The Veterans Affairs Department’s Deputy Assistant Secretary for Information Security and Chief Information Security Officer Stan Lowe announced his retirement today after 25 years of federal service. His last day at VA will be August 22.
“Though I feel the time is right for me to step away, I know I will miss leading OIS and working with such a passionate and talented group of people,” wrote Lowe in an email to VA staff obtained by FedScoop. “Our workforce has done an outstanding job in the face of significant adversity. In two and a half years, we have made more strides towards improving VA’s information security posture than ever before. These achievements have been recognized externally by our peers and internally by our customers. That is a testament to the tireless work that each of you has put in, day in and day out. I’m honored to have been a part of this great organization and to have worked alongside you all in our fight to protect Veteran information and provide secure care and benefits to America’s heroes.”
Lowe’s decision to retire comes just 24 hours after Stephen Warren, VA’s principal deputy assistant secretary and former acting chief information officer, announced plans to leave VA to become the CIO of the Treasury Department’s Office of the Comptroller of the Currency.
Reached by email, Lowe said he had been planning to retire for a long time. “I told the senior leadership what my intent was several months ago,” Lowe said. “It’s the perfect time and if I don’t do it now I never will! I’m a notorious worry wart.”
Lowe, a former Naval officer, joined VA as the agency’s CISO in March of 2013. He is credited with leading VA to become one of the first agencies to continuously monitor across systems. During his tenure, VA was the first federal department to use the Department of Homeland Security’s Einstein 3 system, an important perimeter defense mechanism that has detected and blocked millions of attempted attacks before they reached the VA network. Lowe tightened control of how VA employees access the network as well as the Internet. He is credited with taking a proactive approach to information security, and looking to the future by testing and piloting new security tools that helped the agency more effectively and seamlessly integrate information security into the enterprise.