Why it Matters
The House Armed Services Committee's Cyber, Information Technologies and Innovation Subcommittee convened a hearing on the Information Technology Posture of the Department of Defense on March 26, 2026 — and the session quickly moved beyond routine oversight. The Trump administration's policy, as articulated through its March 2026 Cyber Strategy for America, calls for AI-powered defenses and zero trust modernization — but members pressed whether budget cuts and a hacked commercial messaging app are undermining those goals.
The Big Picture
This hearing marks the first major congressional appearance for Kirsten Davies, confirmed as DoD Chief Information Officer in December 2025 and sworn in January 2026. It arrived amid a cluster of pressure points: proposed $491 million in cybersecurity cuts, a former DOGE official installed as Pentagon Chief Data Officer, and a GAO report flagging gaps in the Cybersecurity Maturity Model Certification program. Just two days earlier, Davies testified before the Senate Armed Services Committee on the same set of issues.
What They're Saying
- On zero trust: "We go with the aspect that the adversary is already in the network. That's what zero trust does." — Kirsten Davies, DoD CIO
Rep. Don Bacon (R-NE-2), the subcommittee chair, opened by framing AI as a battlefield imperative, describing how it can track ship movements and aircraft in real time. Rep. Ro Khanna (D-CA-17), the ranking member, kept his opening brief, zeroing in on zero trust implementation, cloud computing, and responsible AI integration.
The hearing's sharpest moment came over the TeleMessage/SMARS messaging app — a Signal archiving tool publicly reported as hacked. Members pressed Davies on whether DoD personnel used it. She confirmed SMARS is "not used in the Department of Defense currently" and that classified information cannot be transmitted on those devices. When a member noted that the National Security Adviser had reportedly used it, Davies deflected: "That's a different agency, sir, with different protocols."
When asked directly about her office's top priorities, Davies offered a notable disclosure: "It's the number two priority in my office right now. Number one is another classified endeavor."
Political Stakes
Davies is navigating a structurally difficult position. She has been in her role fewer than three months, is defending a zero trust strategy largely developed under prior leadership, and is fielding questions about DOGE-linked budget cuts she may not have controlled. Her testimony on the DoD-VA medical records gap — where she said she would "have to get back" to the member — underscored the limits of her current situational awareness. A second witness, referred to as "Ms. Harrington," stepped in to fill the gap, offering a blunt assessment: "It absolutely does not work."
For the administration, the hearing exposed a tension it cannot easily resolve: claiming cybersecurity as a priority while cutting $491 million from cybersecurity programs and installing a former DOGE operative in a key data role.
The Other Side
Davies articulated a four-pillar modernization strategy — covering network infrastructure, agile software delivery, risk-based cybersecurity, and workforce development — that aligns with the administration's stated goals. She pointed to JWCC Next as a tool to reduce cloud contract sprawl and improve financial transparency, and cited FY2026 NDAA provisions to expand competitive compensation for cyber professionals. On spectrum, she explicitly invoked President Trump's Golden Dome initiative as a national security priority her office is working to support.
What's next
The FY2026 NDAA mandates a new DoD cybersecurity working group be established by June 1, 2026 — just 67 days from the hearing date. The subcommittee's findings are also expected to feed directly into the FY2027 NDAA markup, which typically begins in April. The Pentagon's Zero Trust Strategy 2.0, expected "around March 2026," remains a pending deliverable the subcommittee will continue to track.
The Bottom Line
Davies's debut before the House Armed Services Committee revealed a Pentagon IT posture under genuine strain — modernizing on paper while absorbing budget pressure, leadership turnover, and questions about whether senior officials across the government are even using authorized tools.
Access the Legis1 platform for comprehensive political news, data, and insights.
Spot something wrong? Report an issue with this article