Cybersecurity, Privacy, & AI

Trending Now

What Business Leaders Need to Know About Cybersecurity Certification and Enforcement in 2025–2026 • NRC Efficiency Plan to Reuse DOE, DoD Data Met With Skepticism • Closed Briefing Sets Stage For House Hearing On Anthropic’s Mythos and Cyber Risks • CISA, G7 Partners Release AI Software Bill of Materials Guidance • OMB to Refresh the Federal IT Dashboard

Published on February 9, 2022 • Cyber

Pentagon Reassigns CMMC, SCRM Programs to DoD CIO

G-Tech Studios | Shutterstock

The Pentagon is eliminating the position of CISO for the Under Secretary of Defense for Acquisition and Sustainment – previously held by Katie Arrington – and reassigning responsibility for the CMMC program to fall under Defense Department CIO John Sherman. Six civilians from Acquisition and Sustainment, including CMMC Director Stacy Bostjanick, will move over to the CIO’s office, where they will be overseen by Deputy CIO for Cybersecurity David McKeown. The Supply Chain Risk Management program is also being relocated to the CIO’s office.

Arrington had been with the CMMC program since it was begun, and held the CISO position after it was created in 2019. She was suspended and her security clearance revoked in May 2021, for allegedly disclosing classified information; she sued the department, challenging the move.

Sources:

FedScoop: CMMC Program Moved to the Office of DOD Chief Information Officer
Federal News Network: Pentagon Shifts CMMC Program to CIO, Eliminates Arrington’s Old Role

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.