Enable breadcrumbs token at /includes/pageheader.html.twig

On Point: Q&A With Kirsten Davies

As the Department of War chief information officer (CIO), Kirsten Davies leads information technology and cybersecurity strategy, budget and execution. She also ensures the resilience and operational effectiveness of the digital infrastructure that underpins warfighting, readiness and strategic deterrence and is authorized to modernize legacy environments and strengthen cyber resilience against a contested threat landscape. Among other duties, she oversees C4 systems, position, navigation and timing, and electromagnetic spectrum management.

U.S. Department of War CIO Kirsten Davies discusses zero-trust implementation and cyber budgets with SIGNAL Media. Credit: kitidach-stock.adobe.com generated with AI

Where is the department succeeding—and struggling—to move zero trust from architectural intent to operational reality?
The Department of War is driving a decisive pivot from legacy infrastructure to a resilient tactical edge by operationalizing the “presume compromise” strategy through rapid, enterprise-wide zero trust (ZT) adoption. While we have secured significant momentum in cloud modernization and identity, credential and access management, our critical success lies in extending these robust protections directly to the tactical edge, empowering warfighters to operate securely in disconnected, denied, intermittent and limited environments. To bridge this operational gap, we are aggressively modernizing legacy operational technology with a tailored ZT framework, transforming our physical infrastructure from a liability into a hardened asset. By streamlining enterprise-wide data tagging and optimizing transition timelines, we are replacing architectural intent with a battle-ready reality that fortifies mission success from the enterprise core to the furthest edge of the battlefield.

What concrete metrics, beyond compliance checklists, determine the $1.5 billion cyber investment is improving warfighter readiness and resilience?
To maximize the impact of our cyber investment, we measure progress not through static compliance checklists, but by our speed in delivering measurable mission assurance and secure data from the enterprise core directly to the tactical edge. We are fundamentally transforming risk management, decisively abandoning legacy risk management framework bottlenecks in favor of automated, continuous authority to operate (cATO), real-time risk scoring and robust service-wide ATO reciprocity. By accelerating ZT integration for operational technology and interconnected weapon systems, advancing next-generation cryptography and fortifying the defense industrial base, we are providing commanders with true, real-time visibility into their security posture. Ultimately, our defining metric is warfighter readiness: the agility and absolute confidence with which the Joint Force can securely access, share and trust data to fight and win.

How do you decide which legacy systems to retire and which to keep until replacements mature?
Addressing technical debt and retiring legacy systems is fundamentally a risk management calculus. We are prioritizing secure, cutting-edge capabilities for the warfighter while deliberately managing short-term operational risks through phased transitions and contingency planning. Using our Defense Business Systems portfolio as a model, we are systematically reducing cyber exposure to sustain mission readiness and align with the National Defense Strategy. However, internal modernization is only half the battle. I have made it clear to our industry partners that their ability to innovate—the secret sauce of America’s defense industrial base—is equally crippled by legacy technical debt. We cannot afford an industrial base that waits for government funding to act. Because industry’s strength is our strength, building a modern, resilient Arsenal of Freedom together demands that our partners assume risk, invest their own capital and aggressively modernize their infrastructure for this fight.

Where does artificial intelligence (AI) deployment today change command-and-control decisions, and where is it still stalled by data quality, trust or governance roadblocks?
AI is a core warfighting capability. As the Secretary of War Pete Hegseth and Deputy Secretary Steve Feinberg have emphasized, speed and quality of decision-making are decisive advantages, and AI is how we achieve “data supremacy and decision dominance.”

AI is transforming operations across our command-and-control today. Manual data fusion that once took hours is happening in minutes. With a unified interface, commanders can instantly visualize real-time data, identify targets and execute decisions. Proven in live operations, AI is actively compressing sensor-to-shooter timelines and driving dynamic re-tasking at the speed of war.

What capabilities are most at risk if future cyber budgets flatten or decline?
To secure our nation’s technological edge and empower American forces to fight and win in any cyber-contested environment, we recognize that robust upfront investment remains our most effective defense. Driven by the vision of President Trump and Secretary of War Hegseth, we are aggressively shifting from a “degree first” mindset to skills-based, day-one readiness through initiatives like the Cyber Registered Apprenticeship Program (Cyber RAP) to meet surging talent demands and usher in a Golden Age of Prosperity and Innovation.

This direct response to Secretary Hegseth’s mandate for hands-on, experiential learning reinforces his directive that “policies don’t drive transformation; people do,” building a nontraditional talent pipeline that delivers on the promise of peace through strength. Most importantly, this human capital investment is paired with a fundamental shift in our acquisition culture, actively resourcing the mitigation of existing vulnerabilities and requiring that new systems integrate cybersecurity from day one to provide our warfighters with resilient, survivable platforms.

