NASA has appointed a former Department of Justice attorney with cybersecurity expertise as the agency’s incoming general counsel.
Before joining NASA, Iris Lan was an associate deputy attorney general with responsibilities over the nation’s 93 U.S. attorneys and the department’s Executive Office for U.S. Attorneys.
She takes over as NASA general counsel following the departure of Sumara Thompson-King, who retired from the agency in December.
Lan began her career at the Department of Justice as an assistant U.S. attorney in the Southern District of New York, where she prosecuted complex counterterrorism, counterintelligence, export control, cyber intrusion and corporate fraud cases.
Later, she was also deputy chief of the appellate section, supervising attorneys in briefing and arguing cases before the U.S. Court of Appeals for the Second Circuit.
Lan is an elected member of the American Law Institute, and according to LinkedIn, has also held an adjunct lectureship at Columbia Law School.
Commenting on her appointment, NASA Administrator Bill Nelson said: “I want to thank Scott Barber and Charles “Pete” Polen, both of whom served as acting general counsel. Our team of attorneys, paralegals, and professionals are critical to NASA fulfilling our mission to explore the unknown in air and space, innovate for the benefit of humanity, and inspire the world through discovery. With Iris at the helm, I am confident they will continue to help NASA maintain our standing as the world’s premier space agency.”
Lan takes up the post amid rising concerns over the cybersecurity measures of contractors working with civilian government agencies.
In April the head of the Pentagon’s Cybersecurity Maturation Model Certification program Stacy Bostjanick said the DOD is working with civilian government departments on a new Federal Acquisition Rule that would impose basic requirements to protect federal information on all civilian contractors handling government data.
Meanwhile, in March last year, NASA agreed to conduct a risk assessment of its unclassified systems to determine whether an insider threat program should be expanded, after a watchdog investigation found the agency still had high-value assets and critical infrastructure facing “higher-than-necessary risk.”