Katie Arrington
Acquisition Office CISO
DoD
Katie Arrington: DoD Needs Culture Shift to Leverage DevSecOps
The Department of Defense needs to make changes to its culture and procedures before investments in DevSecOps can pay off, according to top department officials.
DoD Acquisition Office Chief Information Security Officer Katie Arrington, a past Potomac Officers Club event speaker and 2020 Wash100 winner, said the department's workforce needs to be better educated on how the DevSecOps philosophy works.
“You think about long-term sustainability, if we don't start to really emphasize DevSecOps as we go forward and build on the good work that has been done, we'll never see the actual return on investment in the life cycle that we need," Arington said at a webinar hosted by the Armed Forces Communications and Electronics Association's SIGNAL Magazine.
DevSecOps is a software development culture shift aimed at implementing security measures and practices in the rapid cycles typical of DevOps.
According to Arrington, contracting procedures must adapt for DoD to more widely use DevSecOps across its components.
Arrington pointed to the department's new Adaptive Acquisition Framework as as key enabler in the adoption of DevSecOps. The framework is a set of acquisition pathways designed to help employees deliver better solutions faster.
DoD Undersecretary for Acquisition and Sustainment Ellen Lord, another past POC event speaker and a four-time Wash100 awardee, approved the framework for operation earlier in October.
“By removing procedural bottlenecks, programs are pushed to deliver with much faster cycle time," Lord previously said regarding the new pathway.
Lord and Arrington have both highlighted the Air Force's Ground Based Strategic Deterrence as an example of a program already using the new acquisition pathway.
Category: Speaker News