NAVWAR Cyber Directorate’s Mission to Secure, Survive, Comply

SAN DIEGO — The Naval Information Warfare Systems Command set up its new cyber directorate last August with a goal of addressing cybersecurity in a more comprehensive way.

The directorate is focused on three big priorities: driving faster adoption of zero‑trust, secure software practices and implementing cutting‑edge defensive technologies.

Rachel Bondi, the deputy director for the cyber innovation unit and chief technology officer for mission systems afloat at NAVWAR, said the directorate is really trying to improve each leg of the cyber stool:

• Secure the enterprise

• Survive the war

• Meet compliance requirements to reduce risk

“Most people think of cybersecurity as the risk reduction and compliance piece, which encompasses the risk management framework (RMF) and authority to operate (ATO) processes. But I like to think of that as going in and inspecting the building, is it up to code?” Bondi said in an interview with Federal News Network at the WEST 2026 conference, sponsored by AFCEA and the U.S. Naval Institute. “As we start to go through those exercises, a lot of it is very ‘check the box’ type of things that are asking ‘do you have the right things in place to be cyber secure?’ That risk reduction process is something that’s evolving now with RMFNext, and what we want to do is have all of our solutions automated so that would be happening in the background, with continuous monitoring and continuous ability to have orchestration and observability by our cyber operators.”

Bondi said if the risk reduction through compliance is achieved mostly through automation, then the directorate can focus its resources on the other two missions of securing the enterprise and surviving the war. She called that “cyber firefighting.”

The Defense Department chief information officer has been on a course to blow up the RMF as part of a broad overhaul of its cybersecurity efforts over the past year. While DoD has yet to release the update to the RMF, the idea is to move toward continuous monitoring and continuous authorization of systems.

Bondi said NAVWAR is giving feedback to the DoD CIO’s office on some of the key factors that should be baked into the RMF Next to move faster toward full automation of cyber defenses.

“If I think of what tool sets need to be deployed, a lot of what we’ve been working on is anything from zero‑trust systems up front, where it’s built in, to being able to have those orchestration tools, managing and monitoring to be able to meet the needs and also to provide non‑kinetic effects,” she said. “What I mean by that is that the systems that we deploy have to be up to three measurements, not the RMF measurements, but how fast can we act that an adversary is in the system, how fast can we get them out, and then how fast can we return to normal? And those are the three measurements that we’re really concerned with in a future state.”

Vice Adm. Heidi Berg, the commander of Navy Fleet Cyber Command, said at the conference that two key tenets of the DoD’s new CyberCom 2.0—focused on recruiting and training the current and next generation of cyber workers—are risk and resilience.

“Understanding risk is one of the biggest and most important ways in which we can accelerate innovation and accelerate change,” Berg said. “We have a lot to do across building mastery across our exquisite workforce, building cybersecurity and system resilience, taking known vulnerabilities and including them in the design of our hardware and fielding it, as well as driving multi‑domain integration.”

Berg added that the Navy must build cyber resilience into programs from design to operations while also improving its teams’ ability to understand risk, using data and tools to visualize it and how it drives investment decisions.

“Oftentimes, we’ve got partners, both in the intelligence community, partners in federal law enforcement and in the interagency and in industry who can identify and see with their endpoints and their broader structure the threats and threat evolution in ways that we can’t within DoD, so getting those lead turns with that extended partner network allows us to better see what is happening,” she said. “The point that I brought up about excepted networks is one that I will hammer home. It’s a key area for 2026, how do we take networks that we’ve allowed exceptions for very good reasons, and bring them in so that we can both sensor and understand the data and the risks and the threats that are flowing across that space?”

Bondi said NAVWAR’s move toward systems that run on software‑defined networks will help them better understand the risks and threats they face.

“It’s much more about looking at that software‑defined network that has continuous monitoring capabilities and providing the tools back to Fleet Cyber Command and the sailors to be able to observe the environments at the application layer, which means that we have to move more toward a common platform for deploying in the environments that works both connected and disconnected,” she said. “What we want to do for Fleet Cyber Command is see what tools they need. So we’re going after specific priorities, having those conversations with the various admirals and then just understanding that it’s something that the team is going to be able to use in the fleet. If I think of cyber as a massive multiplayer environment, you’ve got teams of people with different languages in the coalition forming and then going away for certain particular use cases. And you want to have a system in place that is putting cyber in the background for them doing as much as possible to automate it, so that you don’t have to be worried about the cyber instances that are occurring. You need to be able to get the information for the alerting back to people who do know what they’re looking at, so they can use informed intelligence and information to provide the protection for the mission.”