligence, where he was again involved in Cabinet-level policy discussions. His work on cybersecurity “exploded” after he moved to the Senate.

“I'm a technologist by training,” he says. “And I find cybersecurity so sophisticated, complicated in an interesting way, and important to the country.”

There's little time to rest for Bhalotra, who is already meeting with Congress on the administration's legislative proposal. In addition, he is also focused on bringing others into public service to meet cybersecurity's fresh challenges. He has mentored many young staffers on the Hill. With his distinguished résumé, Bhalotra has cut the model. He hopes others in academia and industry will follow.

“One of my personal interests is trying to bring new people into government,” he says. “We need to tap into the best minds in the country to solve these problems and move forward.”  –  Ryan Goldberg

Page 1 of 6
Share this article:

Sign up to our newsletters

More in Features

Know your friends: Partnering with the right allies

Know your friends: Partnering with the right allies

Choosing the right allies to ensure security requirements is a challenge for businesses both large and small, reports James Hale.

Bad reputation: Annual guarding against a data breach survey

Bad reputation: Annual guarding against a data breach ...

Will recent high-profile cyber attacks spur stronger security and improved risk management? The consensus from our data breach survey indicates: Yes, reports Teri Robinson.

Network Rx: Health care security

Network Rx: Health care security

With the addition of 15,000 mobile devices accessing its network, a medical center found assurance - and met compliance mandates, reports Greg Masters.