Steven Kelly
Institute for Security and Technology
As Chief Trust Officer, Steve Kelly establishes IST's efforts to advance the trust, safety, and security of artificial intelligence and helps lead other aspects of the organization's work. Steve comes to IST after serving on the National Security Council (NSC) staff as Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology and retiring from the FBI as a supervisory special agent.
In his White House role, Steve led national policymaking and advised NSC leadership and the President on matters involving cyber defense, critical infrastructure security and resilience, cyber incident management, and relevant emerging technologies. He served as chair of the U.S. government's cyber response group, vulnerabilities equities process, the cyber interagency policy committee, and facilitated the successful launch of the U.S. Cyber Trust Mark security labeling program for consumer technology. He previously served on the NSC staff in 2013-2015, during which time he was instrumental in developing Presidential Policy Directive (PPD) 41 on United States Cyber Incident Coordination.
Steve joined the FBI as a special agent soon after the 9/11 terrorist attacks and served within the Bureau's cyber program for nearly 22 years in various field and headquarters roles. These included cybercrime and cyber/counterintelligence investigations, private sector and international engagement, strategy/policy, and leadership. His last FBI role was as Chief of Cyber Policy.
While in government service, Steve contributed to numerous reports, plans, and policies—many non-public—which include: U.S. National Cybersecurity Strategy (2023); U.S. Government Cyber Deterrence Playbook (2021); World Economic Forum's Partnership Against Cybercrime report (2020); Report of the Cyberspace Solarium Commission (2020); Report of the Attorney General's Cyber-Digital Task Force (2018); U.S. National Cyber Strategy (2017); PPD-41 on United States Cyber Incident Coordination (2016); U.S. Cyber Incident Severity Schema (2015); and the NSTAC's Report to the President on Information and Communications Technology Mobilization (2014).
Prior to his government service, Steve practiced as a registered professional engineer.