Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency

Director Jen Easterly said Kolasky has been an "outstanding leader at CISA."
CISA, DHS, Department of Homeland Security, RSA 2019
The DHS and CISA booth at the 2019 RSA conference in San Francisco. (Scoop News Group photo)

Bob Kolasky, head of the National Risk Management Center at CISA, announced Tuesday that he is leaving the agency.

Kolasky’s work with the NRMC since its formation in 2018 has put him in the middle of the federal effort to help critical infrastructure companies assess their cyber risk. He’s also been active in a lot of other agency business.

Bob Kolasky (CISA)

He co-chairs the Information and Communications Technology Supply Chain Risk Management Task Force, leads CISA’s work on secure 5G network development, chairs the High-Level Risk Forum for the international Organisation for Economic Co-operation and Development and serves on the executive Committee for the Election Infrastructure Government Coordinating Council.


Kolasky hasn’t announced his plans after leaving the center, nor has CISA named a successor.

During his 15 years of government service, CISA Director Jen Easterly said, “Bob worked tirelessly to expand collaboration across state, local, tribal, and territorial governments and the private sector to reduce cyber and physical threats to critical infrastructure, ensure our nation’s resilience, and protect American lives.”

Kolasky’s departure comes days after POLITICO reported that Mona Harrington, the departing executive director of the Election Assistance Commission, was joining the NRMC as deputy assistant director.

The NRMC has recently been involved in a project of high interest among CISA leadership and on Capitol Hill. Easterly said she tasked it with developing approaches to identifying entities that are the “systemically important, and we’re doing it based on economic centrality, network centrality and logical dominance in the national critical functions.” Pending legislation dubbed it “systemically important critical infrastructure,” something CISA has instead been calling “primary systemically important entities.”

Easterly said Kolasky has been an “outstanding leader at CISA,” and praised him further on Twitter.


Latest Podcasts