John Sherman, chief information officer of the Department of Defense and a 2023 Wash100 awardee, has issued a memorandum directing DOD component agencies to assess their compliance with several measures for handling and protecting classified national security information.
CIOs at military services and component agencies should report to the department’s CIO through the CyberScope tool their implementation of least privilege and access control security controls, auditing capabilities and deployment of user activity monitoring by May 26, according to the memo signed by Sherman on Monday.
The directive also requires the services and components to report their compliance with cybersecurity controls outlined in Committee on National Security Systems Instruction 1253.
Sherman said his office will work with the undersecretary of defense for intelligence and security and the intelligence community CIO to guide the implementation of the measures on platforms that host sensitive compartmented information data.
The move came a week after DOD Secretary and 2023 Wash100 inductee Lloyd Austin issued a memo requiring component agencies to immediately assess their compliance with the department’s procedures and standards for safeguarding classified national security data.
Sherman will serve as one of the keynote speakers at the Potomac Officers Club’s 4th Annual CIO Summit on May 16. Click here to register for the upcoming event and hear government and industry CIOs as they share their insights on emerging technologies and efforts to address IT challenges facing their organizations.
