CMMC, industrial capital strategy could continue in Biden's DOD
The Defense Department's top buyer, Ellen Lord, said the incoming Biden administration will have to contend with adversarial investments and cybersecurity weaknesses in the contractor base.
DOD acquisition chief Ellen Lord briefs the press March 25, 2020. (DOD photo)
The Defense Department's top buyer, Ellen Lord, said the incoming Biden administration would have a lot to contend with when it comes to defense acquisitions, including adversarial investments and cybersecurity weaknesses in the industrial base.
Speaking at what will likely be her last press conference Jan. 13, Lord pushed her organization's work on adversarial capital -- the concept of nefarious foreign investment in companies in the U.S. or of its allies.
"We need to collectively work to bring all the relevant resources together at the same time," she said, after noting that China had announced more than $14 billion in investments, mergers and acquisitions in the early months of the coronavirus pandemic, from January to April 2020.
Katie Arrington, the chief information security officer for defense acquisition, said the early days of the COVID-19 pandemic had many defense companies acting out of desperation and survival.
"Things were happening so quickly; companies were concerned about the capability of staying in business and were taking loans from places they weren't 100% certain [of] their origins," Arrington told reporters.
DOD unveiled its Trusted Capital Marketplace, a digital platform for companies and venture capitalists that go through a verification process to evaluate foreign interest and control, with about 128 capability providers in the system that was launched in December. Thirty are trusted capital providers, such as Acorn and Veritas, the officials said.
"We are really hoping to diversify our defense industrial base to bring on a lot of non-traditional companies to work with us and this is a fantastic way for those companies not only to identify themselves to the department of defense but really almost get into a speed dating app with all kinds of capital providers," Lord said.
Lord is expected to exit the building as the Biden administration comes in but wouldn't confirm a timeline or replacement but said, "we are working with the transition teams and we leave it to the incoming administration to make any announcements about how they plan to move forward with [political appointees] and so forth."
Defense News first reported that Stacy Cummings, the principal deputy assistant secretary of defense for acquisition, would step up as DOD's acting chief on Jan. 20. Jessica Maxwell, a DOD spokesperson, told FCW via email that "I can't confirm the name(s) for you at this time; we expect to be able to soon."
However, Arrington, who leads the department's Cybersecurity Maturity Model Certification program, is expected to stay on.
"But I can say that Katie is a career employee so she will definitely be here."
Lord said, as her legacy, she hopes to "to leave our successors a very, very data driven process that allows them to make the best decisions given the resources they have" and a robust framework to shore up defense contractors security.
"The one area that has evolved the most in my time here at DOD has been the whole realm of cyber warfare and cybersecurity. And we have made it a focus of A&S to make sure we put systems into place that again can quantify what actions and reactions are," Lord said.
"CMMC, which I always say, [is] like ISO standards are for quality, CMMC is to cybersecurity the same way. We have really developed a framework and an implementation schedule over five years...to give our defense industrial base the tools to ensure they are secure."