Hearing Details

Witnesses

Members Who Spoke

Top 5 Organizations Mentioned

View on Congress.gov

Key Takeaways

•Kirsten Davies (Chief Information Officer, Department of Defense) announced a major reorganization to unify enterprise IT and cybersecurity under the CIO to eliminate wasteful spending and accelerate modernization.
•Davies testified that the department is shifting toward a risk-based cybersecurity model, prioritizing zero trust implementation, supply chain security initiatives, and the retirement of legacy technical debt.
•Rep. Brad Finstad (R, MN-1) compared DOD's archaic IT to "Oregon Trail" software, prompting Davies to admit the department's legacy systems were a "tremendous surprise" requiring cultural change.
•Rep. Jeff Crank (R, CO-5) and Rep. George Whitesides (D, CA-27) both raised concerns that the high costs of CMMC compliance are driving small businesses out of the industrial base.
•Davies is conducting a review of the CMMC ecosystem to reduce regulatory burdens, while the subcommittee prepares to examine classified quantum computing threats and offensive cyber performance.

Hearing Details

Witnesses

Members Who Spoke

Top 5 Organizations Mentioned

View on Congress.gov

Read the full transcript

Starting at $350/mo

Full hearing transcripts
Speaker timestamps with video verification
Organization & competitor mentions
Same-day delivery
Personalized summaries

Start reading

30-day money-back guarantee on all paid plans.

Hearing Analysis

Overview

The hearing focused on the Department of Defense's (DOD) strategic shift toward a modernized, data-centric IT architecture to ensure warfighter dominance in contested environments. Witnesses and members discussed the urgent need to retire "technical debt" and legacy systems while streamlining the cybersecurity regulatory burden on the defense industrial base. The discussion emphasized that IT infrastructure is the foundational layer for all advanced military capabilities, including artificial intelligence and command-and-control systems.

Key Testimony & Policy

The Honorable Kirsten Davies, Chief Information Officer (CIO) of the Department of Defense, presented a transformation strategy centered on four pillars: an enduring digital foundation, agile digital capabilities, cybersecurity for the warfighting ecosystem, and workforce skills. Davies emphasized the unification of enterprise IT and cybersecurity under the CIO’s office to eliminate inefficient spending and accelerate modernization. Key initiatives discussed included the Joint Warfighting Cloud Capability (JWCC), the expansion of 5G infrastructure across 88% of military installations, and the "Arsenal of Freedom" initiative aimed at securing the munitions supply chain.

Davies highlighted the department's move away from checklist-driven compliance toward a holistic, risk-based approach to cybersecurity. This includes the accelerated deployment of Zero Trust principles and the refinement of the Authority to Operate (ATO) process. The CIO also addressed the transition to post-quantum cryptography to protect high-assurance devices against future quantum computing threats. Furthermore, the department is leveraging provisions from the fiscal year 2026 National Defense Authorization Act (NDAA) to enhance recruitment and retention of cyber professionals through competitive compensation and upskilling partnerships with academia.

Notable Exchanges & Partisan Dynamics

Rep. Don Bacon (R, NE-2) opened the hearing by emphasizing that "you fight with the network you've got," questioning the current state of critical IT networks and their impact on military readiness. Rep. Chrissy Houlahan (D, PA-6) raised concerns about electromagnetic spectrum management, specifically the balance between commercial 5G growth and government access, as well as lessons learned from drone usage in the Russia-Ukraine conflict.

A significant point of bipartisan frustration involved the persistence of legacy systems. Rep. Brad Finstad (R, MN-1) compared the DOD’s archaic software to the "Oregon Trail" game, noting that private sector entities like Walmart maintain far superior inventory visibility. Rep. Patrick Ryan (D, NY-18) pressed for updates on Section 1521 of the NDAA, which mandates an expedited review process for the ATO, noting that the current process remains a bottleneck for innovative commercial companies.

The Cybersecurity Maturity Model Certification (CMMC) program drew sharp criticism regarding its impact on small businesses. Rep. Jeff Crank (R, CO-5) cited a constituent facing a $100,000 compliance cost for a single employee, questioning the oversight of the Cyber AB and the fees charged by third-party assessors. Rep. George Whitesides (D, CA-27) suggested providing grants or low-interest loans to help small businesses meet these security standards. Additionally, Rep. Eugene Vindman (D, VA-7) advocated for a "digital twin" pilot program to model cyberattacks on critical infrastructure at military bases, an idea Davies strongly supported.

Organizations Mentioned

* Department of Defense (DOD): The central agency undergoing a major reorganization to unify IT and cybersecurity functions under the CIO. * National Security Agency (NSA): Discussed regarding its Cybersecurity Directorate's role in providing threat intelligence and indicators of compromise to the defense industrial base. * Defense Information Systems Agency (DISA): Identified as a key component under CIO oversight responsible for network modernization and the Defense Information Systems Network (DISN). * The Cybersecurity Accreditation Body (Cyber AB): Criticized for its lack of transparency and the high fees it charges small businesses for CMMC compliance. * Department of Defense Cyber Crime Center (DC3): Praised for its outreach to the defense industrial base and its role in forensic investigations following cyber incidents. * Government Accountability Office (GAO): Cited for a report highlighting the DOD's failure to assess external factors affecting CMMC goals. * Department of Agriculture (USDA): Mentioned as a comparison for an agency struggling with "clumsy" and "archaic" legacy IT systems.

What's Next

The subcommittee moved to a closed session to discuss specific cyber threats from Iran, China, and Russia. The CIO’s office is expected to provide a formal update on the expedited ATO review process required by the NDAA. Additionally, Davies committed to a dedicated review of the CMMC ecosystem to address regulatory burdens, with results expected to inform future implementation strategies.

Transcript

Rep. Bacon (NE-2)

Good afternoon everyone and welcome to this hearing on information technology posture of the Department of Defense. To add a quote from Don Rumsfeld, you fight with the network you've got. We conduct command and control with the networks that we have. We pair our warfighters with the business applications we have. We plan and conduct operations on the desktops and laptops that we have. We fight at the speed of data and the underlying IT has never been more important. What I want to hear today is simply what is the state of these critical IT networks? I'm interested in hearing more about the department's plans to modernize our networks, process, provide access to secure cloud environments at all security levels and ensure the cybersecurity of our DOD and industrial base assets. While we'll be addressing DOD's major artificial intelligence developments at an upcoming research and engineering posture hearing, it is critical to note that none of that technology works without the foundation provided by IT. If the networks don't work well, nothing else will. So with that, we're joined today by the Department of Defense Chief of Information Officer, Ms. Kirsten Davies. I want to thank you for being so accessible. We've seen you a lot and we're grateful that you are accessible and open to interacting with us so freely. You joined the department from the industry in December. She brings two decades of experience leading large-scale cybersecurity and enterprise technology efforts for major global companies. Ms. Davies, thank you for being here and for your willingness to serve. And with that, I turn to Ms. Houlahan, the ranking member, before hearing our witness.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est qui dolorem ipsum quia dolor sit amet. At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident. Similique sunt in culpa qui officia deserunt mollitia animi id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio nam libero tempore cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus omnis voluptas assumenda est omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est qui dolorem ipsum quia dolor sit amet. At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident. Similique sunt in culpa qui officia deserunt mollitia animi id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio nam libero tempore cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus omnis voluptas assumenda est omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est qui dolorem ipsum quia dolor sit amet. At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident. Similique sunt in culpa qui officia deserunt mollitia animi id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio nam libero tempore cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus omnis voluptas assumenda est omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est qui dolorem ipsum quia dolor sit amet. At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident. Similique sunt in culpa qui officia deserunt mollitia animi id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio nam libero tempore cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus omnis voluptas assumenda est omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est qui dolorem ipsum quia dolor sit amet. At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident. Similique sunt in culpa qui officia deserunt mollitia animi id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio nam libero tempore cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus omnis voluptas assumenda est omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat.

Read the full transcript

Starting at $350/mo

Full hearing transcripts
Speaker timestamps with video verification
Organization & competitor mentions
Same-day delivery
Personalized summaries

Information Technology Posture of the Department of Defense

Key Takeaways

Read the full transcript

Hearing Analysis

Overview

Key Testimony & Policy

Notable Exchanges & Partisan Dynamics

Organizations Mentioned

What's Next

Transcript

Read the full transcript

Related Hearings

Senate amendment to H.R. 7147 – Homeland Security and Further Additional Continuing Appropriations

Member Day

“Arctic Security in an Era of Global Competition: Safeguarding U.S. Interests in Frigid Waters.”