CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | November 20168CIOReviewWhat can I learn from a Defense Industry CIO?By David Tamayo, CIO, DCS CorporationThe challenges faced by Defense Industry CIO's, in many ways, are similar to those of any other CIO, but in recent years some important differences have emerged. Being cognizant of what it takes to be an effective CIO in the Defense industry might help others to improve their edge even if leading in a different environment. For years CIO's have been told they have the background, perspective, talent, and imagination necessary and required for their companies to succeed. Today all it takes is one small slip and you are out of a job, or worse ­ you become utterly irrelevant.Let's start with the obvious ­ cybersecurity. In the industry there is a saying: if you claim that you haven't been hacked, you are either a liar or a fool who is not aware that he is being hacked. For Defense companies, new recent federal government regulations require them to follow the NIST 800-171 framework for protection, regardless of corporate size. This framework consists of 109 cybersecurity directives that must be followed by the Industry by no later than December 2017. In the meantime, each time a Defense contract is won, the winning company must provide the DoD CIO a list of all directives that have yet to be implemented. Cyber threats come from all the same places that often attack "regular" companies (e.g. thieves, ransomware, scammers, etc.), but Defense CIO's must also deal with hacktivists who on principle oppose the U.S. military, other nations (even those called "friends") who are actively trying to spy on American technology, U.S. enemies looking for payback for some real or perceived wrong-doing who try to break and destroy the company's infrastructure, and the insider threat ­ that rare but real disgruntled employee who wants to throw a cyber-bomb inside the network on his way out. Since corporate profits on federal contracts are generally limited by the Government and are nowhere near the profits that can be generated in the private sector, the Defense CIO must be very effective in order to provide the cyber protection and technology necessary to stay competitive in a shrinking Defense pie. This means the CIO is under unrelenting pressure to In My Opinion David Tamayo
< Page 7 | Page 9 >