Kevin Dulany

Chief, Risk Management Framework Division, and Deputy CIO for Cybersecurity (DCIO-CS)

Department of Defense

Mr. Kevin Dulany is the Chief, Risk Management Framework (RMF) Implementation Division of the Cybersecurity Risk Management Directorate, under the Deputy Chief Information Officer for Cybersecurity (DCIO-CS). His duties include the oversight of DoD’s Certification and Accreditation (C&A) transformation efforts to the Risk Management Framework (RMF); chairs the RMF Technical Advisory Group (TAG); is the RMF (C&A) Advisor to the Information Security Risk Management Committee (ISRMC); is the DoD Tri-Chair for the Sub-Committee for the Committee on National Security Systems (CNSS); supports DoD’s Cloud Security efforts; and is the DoD’s Technical Representative to the Federal Risk and Authorization Management Program (FedRAMP). Mr. Dulany previously co-chaired the Joint Continuous Monitoring Working Group, and currently provides support to other CIO Council's Information Security and Identity Management Committee (ISIMC) led efforts as directed.

Mr. Dulany has been in the IT career field (programming, networking, IA/CS) since1988; focusing on IA/CND/CS since 2000. Mr. Dulany has a Bachelor’s Degree in Cybersecurity, is currently pursuing a Master’s Degree in Cybersecurity Strategy and Information Management, and holds numerous commercial certifications to include: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and Certified Authorization Professional (CAP). Mr. Dulany has been recognized for his achievements with DISA’s Outstanding Testing Professional of the Year Award (2008), Army Research Lab’s Partnering Award (2013), and was a Federal 100 Award winner (2013).