John Felker, former head of DHS’s cyberthreat center, to retire from the department in September

Felker headed DHS's 24/7 cyberthreat watch floor and information-sharing center from 2015 to 2019.
John Felker DHS NCCIC
John Felker speaks May 31, 2018, at the Cyber Threat Intelligence Forum presented by FireEye and produced by CyberScoop and FedScoop. (CyberScoop)

John Felker, who helped expand the Department of Homeland Security’s cyberthreat-sharing efforts with the private sector, announced Monday that he would retire on Sept. 25 after spending five years at DHS and more than three decades in the federal government.

Felker was best known at DHS for heading the National Cybersecurity and Communications Integration Center (NCCIC), the department’s 24/7 watch floor and information-sharing hub for hacking threats, from 2015 to 2019. For the last year, Felker has led a division at the department’s Cybersecurity and Infrastructure Security Agency (CISA) that oversees the agency’s field offices across the country.

The NCCIC, which includes a vast room of monitoring screens at a DHS building in Arlington, Virginia, is one of the better known federal initiatives to warn companies of malicious cyber activity. Following the formal creation of CISA in 2018, the NCCIC was rebranded and its functions split between two divisions. Felker’s Integrated Operations Division still oversaw the watch floor.

“These past several years have been some of the most exciting, interesting and challenging for me,” Felker said in an email to colleagues. He thanked them for their “creativity and positive attitude” in helping stand up a new organization within DHS.


While head of NCCIC, Felker exhorted corporations to trade more threat data with DHS, and with each other, in a bid to protect banks, utilities and other critical infrastructure from hacking. Threat data in the corporate world “can no longer be used as a competitive advantage,” Felker said in a 2018 interview with Scoop News Group. “We’ve got to share it.”

Felker spent nearly three decades at the U.S. Coast Guard, culminating in a stint as deputy of Coast Guard Cyber Command. After working as a cybersecurity executive at Hewlett Packard Enterprise and SCI Consulting, he joined DHS in 2015, the year before Russia’s interference in the U.S. presidential campaign would jolt the department into a better understanding of critical infrastructure. Following his retirement from CISA, Felker is expected to pursue work in the private sector.

Felker’s departure follows that of Brian Harrell, who announced he was stepped down last week as a senior official focused on infrastructure security at CISA.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts