Saturday, May 24, 2025
Saturday, May 24, 2025
The Defense Department has announced Katie Arrington will serve as the Pentagon's chief information officer in an acting capacity, elevating a key voice in the Defense Department's Cybersecurity Maturity Model Certification program who joined the Office of the DOD CIO in February.
“Today the [Defense] Secretary named Ms. Katherine ‘Katie’ Arrington Performing the Duties of the Department of Defense Chief Information Officer. Please join the CIO team in congratulating her on this new role! Ms. Leslie Beavers will resume her full time position as the Principal Deputy CIO,” according to a March 3 LinkedIn post from the Office of the DOD CIO.
The post says, “In this capacity, Ms. Arrington serves as the primary advisor to the Secretary of Defense for information management/Information Technology (IT); information assurance, as well as non-intelligence space systems; critical satellite communications, navigation, and timing programs; spectrum; and telecommunications.”
The post continues, “Prior to assuming this role, she served in various positions including the Deputy CIO for Cybersecurity, CISO for the Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD(A&S)), led the White House COVID-19 Supply Chain Task Force for Acceleration as well as the team that created the Cybersecurity Maturity Model Certification (CMMC).”
Arrington rejoined DOD as deputy CIO for cybersecurity on Feb. 18. Industry stakeholders praised the move in comments to Inside Cybersecurity, calling it a good signal for the future of the CMMC program.
Arrington was tapped to lead the development of the CMMC program in July 2019 within the Office of the Under Secretary of Defense for Acquisition and Sustainment, where the CMMC Program Management Office was initially based.
The CMMC program was paused in early 2021 under the direction of then-Defense Deputy Secretary Kathleen Hicks who came in at the start of the Biden administration. Arrington was put on suspension in the summer of 2021 over her alleged sharing of classified information outside of DOD.
Arrington officially resigned in February 2022 from DOD and announced a run for a House seat in South Carolina in the 2022 election cycle. She lost in the primary election to incumbent Rep. Nancy Mace (R-SC) who was selected in the 118th Congress to serve as chair of the House Oversight cyber subcommittee.
In a February 2022 memorandum, Hicks moved the CMMC PMO over to the Office of the DOD CIO and eliminated Arrington’s previous job as CISO at A&S.
Arrington joined supply chain firm Exiger in January 2024 as vice president of government affairs.
The DOD CIO role is a Senate-confirmed position. President Trump hasn’t nominated an individual for the position yet.
Arrington was hired as a civilian employee at the Office of the DOD CIO in her role as deputy CIO for cybersecurity. Beavers had served acting DOD CIO since the departure of John Sherman in July 2024.
Getting the CMMC program officially launched is expected to be a priority for Arrington. The first final rule to establish the CMMC program went into effect on Dec. 16. Official CMMC assessments started in early January.
A second CMMC rulemaking is expected to be finalized in mid-2025. The final rule will amend the Defense Federal Acquisition Regulation Supplement and kick off the timeline for CMMC requirements to start showing up in DOD solicitations.