Government , Industry Specific

Top US Cyber Defense Official Eric Goldstein to Step Down

Eric Goldstein Stepping Down in June After 3 Years at US Cyber Defense Agency
Top US Cyber Defense Official Eric Goldstein to Step Down
Eric Goldstein, executive assistant director, CISA, testifying during a House hearing in September 2022. (Image: U.S. House of Representatives)

Eric Goldstein, one of the top officials for the U.S. cyber defense agency, is leaving his post after serving for more than three years in the federal government.

See Also: OnDemand | Agency Armor: Cybersecurity Compliance Essentials for Resource-Constrained Teams

Goldstein, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, joined the Biden administration in 2021. He previously served as the head of cybersecurity policy for Goldman Sachs.

Goldstein is planning to return to the private sector after stepping down on an unspecified date in June, a CISA spokesperson told Information Security Media Group. CISA Director Jen Easterly said in a statement that under Goldstein's direction the agency "pioneered new models of operational collaboration" and "reshaped our ability to detect and address cyber risks."

"He has helped catalyze a shift across the agency to data-driven risk reduction and built an inclusive team," Easterly said, adding that Goldstein enabled CISA and its partners "to confront the serious cyber threats facing our country."

Goldstein's departure comes amid a series of federal cyber staffing shake-ups: Federal Chief Information Security Officer Chris DeRusha announced Tuesday that he is stepping down from that position and from his other role as deputy national cyber director. Mike Duffy, associate director for capacity building in CISA's cyber division, will take over DeRusha's post as federal CISO.

CISA has not specified who will replace Goldstein, who spearheaded the agency's first-ever cyber strategic plan, issued in 2023. Goldstein previously served as a senior adviser and branch chief of the National Protection and Programs Directorate - the agency that eventually formed CISA.

Goldstein told ISMG in 2023 that he envisioned building public-private collaboration around protecting the nation's critical infrastructure against cyberthreats (see: CISA: Protecting Critical Infrastructure Is a Shared Mission).

"If you're a provider of a technology, good or product, you need to make sure that product is secure by design and by default and that it is safe and trusted for the purpose for which it's applied," Goldstein said at the time. "And if you're the government, we need to provide information, guidance services and support to help those entities that we call target-rich, resource-poor raise their level of cybersecurity."

"If we all don't do our part, the system breaks down and our adversaries exploit those gaps," he added.

About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.