Deputy Chief Information Security Officer, HHS

Leo Scanlon is the Deputy Chief Information Security Officer for the Department of Health and Human Services. He serves as chairman of the HHS Cyber Security Working Group, which coordinates cybersecurity collaboration between HHS Operating Divisions and their partners in the private sector. He is the executive sponsor of the HHS Healthcare Cybersecurity Communications and Integration Center (HCCIC). The HCCIC supports cyber threat and indicator sharing across HHS Operating Divisions, DoD and civilian agency partners, and healthcare cybersecurity stakeholders in the intelligence and law enforcement communities, and the National Health Information Sharing and Analysis Center (NHISAC).

Leo has worked at the interagency level as a co-chair of the Identity Credential and Access Management subcommittee of the Information Security and Identify Management Committee (ISIMC), and as a tri-chair of the ISIMC. He is co-chair of the Government Advisory Council of the International Information System Security Certification Consortium (ISC2), and government chair of the ACT-IACT Cybersecurity Community of Interest.

Prior to joining HHS, Leo served as the CISO for the National Archives and Records Administration (NARA) from 2005 to 2015. While at NARA, he put in place and matured the agency IT Security Program and the Insider Threat program. He came to federal service from the private sector where he developed cybersecurity programs as a federal contractor and in the telecommunications industry