CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 04, 2026

DoD CIO implores industry to put a greater focus on ‘foundational cybersecurity’ - Breaking Defense

Breaking Defense Archived Jun 04, 2026 ✓ Full text saved

DoD CIO implores industry to put a greater focus on ‘foundational cybersecurity’ Breaking Defense

Full text archived locally
✦ AI Summary · Claude Sonnet


    Department of War Chief Information Officer Kirsten Davies delivers remarks at a CIO town hall at the Mark Center, Alexandria Va., Feb. 10, 2026. (DoD photo by U.S. Navy Petty Officer 1st Class Alexander Kubitza) BALTIMORE — The Pentagon’s top IT officer is pushing for a more forceful and aggressive “foundational cybersecurity” posture, not just for the military, but for the contracting community as well, she said today. “Our posture extends beyond our own digital networks into yours, our defense industrial base,” Department of Defense Chief Information Officer Kirsten Davie said at the TechNet Cyber conference here today. “A compromise at a small supplier can jeopardize a warfighter making a real time decision, and I don’t think that’s acceptable for any one of us in this room. That should make us all very uncomfortable, that that small of a compromise can impact a war fighter out at the edge. Let’s put a greater focus on our foundational cybersecurity.” She noted that the security of the defense industrial base, the contractors and suppliers that provide the equipment for the department is warfighter security as well because any compromise to those networks means the capabilities at the edge are affected. As a result, she expressed a desire to move beyond compliance. “Compliance does not equal security. It did not when I was in industry, and it does not from my seat where I am today. We must pursue a relentless focus on operational resilience, which is a byproduct, a dynamic fit for purpose cybersecurity posture,” she said. In fact, the department has been looking to move away from a compliance focus for years, unveiling in 2019 the Cybersecurity Maturity Model Certification (CMMC), a framework mandating companies that do business with the Pentagon must achieve a base level of cybersecurity. The program has undergone several changes since being announced. Davies told a small group of reporters last week that she will be talking a bit more about CMMC “at a later time.” Overall, she told the TechNet audience today that the department is taking a paradigm shift in cybersecurity by transforming its cybersecurity program into a “unified, holistic, and risk-driven function,” with a bias for action. She also announced there are changes coming to the office of the CIO in the coming months “driven by a singular, unyielding focus operationalizing our programs to better serve the warfighters.” She did not, however, offer specifics on what those changes will be.
    💬 Team Notes
    Article Info
    Source
    Breaking Defense
    Category
    ◇ Industry News & Leadership
    Published
    Jun 04, 2026
    Archived
    Jun 04, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