What has most surprised you about the workforce challenge?
Building a modern Arsenal of Freedom requires a highly capable and mission-ready cyber workforce, and my private-sector experience confirms that overcoming this all-of-society talent shortage demands a synchronized strategy that actively builds, up-skills, and cross-skills our existing personnel. We cannot simply recruit our way out of this challenge; instead, we are pulling multiple levers simultaneously by utilizing expanded Cyber Excepted Service pay flexibilities to compete with industry, launching top-tier training partnerships in cyber and AI, and aggressively modernizing our digital ecosystem to eliminate the bureaucratic red tape that frustrates top-tier operators.

By pairing this modernized environment with our unique national security mission, we create an unparalleled value proposition. Crucially, we are shifting our focus from traditional degrees to proven capability, evaluating talent based on their practical ability to outmaneuver advanced threats in real-time. By valuing skills proficiency, agility and hands-on experience—regardless of whether those skills were honed in a university classroom or through an apprenticeship—we are forging the dynamic workforce necessary to deliver the robust capabilities Secretary Hegseth requires to maintain America’s decisive digital advantage.

How do you foster rapid commercial innovation with the risk of vendor lock-in as AI platforms and cloud services consolidate?
While the department aggressively pursues commercial innovation to access top-tier AI and cloud capabilities, we firmly reject vendor lock-in as the price of progress. To balance rapid technological adoption with mission freedom, we demand open standards, modular architectures and cloud-native engineering practices that actively prevent dependence on any single provider. We operationalize this strategy through the Enterprise Software Initiative’s Master terms and conditions for software-as-a-service and AI. This will move us decisively beyond standard commercial agreements to contractually mandate data sovereignty, license portability, zero-cost data egress and explicit government ownership of all derivative AI models. By legally establishing that models developed with DOW data remain strictly DOW property, we are positioned to consume commercial innovation as an interchangeable commodity rather than a monolithic dependency, preserving vital competition and keeping the department in absolute control of its data, its choices and its future.

A year from now, what will show that your “great change” agenda is truly taking hold?
If we revisit this conversation in a year, the most visible change warfighters, commanders and civilians will feel is unprecedented reliability, speed and consistency in how the DOW delivers capabilities. By breaking down legacy bottlenecks and transitioning toward unified platforms, personnel across the force will experience faster data access and highly dependable enterprise tools. From a CIO perspective, this success manifests as a rigorously disciplined enterprise where data is trusted across organizational boundaries and decisions move rapidly because our underlying infrastructure and governance are fully aligned. Ultimately, making this efficiency real for the workforce drives the secretary’s vision and the National Defense Strategy, cementing a modern digital foundation that enables readiness, fortifies resilience and delivers mission-focused dominance directly to the edge.

A year from now, what will show that your “great change” agenda is truly taking hold? If we revisit this conversation in a year, the most visible change warfighters, commanders and civilians will feel is unprecedented reliability, speed and consistency in how the DOW delivers capabilities. By breaking down legacy bottlenecks and transitioning toward unified platforms, personnel across the force will experience faster data access and highly dependable enterprise tools. From a CIO perspective, this success manifests as a rigorously disciplined enterprise where data is trusted across organizational boundaries and decisions move rapidly because our underlying infrastructure and governance are fully aligned. Ultimately, making this efficiency real for the workforce drives the secretary’s vision and the National Defense Strategy, cementing a modern digital foundation that enables readiness, fortifies resilience and delivers mission-focused dominance directly to the edge.

Can you talk more about the cyber apprenticeship program and K-12 STEM outreach?Drawing on my experience establishing a highly successful cyber apprenticeship program at Unilever in Nigeria, I firmly believe that structured, hands-on pathways are the most effective method for bridging critical skills gaps and building a dedicated workforce. We are directly applying this proven model at the DOW by launching our 12-month, paid Cyber RAP Program this month, having recently formalized our standards at the Department of Labor’s National Apprenticeship Signing Day in support of Executive Order 14278.

This progressive pilot integrates interactive labs and dedicated mentorship across security operations, ethical hacking and AI-driven threat analysis to yield day-one-ready talent equipped with industry-recognized certifications. Simultaneously, securing our digital future requires cultivating talent long before the hiring phase. Our Cyber Academic Engagement Office is aggressively driving K-12 STEM outreach. By heavily investing in initiatives like GenCyber, Regions Investing in the Next Generation, and the National Cybersecurity Teaching Academy, we are empowering educators and providing students with foundational skills. Ultimately, these grassroots efforts are a national security imperative designed to show America’s brightest minds that a cyber career with the department is not just about building software—it is about the profound and rewarding mission of defending the nation.