"You are going to be seeing a lot more of a holistic approach to how we do cyber defense, how we train and uplift our cybersecurity providers across the department,” said U.S. DoW Chief Information Officer Kirsten Davies.
U.S. DoW CIO Kirsten Davies pushes enterprise-wide modernization and operational reform
At TechNet Cyber 2026, Kirsten Davies laid out a technology strategy for the U.S. DoW that emphasizes enterprise modernization, government cybersecurity, and operational effectiveness. Davies framed the effort as a move away from a narrowly policy-driven posture toward practical, department-wide reforms: reforming the Risk Management Framework, streamlining Authority to Operate procedures, boosting automation, and reducing paper-based compliance procedures.
Davies also highlighted procurement as a security lever, calling for consolidated technology purchasing to improve security, efficiency, and cost savings — provided vendors can deliver scalable solutions that meet operational needs "at the department’s massive scale." The aim is to align technical change with how the department operates, prioritizing speed of deployment and reduced administrative friction alongside hardening systems.
Strengthening security through cyber resilience after Change Healthcare and Colonial Pipeline
Speakers at the conference urged a move away from a prevention-only mindset toward cyber resilience — the capability to survive and quickly recover from unavoidable cyber events. High-profile incidents such as the Change Healthcare breach and the ransomware attack on Colonial Pipeline were described as “wake-up calls,” illustrating how digital intrusions can paralyze essential services even when physical assets remain intact.
Panelists recommended adopting a top-down, mission-focused posture they called a “mission-breach” mindset. That requires a disciplined organizational culture and technical plans that emphasize the rapid, automated restoration of the core identity services that support modern operations. Resilience, in this framing, is not a backup activity: it is the principal means of keeping missions going when prevention fails.
CYBERCOM 2.0: Brig. Gen. Reid Novotny’s workforce, training, and innovation agenda
Brig. Gen. Reid Novotny announced CYBERCOM 2.0 to reshape U.S. Cyber Command’s structure and capabilities. The initiative aims to improve organizational design, workforce development, training, and technological innovation so cyber operators can meet evolving threats with better tools and preparation.
To execute that plan, Cyber Command will establish three new organizations: the Advanced Cyber Training and Education Center to create specialized training programs; the Cyber Talent Management Organization to recruit and retain cyber professionals; and the Cyber Innovation Warfare Center to accelerate development and deployment of cyber technologies. The stated goals are a highly skilled cyber workforce, advanced mission-focused training, and ensured access to resources and tools for cyber operators.
What this means for technologists, procurement leaders, and cyber operators
- Technologists and security teams: Expect increased emphasis on automation and rapid restoration capabilities, especially for identity services; teams will need to align operational playbooks with a resilience-first posture.
- Procurement leaders and vendors: Consolidated purchasing across the DoW raises the bar for vendors to provide scalable, warfighter-ready solutions that meet security and operational requirements at large scale.
- Cyber operators and trainers: CYBERCOM 2.0’s new centers promise mission-focused training and talent-management reforms, meaning operators should prepare for new career pathways and specialized training opportunities.
A strategic shift: prevention, but prepare to recover
What became apparent at TechNet Cyber 2026 is that prevention alone cannot win. The conference’s three threads — the DoW’s operational modernization, the push for resilience-first security postures, and Cyber Command’s investment in workforce and innovation — together sketch a strategic reality: agencies must prevent what they can, but they must also be organized and resourced to survive and recover from the attacks that succeed.
The immediate next steps named at the event are tangible: streamlining Authority to Operate and the Risk Management Framework inside the DoW; prioritizing automated restoration of core identity services across federal and critical infrastructure operators; and standing up the Advanced Cyber Training and Education Center, the Cyber Talent Management Organization, and the Cyber Innovation Warfare Center under CYBERCOM 2.0. How quickly these reforms move from announcements into operational practice will determine whether the shift from prevention to resilience materially reduces mission disruptions.
