DOW CIO Highlights a ‘Common Sense’ Approach for the Military’s Technology
The U.S. Department of War Chief Information Office has a cybersecurity operator as its chief information officer (CIO), Kirsten Davies. A longtime CISO, including as Unilever’s global CISO for its enterprise across 190 countries, Davies is viewing things from an operator’s perspective. This is informing her strategies and priorities, with the office having less of a policy stance, she told SIGNAL in an interview June 2 at AFCEA International’s TechNet Cyber 2026 conference.
“You are seeing a lot of enthusiasm around cybersecurity, and the cybersecurity nerd in me from my background loves this,” Davies stated. “So, you are going to be seeing a lot more of a holistic approach to how we do cyber defense, how we train and uplift our cybersecurity providers across the department, and with a lot of existing interagency partnerships that we are building on.”
Davies is from a U.S. Army family, with her father having served in Vietnam. Her work experience before, however, was not necessarily in the defense industrial base.
“This is new for me, and I wanted to make sure that I captured the ethos of warfighters, that I captured the spirit of the department and married that to the direction from the president and from the secretary,” Davies said. “Even when I was at Booz Allen, I was on the commercial side, so I haven't really had any exposure to this world at all.”
As such, Davies spent the first weeks of her tenure as CIO on a listening and learning tour, hearing from industry and military leaders. “I wanted to be very thoughtful about my approach and make sure I didn't just go, ‘Oh, I know this, and we're going to do that.’ Let me learn a few things, and I'm glad I did.”
The first announcement from Davies is a five-year $9.7 billion Microsoft Enterprise Software Agreement with Dell Federal Systems executed by the CIO’s office. As a result, end-users and organizations in the department will have a streamlined experience for software, licenses and usage, Davies said.
The effort will greatly simplify the enterprise experience by providing a single point of contact, eliminating different price points and getting rid of different start and end times in its license expiration terms, amongst other improvements.
“It is an enterprise capability for our Microsoft licenses and the usage of Microsoft across the department,” Davies said. “We had different pricing and different contracts everywhere. We are a very, very large organization, and it is easy for that to happen, of course, because we have so many different military services. Bringing this all together into one setup under one blanket contract agreement, it consolidates all of the licensing negotiation into one.”
The CIO estimates, conservatively, a savings of about $422 million per year.
“I think what is exciting about it, and what people can expect to see out of my office, is where we have enterprise technology, it is only logical and common sense for us to negotiate in one place for the whole department,” Davies emphasized. “It brings a buying power of the whole department together.”
Next, the CIO’s office will take similar steps with the Joint Warfighting Cloud Capability (JWCC) and the so-called JWCC Next effort to revamp the military’s commercial cloud services.
“What we are providing through JWCC Next is a one-stop shop for the entirety of the department to negotiate all of the cloud capabilities,” Davies explained. “The department can go to one place to have pre-negotiated pricing across the compute and storage capabilities that are needed. And we have all the hyperscalers involved in there, which is great.”
The scale of the department—the enormity of having the largest network in the world and accounting for “at least 3%” of the worldwide web and IP addresses—amplifies that buying power for software, hardware and cloud services, she emphasized.
“We are so excited about this,” Davies stated. “And I have to say, this is what we do regularly in industry, but in the department, this is a really big deal. At Unilever, when I was there as a global CISO and honored to serve at that company, we had operations in 190 countries globally,” Davies noted. “The Department of War, our size and scale and the sheer volume of our technical ecosystem dwarfs anything I've ever seen.”
Another priority of the CIO is to revamp the Chief Information Office.
“The Office of the CIO has not fundamentally changed since 2012, 2014,” she noted. “The organizational chart has been pretty much the same, the functional delivery pretty much the same. There have been some incredible leaders that have come before me, so I really do stand on the shoulders of giants. But it has been largely just a policy job that has not really taken into account that warrior ethos, that absolute need for the lethality, the resiliency, the readiness of the warfighters.”
You are going to be seeing a lot more of a holistic approach to how we do cyber defense, how we train and uplift our cybersecurity providers across the department.
In the next 12-18 months, they will reshape the office, restructuring and reorganizing around operational effectiveness and efficiency.
“This is to really drive everything from the warfighter technology to the enterprise technology to the cybersecurity program and really looking at it end-to-end, soup-to-nuts,” Davies explained.
This includes cyber risk management framework (RMF) reform and improved authority to operate (ATO) approval processes.
“We are going to get after RMF reform, and we are going to get after the ATO processes and really getting into the weeds of what works here, so we are not breaking things but identifying what the things are that actually need to be fundamentally overhauled,” the CIO stated.
Davies envisions a more automated and streamlined process, getting away from paper-driven and digital paper processes.
Lastly, Davies advised companies seeking to provide technology-related capabilities and services to the department to really understand scale and to be mindful of how their solution fits a warfighter's purpose.
Companies should not expect warfighters to have to adapt to the company’s solution; it should be the other way around, she said.
“What would be great for people to be thinking about is if you've got a pure-play digitally native innovative technology, make sure you know where the fit for purpose is,” she said.
“We love it when people have great ideas, but if they cannot scale to our size and to our warfighter needs, it is just a great idea,” the CIO stated. “Now, it does not mean that certain ideas might be extraordinarily niche and very fit for purpose for one particular thing—love those as well. But if you want to get into the enterprise technology, enterprise cybersecurity mix, you need to be scalable.”
TechNet Cyber is organized by AFCEA International. SIGNAL Media is the official media of AFCEA International.
Comments