HHS’ Office of Inspector General focusing on endpoint protection, application layer

The In Focus mini-series examines more closely issues and topics of importance to federal agencies and contractors. Each month, Federal News Radio Custom Media Director Jason Fornicola speaks with key stakeholders to better understand challenges and opportunities. This month focuses on Federal Network Visibility and Analytics.

“We really focus on that endpoint protection,” Steven Hernandez, CISO, acting CTO and director of information assurance for the Office of Inspector General at HHS said on Federal News Radio’s In Focus. “Not only, at some point, that endpoint probably had to handle keys or certificates to do that job, to get that encryption in place – that’s very helpful for us – but also for anything that we run, that’s where we want the encryption to really take place. Because I guarantee you at some point that magical network encryption box you have is going to fail, or a network engineer is going to make a mistake and going to route around it, or your cloud provider is going to make a mistake and all of a sudden your information is in the public network. And so, as a custodian of the data, at that application layer, sometimes at that session layer, that’s where we really focus our efforts.”


Jason FornicolaJason Fornicola, Director of Custom Media, Federal News Radio

Jason Fornicola joined WTOP and Federal News Radio in February of 2014 as the Director of Custom Media, where he manages the stations’ sponsored and custom content initiatives. Fornicola provides clients with access to high-quality content consistent with the stations’ standard of excellence and works to solve clients’ needs through a multi-platform approach which includes on-air, digital, video and social media. His journalism and social media experience support the stations’ efforts to ensure the client message is conveyed in a way that will achieve their marketing campaign objectives.


Steven HernandezSteven Hernandez, Chief Information Security Officer, Acting Chief Technology Officer and Director of Information Assurance, Office of the Inspector General, U.S. Department of Health and Human Services

Steven Hernandez, MBA, CISSP, CSSLP, SSCP, CAP, CISA, HCISPP is the Chief Information Security Officer, Acting Chief Technology Officer and the Director of Information Assurance for the Office of Inspector General at the US Department of Health and Human Services. Hernandez has over eighteen years of information assurance experience in a variety of fields including international heavy manufacturing, large finance organizations, educational institutions, and Government agencies. Prior to Joining the HHS Inspector General’s office, he held senior information assurance positions at the US Department of Education, the United States Department of Agriculture, and at a National Security Administration Center of Academic Excellence Research Institution. Steven is affiliate faculty at the National Information Assurance Training and Education Center located at Idaho State University and an Honorary Professor at California State University San Bernardino. He lectures and presents on numerous information assurance topics including risk management, information security investment, and the implications of privacy decisions to a broad spectrum of government, industry, graduate and post-graduate audiences. Steven is a member of (ISC)2’s Board of Directors and also volunteers service to (ISC)2’s  Government Advisory Board and Executive Writers Bureau. He is the lead author and editor of the Official (ISC)2 Guide to the CISSP CBK, Third Edition in addition to authoring four other major information assurance publications.