tagline: Confidence in the Connected World
CIS Logo
HomeResourcesPress ReleaseFormer Director of NSA’s Information Assurance Directorate to Lead CIS Security Best Practices Automation Group

Former Director of NSA’s Information Assurance Directorate to Lead CIS Security Best Practices Automation Group

January 3, 2017

East Greenbush, NY

Curt Dukes, former Director of Information Assurance at the National Security Agency (NSA), has been named the Center for Internet Security (CIS) Executive Vice President responsible for managing the Security Best Practices Automation Group, which includes the CIS Benchmarks, the CIS Controls and the tools to automate the evaluation of these standards.

"Curt Dukes' three decades of senior executive leadership and his unparalleled track record of pioneering and managing complex cybersecurity products and services make him an ideal leader for the Security Best Practices Automation Group," said John Gilligan, CIS Board Chair and Interim CEO. "His addition will accelerate our efforts to provide our nation with effective solutions to address rapidly growing cybersecurity challenges," he added.

In his new role, Dukes will focus on the expansion of the content of CIS standards and increased adoption of CIS security best practices and standards. He will also lead the development and delivery of effective tools for scoring the implementation of CIS Benchmark and Controls standards and for automating the implementation of security best practices.

"The cybersecurity industry is about innovation, and CIS is already a well-positioned leader in transforming security technology for today's increasingly connected businesses," said Dukes. "I am excited to join CIS as Executive Vice President and look forward to helping the Security Best Practices Automation Group continue its impressive track record of innovation and growth," he added.

Dukes has served as the Director of Information Assurance at the National Security Agency in Fort Meade, Md., since 2013. His responsibilities included the security of the National Security Systems, which include systems that handle classified information or are otherwise critical to the U.S. military or intelligence activities.

From 2007 to 2013, Dukes was Director of the NSA/Central Security Service (CSS) Commercial Solutions Center, where he was responsible for leading the Agency's portal to the commercial world. His responsibilities included leveraging industrial relationships, while partnering with international and national Intelligence Communities, and the Department of Defense, to address the strategic needs of the NSA/CSS and the National Security community.

From 2004 to 2007, Dukes was NSA's Chief, Systems and Networks Analysis Center, where he led a highly skilled technical workforce providing technology risk assessments, cyber defense operations, and advanced vulnerability research.

Dukes earned an M.S. in Computer Science from Johns Hopkins University after completing a B.S. in Computer Science at the University of Florida.

The Center for Internet Security is a forward-thinking, nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks are the global standards and recognized best practices for securing IT systems and data against the most pervasive attacks. The proven guidelines are continually refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), the go-to resource for cyber threat prevention, protection, response, and recovery for state, local, tribal, and territorial governments.