Defense Secretary Pete Hegseth, a 2025 Wash100 Award recipient, has ordered immediate action to secure the Department of Defense’s information technology capabilities from adversarial influence.
Protecting DOD Supply Chain From Adversarial Threats
In a memorandum issued on July 18, Hegseth directed the DOD’s chief information officer to ensure that all IT and cloud services developed and procured for the department are protected from foreign supply chain threats, particularly those posed by adversaries such as China and Russia. The CIO will coordinate with the under secretaries of defense for acquisition and sustainment, intelligence and security, and research and engineering.
The under secretary for intelligence and security is directed to review and validate personnel security practices and insider threat programs of the defense industrial base and cloud service providers.
“The DoD will not procure any hardware or software susceptible to adversarial foreign influence that presents risk to mission accomplishment and must prevent such adversaries from introducing malicious capabilities into the products and services that are utilized by the Department,” the secretary stated in the memo.
The directive specifically calls for leveraging existing programs such as the Cybersecurity Maturity Model Certification, the Software Fast Track Program, the authority to operate process, the Federal Risk and Authorization Management Program and the Secure Software Development Framework to identify and eliminate risks in DOD systems.
Hegseth ordered the CIO to issue additional implementation guidance within 15 days to ensure a secure environment for warfighters.
