Hemant Baidwan has departed as chief information security officer (CISO) at the Department of Homeland Security (DHS) after more than 15 years at the agency. He joined Knox Systems on Monday as executive CISO.
At Knox Systems, which the company describes as the largest federal AI-managed cloud provider, Baidwan will focus on helping agencies navigate cloud security requirements and FedRAMP processes.
“Drawing on my experience leading federal cybersecurity and FedRAMP initiatives at DHS, I’m excited to join Knox Systems and help customers deliver secure, innovative cloud solutions to government and defense agencies,” Baidwan said in a press release.
Baidwan first stepped in as DHS’s CISO in April 2024. During his tenure, he oversaw the development of DHS’s first internal cybersecurity strategy and a broader shift toward risk-based security practices.
“In my official role as the DHS CISO, there are a couple of things that still make me super proud,” Baidwan said in an exit interview with MeriTalk. “Developing the internal DHS cybersecurity strategy, believe it or not, that was the first time that was done that was internal to DHS.”
That strategy pushed DHS to move beyond compliance-driven security models toward real-time risk management, he said.
Baidwan also pointed to cultural transformation across DHS as one of his proudest accomplishments.
“Culture shift is never easy when you have such a large workforce,” he said, noting the challenge of aligning personnel across all DHS components. Rather than relying solely on top-down directives, he focused on engaging staff at all levels.
“I’m very proud that I really focused heavily on doing that across the department to make sure that we are really shifting away from, again, a compliance-based security to more operationalized, risk-based security.”
His tenure at DHS coincided with several defining moments in federal cybersecurity, including the fallout from the Office of Personnel Management breach, the SolarWinds compromise, and Log4j vulnerabilities. Baidwan played key roles in advancing multi-factor authentication, identity-based security, and supply chain risk management in response.
Throughout his career, Baidwan said leadership in cybersecurity ultimately comes down to people.
“You can buy any tool and buy the latest and greatest things, but it always comes down to people,” he said. “In order for any leader in today’s environment to be successful, you have to make sure to take care of people, you’re trusting your workforce, you are enabling them to make the right decisions. Helping them grow is really critical.
Knox Systems CEO Irina Denisenko added that “it goes both ways, folks love him.”
“Hemant Baidwan is one of the most trusted and highly regarded cybersecurity officials to have ever served in government, and we look forward to the immediate impact he will make as our new CISO,” Denisenko said in the company’s press release.
At Knox Systems, Baidwan will lead the company’s cybersecurity program and help guide customers through their FedRAMP journey. He will leverage Knox’s differentiated model that enables authorization within 90 days for 90% less, according to the company.
“When you look at a mission like DHS, or what Knox is doing today, the number one goal is we need to keep the bad guys out. That’s it,” Baidwan told MeriTalk.
A DHS spokesperson told MeriTalk that Antione McCord, chief information officer at DHS, will serve as acting CISO “until a permanent selection is made.”
Amanda Day, deputy CISO at DHS, also departed the agency this month. According to her LinkedIn profile, Day is now the CISO and vice president of cybersecurity and trust at Workday.