Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementSecurity & Business ResilienceTop Cybersecurity Leaders

Special Report

Building a safer and secure cybersecurity ecosystem

Greg Touhill, Director, CERT Division, Software Engineering Institute, Carnegie Mellon University

By Maria Henriquez
GregTouhill.jpg
March 1, 2022

Retired Brigadier General and highly-decorated combat veteran Greg Touhill is thankful for his 30 years of public service in the United States Air Force (USAF) because it provided him with the time and place to hone his leadership skills. Touhill served in several commands around the world, including U.S. Transportation, Central and Strategic Commands, and spearheaded the creation of USAF’s cyberspace operations training programs. “The military was my leadership laboratory and the crucible upon which I forged my leadership skills initially,” he says. “I can’t thank my senior non-commissioned officers who taught and trained me as a lieutenant through general enough.”

One of Touhill’s stand-out accomplishments is leading the team that created RIPRnet (Radio-over-Internet Protocol Routed Network). Developed to help better support troops driving convoys in Iraq, RIPRnet is a U.S. military network that allows system controllers and deployed personnel to connect radios in remote locations to local dispatch consoles exchanging radio voice data over an IP-routed network.

“It was a transformational, lifesaving radio network that gave every soldier, sailor, airman and marine the ability to communicate on any radio, secure or unsecure, anywhere in Iraq so they could call for help when under attack,” he explains. For this effort, Touhill and his team won the 2006 Air Force Science and Engineering Award for Engineering Achievement, and he was awarded the Bronze Star medal. Later, during a assignment in Kuwait, Touhill and his wife received a briefing from a young private in the Army who talked about all the lives RIPRnet had saved. While the private was unaware of who Touhill was, he says, “Being away from my wife and children for 13 months was all worth it because she got to hear firsthand about why our work is so valuable and why it matters.”

While he’s already had a distinguished career, Touhill believes he is at the pinnacle of his career now, serving as Director of the CERT Division at Carnegie Mellon University’s (CMU) Software Engineering Institute (SEI). “CERT is made up of absolutely brilliant individuals, all who are very clued in and queued into the practical aspects of cybersecurity — not just technology,” he says.

Leading a group of researchers, software engineers, security analysts and digital intelligence specialists, Touhill and his team work to research security vulnerabilities in software products, as well as contribute to long-term changes in network systems, and develop cutting-edge information and training to improve cybersecurity.

For nearly 30 years, the CERT Division of the SEI has collaborated with government, industry, law enforcement and academia to improve not only cybersecurity, but also the security and resilience of critical computer systems and networks. Initially, CERT focused on incident response. Now, working closely with the Departments of Defense and Homeland Security, the research organization is dedicated to all areas of cybersecurity, including insider threats, digital investigations and intelligence, vulnerability discovery and analysis, risk management, cyber workforce development, forensics, network situational awareness, malicious code analysis and more.

When first founded, the CERT Division was tasked with identifying and stopping the scope of the 1988 Morris worm — often referred to as the “Great Worm” due to the devastating effect it had on the internet at the time. “Thanks to this collaborative effort, the Morris worm was able to be stopped. Then, the greater cybersecurity community was founded. Since then, we’ve learned that it’s much more than just emergency response. We need to have a more disciplined and proactive approach to cybersecurity.”

Since his arrival at CERT, Touhill has been focused on rebranding and pivoting to a new strategy toward cybersecurity engineering, risk and resilience. “Taking us from the reactive computer emergency response to a more proactive cybersecurity, engineering and resilience team is important because we have to ensure we’re doing cyber for engineering, and engineering for cyber. Thus, we are focused on building resiliency and security in to software, hardware, and the interconnected nature of our cyber ecosystem. Whether it’s information technology, operational technology, industrial control systems or the Internet of Things, we’re broadening our aperture to include all of that so that we can build a safer and secure cyber ecosystem.”

While he helps CERT rebrand and pivot, Touhill has leveraged his experience and leadership skills to set his team’s vision, priorities and tempo. “It has been said by many that ‘You can’t boil the ocean’ and be successful. As a leader, you need to make sure to not only set the purpose and priorities, but also to set the conditions for success. Great leaders prioritize what needs to be accomplished. Then, let people amaze you with their creativity.”

At this stage of his career, Touhill says he’s focused on better elevating cybersecurity, advancing the workforce, and ensuring the cyber ecosystem is moving toward a more digital trust-focused environment. One of the many ways he’s helping achieve those goals is by serving as the Chair of the ISACA Board of Directors, the Washington Executive Cyber Council, the Billington Cybersecurity Advisory Board and as a Member of the AFCEA Cyber Committee, the Faculty at the Carnegie Mellon University’s Heinz College and Deakin University’s Centre for Cyber Security Research and Innovation.

At these organizations, Touhill develops, lectures and guides several CISO, Chief Information Officer, and Health Care Informatics certification programs. In addition, he advances strategy development, planning, governance, risk assessment and mitigation, and best practices; oversees outreach and ensures open lines of communication between government and industry; advises government leaders on technology; and identifies cyber best practices to better ensure national security and prosperity.

Touhill also gives back to the industry by sharing his wisdom and knowledge with the next generation, serving as a mentor to five Texas-based AFCEA cyber professionals and as a mentor and coach to a recent Penn State graduate, all of whom are launching their careers in the cybersecurity career field.

As a member of the Military Cyber Professional Association Board of Advisors, Touhill also mentors active-duty and former military members and those transitioning from the military to positions in the private sector. He says, “Cybersecurity is not just about technology. It’s about people, processes and technology. If we focus on better understanding how we can develop the leaders of tomorrow, we can build an even safer and more secure cyber ecosystem.”

 

KEYWORDS: business continuity Chief Information Security Officer (CISO) cyber security diversity in security risk management security operations

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • security awareness freepik

    Building a culture of cybersecurity: 3 key takeaways from the 2021 SANS report

    See More
  • SEC0819-5G-Feat-slide_900px

    Building a secure bridge for point-to-point connectivity

    See More
  • Shea feature

    Making a difference in cybersecurity and intelligence

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing