An official website of the United States government
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

In the News

News | Sept. 24, 2025

Department of War Announces New Cybersecurity Risk Management Construct

The Department of War (DoW) today announced the implementation of a groundbreaking Cybersecurity Risk Management Construct (CSRMC), a transformative framework to deliver real-time cyber defense at operational speed. This five-phase construct ensures a hardened, verifiable, continuously monitored, and actively defended environment to ensure that U.S. warfighters maintain technological superiority against rapidly evolving and emerging cyber threats.

Addressing Legacy Shortcomings

The previous Risk Management Framework was overly reliant on static checklists and manual processes that failed to account for operational needs and cyber survivability requirements. These limitations left defense systems vulnerable to sophisticated adversaries and slowed the delivery of secure capabilities to the field.

The CSRMC addresses these gaps by shifting from "snapshot in time" assessments to dynamic, automated, and continuous risk management, enabling cyber defense at the speed of relevance required for modern warfare.

The construct is composed of a five-phase lifecycle and ten foundational tenets.

The Five-Phase Lifecycle

The new construct organizes cybersecurity into five phases aligned to system development and operations:

  1. Design Phase – Security is embedded at the outset, ensuring resilience is built into system architecture.
  2. Build Phase – Secure designs are implemented as systems achieve Initial Operating Capability (IOC).
  3. Test Phase – Comprehensive validation and stress testing are performed prior to Full Operating Capability (FOC).
  4. Onboard Phase – Automated continuous monitoring is activated at deployment to sustain system visibility.
  5. Operations Phase – Real-time dashboards and alerting mechanisms provide immediate threat detection and rapid response.

Ten Foundational Tenets

The CSRMC is grounded in ten core principles:

  • Automation – driving efficiency and scale
  • Critical Controls – identifying and tracking the controls that matter most to cybersecurity
  • Continuous Monitoring and ATO – enabling real-time situational awareness to achieve constant ATO posture
  • DevSecOps – supporting secure, agile development and deployment
  • Cyber Survivability – enabling operations in contested environments
  • Training – upskilling personnel to meet evolving challenges
  • Enterprise Services & Inheritance – reducing duplication and compliance burdens
  • Operationalization – ensuring stakeholders near real-time visibility of cybersecurity risk posture
  • Reciprocity – reuse assessments across systems
  • Cybersecurity Assessments – integrating threat-informed testing to validate security

Delivering Cybersecurity at the Speed of War

By institutionalizing this construct across the Department, the DoW is ensuring cyber survivability and mission assurance in every domain: air, land, sea, space, and cyberspace.

"This construct represents a cultural shift in how the Department approaches cybersecurity," said Katie Arrington, performing the duties of the DoW CIO. "With automation, continuous monitoring, and resilience at its core, the CSRMC empowers the DoW to defend against today's adversaries while preparing for tomorrow's challenges."

For more information on the Cyber Security Risk Management Construct, click here.

For more information on the CSRMC Strategic Tenets, click here.

Related Press Advisories

Original Story

Social Media Feed

Twitter
The @DeptofWar is modernizing the Arsenal of Freedom with a $9.7B CETA contract with Dell Federal Systems for Microsoft services. 🦅 Delivering on @SecWar Hegseth’s mandate to reduce IT redundancies, this is not new spending. We are consolidating fragmented IT budgets into a https://t.co/LGWRSZxPZ1 The @DeptofWar is modernizing the Arsenal of Freedom with a $9.7B CETA contract with Dell Federal Systems for Microsoft services. 🦅 Delivering on @SecWar Hegseth’s mandate to reduce IT redundancies, this is not new spending. We are consolidating fragmented IT budgets into a https://t.co/LGWRSZxPZ1
Twitter
RT @DoWCIODavies: An incredible honor to remember and celebrate our fallen warriors and American heroes at today’s Memorial Day services at…
Twitter
Please join the @DeptofWar CIO this Memorial Day weekend 🇺🇸in pausing to honor and remember the brave men and women of our Armed Forces who made the ultimate sacrifice in service to our nation. As we proudly support those who defend our nation across every domain — land, sea, https://t.co/AvzFhLVoDg Please join the @DeptofWar CIO this Memorial Day weekend 🇺🇸in pausing to honor and remember the brave men and women of our Armed Forces who made the ultimate sacrifice in service to our nation. As we proudly support those who defend our nation across every domain — land, sea, https://t.co/AvzFhLVoDg
Twitter
Hon Kirsten Davies, @DeptofWar CIO, led the U.S. delegation to the @NATO Digital Policy Committee. This is a bi-annual meeting of the Allies to discuss IT and Cyber initiatives ranging from the Alliance’s cloud program to its approach to Cybersecurity. Reinforcing the importance https://t.co/cxJYwJBj2G Hon Kirsten Davies, @DeptofWar CIO, led the U.S. delegation to the @NATO Digital Policy Committee. This is a bi-annual meeting of the Allies to discuss IT and Cyber initiatives ranging from the Alliance’s cloud program to its approach to Cybersecurity. Reinforcing the importance https://t.co/cxJYwJBj2G
Twitter
Mr. Aaron Bishop, DoW CISO and acting Deputy CIO for Cybersecurity, spoke today at the @PotomacOfficers Club 2026 Cyber Summit to discuss key features of the @DeptofWar way ahead for IT and Cyber transformation with an the audience of GovCon leaders. Cybersecurity always will be https://t.co/AtJCqruNpg
Twitter
Happy Armed Forces Day! 🇺🇸🦅 250 years strong—and still standing watch. As we mark the 250th anniversary of the United States, we honor those who have defended our nation from its founding to today—serving across every branch of our Armed Forces: Army, Navy, Marine Corps, Coast https://t.co/LE4mlrrfa4 Happy Armed Forces Day! 🇺🇸🦅 250 years strong—and still standing watch. As we mark the 250th anniversary of the United States, we honor those who have defended our nation from its founding to today—serving across every branch of our Armed Forces: Army, Navy, Marine Corps, Coast https://t.co/LE4mlrrfa4
Twitter
The Honorable Kirsten Davies, thanked her Five Eyes CIO counterparts for their hard work and candid discussion last week as part of the Defense CIO Forum (#DCIOF) and Combined Digital Leadership Summit (#CDLS). “This was my first time leading the US delegation to the CDLS and I https://t.co/2N3iCSGBmp The Honorable Kirsten Davies, thanked her Five Eyes CIO counterparts for their hard work and candid discussion last week as part of the Defense CIO Forum (#DCIOF) and Combined Digital Leadership Summit (#CDLS). “This was my first time leading the US delegation to the CDLS and I https://t.co/2N3iCSGBmp
Twitter
The @DeptofWar successfully wrapped the Combined Digital Leadership Summit (#CDLS 26.1) last week. Together with our Five Eyes partners, we are accelerating joint digital warfighting capabilities and moving hashtag#ProjectArcadia into operational reality. The core mission: https://t.co/GZ690pibFA The @DeptofWar successfully wrapped the Combined Digital Leadership Summit (#CDLS 26.1) last week. Together with our Five Eyes partners, we are accelerating joint digital warfighting capabilities and moving hashtag#ProjectArcadia into operational reality. The core mission: https://t.co/GZ690pibFA
Twitter
The @DeptofWar CIO's Office is proud to announce our Workforce Innovation Directorate’s (WID) has been awarded the 2026 Government Information Technology Council’s Workforce Development Award! This award, presented by the Advanced Technology Academic Research Center (ATARC), https://t.co/5KXxjogR31 The @DeptofWar CIO's Office is proud to announce our Workforce Innovation Directorate’s (WID) has been awarded the 2026 Government Information Technology Council’s Workforce Development Award! This award, presented by the Advanced Technology Academic Research Center (ATARC), https://t.co/5KXxjogR31
Twitter
