DISA has finally realized everyone is responsible for DoD cyber security rather than just the professionals:
As the pace of connectivity spurs forward, the job of protecting the networks has also expanded, often beyond the resources of the people meant to protect them. DISA Chief Technology Officer David Mihelcic said that because of the speed and adaptability of bad actors, cybersecurity has now moved to a kind of horizontal altruism that affects multiple elements of the information technology industry.
“Security cannot be the sole domain of cybersecurity specialists,” he said. “It has to be owned by everyone, to include the program managers and engineers who are developing and acquiring the system, the system administrators charged with operating the systems.
“We are going to have specialists. We’re going to have the CPTs — the cyber protection teams. We’re going to have offensive information and our cybersecurity forces as well, but cybersecurity cannot be the sole domain. We, the developers, the technologists and you, our mission partners, need to ensure that the [whole thing] is secure.”