EPA security officer Bonina to retire

George Bonina spent the last six years trying to help the Environmental Protection Agency recover from an abysmal Government Accountability Office report concerning its IT security.

Now that the process is almost complete'EPA has improved its score to a B from a D on the House Government Reform Committee Computer Security Report Card and scored 80 percent or better in seven areas covered by the Federal Information Security Management Act'Bonina is retiring from government service.

Bonina spent his entire 30-year career with EPA, including the last six as the agency's chief information security officer.

'The most rewarding part has been seeing EPA move from being a total IT security disaster to one of the better security agencies in government,' he said. 'It can be attributed to many things, including having good senior management support and the approach we took. We didn't try to use brute force, but improve our security methodically.'

Bonina credits outgoing EPA CIO Kim Nelson and deputy CIO Mark Day for putting in the processes and policies to improve the agency's cyberstanding.

Marian Cody is Bonina's deputy, but no replacement has been named, he said.

Bonina said he has no plans to move into the private sector and will spend time with his family.

In addition to helping EPA improve its security, Bonina played a key role in rolling out the IT Security Line of Business Consolidation effort, sponsored by the Office of Management and Budget.

'My only regret is not being able to see this through,' he said. 'It is essential the federal government gets it right. It makes a lot of sense, and if all goes as intended, it will improve the IT security of federal agencies.'

The IT Security LOB will set up agency centers of excellence along four areas: security training, FISMA reporting, situational awareness and incident response, and lifecycle security solutions.

Bonina, who said his retirement has been planned for the last year, follows Nelson's decision to leave government after four years and join Microsoft.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group