CMMC Needs to Adapt to Evolving Cyber Threats
Katie Arrington, Performing the Duties of the DOD CIO
According to officials, the Defense Department’s Cybersecurity Maturity Model Certification (CMMC) program is a national security imperative to protect intellectual property and maintain an American competitive advantage in defense technology.
At AFCEA TechNet 2025 in Baltimore, Katie Arrington, performing the duties of the DOD CIO, says CMMC needs to adapt dynamically to evolving cyber threats. With evolving tech like AI and quantum, acquisition rules need to adjust to evolving technologies while maintaining security standards. Arrington says that the Defense Department needs to continue to streamline cyber requirements through required standards, guidance and executive orders.
She also discusses the need for a cultural shift towards continuous cybersecurity, the new Software Fast Track Initiative and baking cybersecurity into all DOD functions.
-
Katie Arrington Performing the Duties of the DOD CIO
-
Pentagon Memo Creates Unified Tech Enterprise for Acquisition Modernization
War Secretary names Emil Michael "single CTO" in charge of a consolidated defense innovation portfolio as the department builds a single operating system for modernization.
5m read -
Navy Embraces New Risk Posture to Speed Tech Delivery
As global threats intensify, leaders push cultural and structural reforms to accelerate software and data capabilities at the edge.
19m watch Partner Content -
Congressional Spending Deal Could Revive Technology Modernization Fund
A $1.2 trillion minibus would extend the TMF through Sept. 30, unlocking nearly $200 million and preserving momentum for federal modernization projects.
2m read -
NIST Launches ARIA to Redefine How AI Is Evaluated
NIST's ARIA aims to measure real‑world AI behavior, moving beyond accuracy scores to capture risks revealed through model testing, red‑teaming and field trials.
3m read
