Aaron Weis, chief information officer of the U.S. Navy and a 2020 Wash100 Award winner, told C4ISRNET in an interview published Monday that the service has made progress in two areas when it comes to strengthening its cybersecurity posture and one of those is from a “defend” perspective.
He cited the need to change the service’s perspective on cyber defense. “I talk a lot about moving from this culture of security by compliance to a culture where we have security as a constant state of readiness, where we’re always assessing our own readiness from a cybersecurity perspective,” Weis added.
He commented on the Navy’s complete reassessment of its risk management framework. “They’re refining and retuning RMF to be more responsive to reflect current state and to be able to be a more consistent indicator of risk management versus the one and done,” he said of the Navy.
Weis also offered updates on the service’s identity management pilot in conjunction with the Navy’s Enterprise Resource Planning system as well as on software-defined networking initiative and logistics effort, particularly the log IT systems portfolio.