CISA Appoints Sandy Radesky as Associate Director of Vulnerability Management

The Cybersecurity and Infrastructure Security Agency has named Sandy Radesky as its associate director of vulnerability management. Radesky moved to CISA after spending over two years serving as the U.S. Fleet Cyber Command’s deputy chief information officer.

According to the new associate director, she decided to join CISA to support the agency in improving the government’s cybersecurity posture and securing U.S. critical infrastructure. In her new role, she will lead efforts focused on mitigating potential vulnerabilities and information security weaknesses, FCW reported.

Radesky brings to the agency her two-decade information technology, systems engineering and defensive cyber operations experience in the Department of Defense. According to her LinkedIn profile, she previously served as director of analytics for the COVID-19 Countermeasures Acceleration Group at the DOD and as deputy director of operations of the Joint Force Headquarters–Department of Defense Information Network.

Prior to the said roles, Radesky held leadership positions during her nearly eight-year career at the Defense Information Systems Agency, including as chief of the cyber systems integration branch, deputy plans and programs division chief, and head of defensive cyber operations.

She also served as a communications operator in the U.S. Air Force, where she managed firewalls and proxy servers to ensure base network security implementations were protecting unclassified network information systems and data.

CISA announced the appointment of Radesky days after the agency added new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The latest additions include the Microsoft Windows advanced local procedure call privilege escalation vulnerability. According to Microsoft, an attacker who successfully exploits the vulnerability can gain system privileges.