In a high-stakes environment, isolated data can cost us the tactical advantage. The @DeptofWar's business systems must communicate seamlessly to be effective. The new Business Enterprise Architecture (BEA) Guidebook is the master blueprint that makes this interoperability happen. https://t.co/hPl5Y8wRFU In a high-stakes environment, isolated data can cost us the tactical advantage. The @DeptofWar's business systems must communicate seamlessly to be effective. The new Business Enterprise Architecture (BEA) Guidebook is the master blueprint that makes this interoperability happen. https://t.co/hPl5Y8wRFU
Twitter
Pictured from left to right: Brandon Cross and Holly Yuan, University of Wisconsin-Stout; Brian Scavotto, North Carolina A&T; and Amith Kamath Belman, San Jose State University
Twitter
Congrats to the ASCEND Challenge winners announced at the NCAE-C Symposium! 🏆 The @DeptofWar Office of the CIO commends Holly Yuan & Brandon Cross (UW-Stout), Brian Scavotto (NC A&T), and Amith Kamath Belman (SJSU). Your groundbreaking AI & cyber frameworks are forging the next https://t.co/DHiTiTP0f3 Congrats to the ASCEND Challenge winners announced at the NCAE-C Symposium! 🏆 The @DeptofWar Office of the CIO commends Holly Yuan & Brandon Cross (UW-Stout), Brian Scavotto (NC A&T), and Amith Kamath Belman (SJSU). Your groundbreaking AI & cyber frameworks are forging the next https://t.co/DHiTiTP0f3
Twitter
The @DeptofWar CIO, Hon @DoWCIODavies, is excited to highlight the Cyber Academic Engagement Office (#CAEO) Community Exchange “Listening Room” at this year’s Center for Academic Excellence (CAE) in Cybersecurity Symposium in Pittsburgh, PA. Over the past week, this space https://t.co/E2yir592XM The @DeptofWar CIO, Hon @DoWCIODavies, is excited to highlight the Cyber Academic Engagement Office (#CAEO) Community Exchange “Listening Room” at this year’s Center for Academic Excellence (CAE) in Cybersecurity Symposium in Pittsburgh, PA. Over the past week, this space https://t.co/E2yir592XM
Twitter
Pictured left to right in the Listening Room: Michael Tu, university of Purdue NW University; Dr. Emanuel El-Sheikh, University of West Florida; Scott Nelson, acting PD CEAO; Adel Elmaghraby, University of Louisville; and Omar Garada, Dcode
Twitter
The Dept of War CIO’s Cyber Academic Engagement Office kicked off the annual National Centers of Academic Excellence in Cybersecurity (NCAE-C) Symposium, by challenging universities to join the "front lines" of the nation's cyber defense,” and highlighted @POTUS, @DeptofWar https://t.co/BlM8f9TvpD The Dept of War CIO’s Cyber Academic Engagement Office kicked off the annual National Centers of Academic Excellence in Cybersecurity (NCAE-C) Symposium, by challenging universities to join the "front lines" of the nation's cyber defense,” and highlighted @POTUS, @DeptofWar https://t.co/BlM8f9TvpD
Twitter
Pictured left to right: Scott Nelson, Acting Principal Director of the DoW CIO Cyber Academic Engagement Office delivering the keynote at the NCAE-C Symposium; representatives of the 28 new NCAE-C institutions at the certification ceremony.
Twitter
The Dept of War CIO’s Cyber Academic Engagement Office kicked off the annual National Centers of Academic Excellence in Cybersecurity (NCAE-C) Symposium, by challenging universities to join the "front lines" of the nation's cyber defense,” and highlighted @POTUS, @DeptofWar https://t.co/0liZC7C5ND The Dept of War CIO’s Cyber Academic Engagement Office kicked off the annual National Centers of Academic Excellence in Cybersecurity (NCAE-C) Symposium, by challenging universities to join the "front lines" of the nation's cyber defense,” and highlighted @POTUS, @DeptofWar https://t.co/0liZC7C5ND
Twitter
Clockwise from upper left: Ms. Ayanna Baker (Cyber Human Capital Program Analyst), Mrs. Marci McCarthy (DoW CIO Director of External Engagements), Acting Secretary of Labor The Honorable Keith Sonderling, and Ms. Chimia Nelson (DoW CIO Program Director); Seated: DoL Acting
Twitter
The Department of War CIO announces the launch of our new DoW Cyber Registered Apprenticeship Program (#CyberRAP). Yesterday, during the National Apprenticeship Week signing ceremony at the Department of Labor, Mrs. Marci McCarthy, Director of External Engagements, kicked off the https://t.co/qRJT5sfZyM The Department of War CIO announces the launch of our new DoW Cyber Registered Apprenticeship Program (#CyberRAP). Yesterday, during the National Apprenticeship Week signing ceremony at the Department of Labor, Mrs. Marci McCarthy, Director of External Engagements, kicked off the https://t.co/qRJT5sfZyM
Twitter
🦅 @DeptofWar CIO, the Honorable Kirsten Davies, joined the 71st Siouxland/Washington Conference & Steak Reception, sharing an inspiring message of collaboration 🤝 with Senate and Congressional members and the Siouxland Chamber of Commerce. Emphasizing the vital partnership https://t.co/eSXro6KLT7 🦅 @DeptofWar CIO, the Honorable Kirsten Davies, joined the 71st Siouxland/Washington Conference & Steak Reception, sharing an inspiring message of collaboration 🤝 with Senate and Congressional members and the Siouxland Chamber of Commerce. Emphasizing the vital partnership https://t.co/eSXro6KLT7
X
7,175
Follow Us