Inside DHS' Classified Cyber-Coordination Headquarters

The director of the agency that protects the federal government from cyber attacks has resigned abruptly in the wake of a spate of hacks against government networks.

U.S. Computer Emergency Readiness Team (US-CERT) director Randy Vickers resigned his position Friday, effective immediately, according to an e-mail to US-CERT staff sent by Bobbie Stempfley, acting assistant secretary for cybersecurity and communications, and obtained by InformationWeek. A Department of Homeland Security (DHS) spokesperson confirmed the email was authentic.

The DHS has not provided a reason for Vickers' sudden departure and the spokesperson, who asked to remain anonymous, declined to discuss the matter further. Vickers served as director of US-CERT since April 2009; previously, he was deputy director.

Current US-CERT deputy director Lee Rock will serve as interim director until the DHS names a successor for Vickers, according to the email.

"We are confident that our organization will continue its strong performance under his leadership," Stempfley wrote, adding that the agency wishes Vickers success in future endeavors.

Vickers' departure comes at a critical time for the organization, as federal networks have come under a barrage of attacks lately by a series of hacker groups--including Anonymous, LulzSec and AntiSec--that specifically are targeting government networks.

In the last month and a half, federal organizations that have experienced attacks include the Navy, the FBI, and the CIA. Federal contractors that handle sensitive and confidential government information also have been the targets of hackers, including Booz Allen Hamilton and IRC Federal.

In response to those attacks last week, US-CERT issued a comprehensive new set of security recommendations for federal agencies and organizations to follow in the hope of preventing future intrusions.

US-CERT is a division of the DHS responsible for responding to and defending against cyber attacks for the federal government's IT infrastructure. It also is in charge of sharing information and collaborating with state and local governments, as well as the private sector, to protect critical infrastructure in the United States.

One of the organization's jobs is to keep track of attacks on federal networks and compile a list of them by type and number for a yearly report released by the Office of Management and Budget. The report helps the feds better understand where vulnerabilities lie as part of an overall cybersecurity strategy that has become increasingly important in the last several years.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)