A Conversation with Katie Arrington

A Conversation with Katie Arrington

Interviews, Women in Cyber, Katie Arrington

Katie Arrington is the Chief Information Security Officer with the Office of the Under Secretary of Defense for Acquisition and Sustainment OUSD(A&S) at the United States Department of Defense. Her responsibilities include ensuring a robust Supply Chain Risk Management (SCRM), establishing Defense Industrial Base Security and Resilience, and creating a common standard in Cyber Security Standards. Previously, Ms. Arrington was a candidate for the US House of Representatives and a South Carolina State Representative for 2 terms. She has substantial experience in cyber strategy, policy, enablement and implementation across a wide range of domains, including DoD, Federal, Healthcare and State.

In this interview, Ms. Arrington shares her view from the Pentagon of the pandemic and how the experience mirrors the terrorist attacks on 9/11. She also shares an interesting story about how she got her start in cybersecurity, how FaceTime, telehealth and food delivery apps have become essential services during COVID, and the surprising individuals who inspire her the most.

We hope you enjoy this insightful conversation with Ms. Arrington.

RELATED POSTS

Stagehand: Episode 4

Stagehand: Episode 4

Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no...

Relationships in the Cyber Era

Relationships in the Cyber Era

The APT era is here. Attacks are becoming more common and the level of damage increasing in severity. As CISOs, we must prepare for the APT era. We must commit to changing our attitude and not adopting only advanced technological tools. The current awareness is not...

The Importance of Vendor Risk Management for CISOs

The Importance of Vendor Risk Management for CISOs

If a company deals with even one third-party vendor, then vendor risk management should be at the forefront of the CISO's mind. What is vendor risk management? Vendor risk management (VRM) is the process a company takes to verify that their suppliers and providers...

SecOps Needs More Democratization, Not Less SOC

SecOps Needs More Democratization, Not Less SOC

An increasing complexity of technologies, as well as an increasing number of failures and attacks followed by an increasing dependency on business goals is changing the way we run Security Operations Centers. I previously discussed the concept of a Fusion Center as an...

Measuring a Cyber Awareness Culture

Measuring a Cyber Awareness Culture

Until recently, cyber awareness metrics have been treated by many as a tick-box exercise driven by regulations. The regulator requires x number of hours of cyber awareness training per employee per year, and once that is done, the organisation ticks a box and waits...

Good Enough Isn’t Good Enough Anymore

Good Enough Isn’t Good Enough Anymore

The cyber risks we face today are more than we faced previously but also fundamentally different in several respects. Our adversaries are more adept and their tools and tactics more protean in capability.  In light of these increasing challenges, our cyber defenses...

Mitre Disrupting Advanced Persistent Threats
Share This