A politician-turned-defense official who is trying to shake up the acquisition bureaucracy in the U.S. Department of Defense told contractors they need to better prioritize security in order to do business with the Pentagon, and stifle foreign theft of defense secrets.
“This is a change of culture,” Katie Arrington, chief information security officer of the Pentagon’s acquisition policy office, said Wednesday. “It’s going to take time, it’s going to be painful, and it’s going to cost money.”
Arrington, who joined the Office of the Undersecretary of Defense for Acquisition and Sustainment in January, is spearheading the development of new cybersecurity standards for contractors. Last month, defense officials unveiled a draft of the guidelines, known as the Cybersecurity Maturity Model Certification.