Katie Arrington, chief information security officer of the Department of Defense’s acquisition policy office, has said that a “change of culture†in government acquisition is necessary to prevent theft by foreign adversaries, Cyberscoop reported Wednesday.
She told attendees at an event hosted by the Consortium for Information and Software Quality that minimal awareness on cybersecurity breaches throughout the defense industrial base is still a pervasive problem, and that cybersecurity practices are “not something that changes by the day.â€
Arrington’s comments come after the DoD released its draft Cybersecurity Maturity Model Certification guidelines, which cover foundational security standards to prevent breaches of sensitive data and intellectual property theft.
The Pentagon plans to issue an updated draft next month ahead of defense agencies’ implementation of the standards in their requests for information next year.
