Senate Armed Services advances DoD CIO nominee
The Senate Armed Services Committee on Wednesday advanced President Joe Biden’s nominee for Defense Department chief information officer.
The panel approved John Sherman by voice vote during a hearing on Navy Adm. Chris Grady's nomination to serve as the vice chairman of the Joint Chiefs of Staff.
Sherman served as acting CIO for several months before his nomination in September. He was previously named the Pentagon’s principal deputy CIO in 2020.
Sherman served as the CIO for the clandestine community in the Office of the Director for National Intelligence during the Trump administration. He also served as the deputy director for the CIA's Open Source Enterprise and as a deputy national intelligence officer on the National Intelligence Council.
In his confirmation hearing in October, Sherman vowed to examine how the Pentagon, which boasts the largest IT budget in the federal government, attracts talent.
“If confirmed I would move out on a new strategy to look at our cyber and digital talent,” he promised. “This is a whole of nation effort and we must come at it much differently.”
He described China as a “paramount threat to our systems, everything we're doing at DoD … We do not want the Chinese in, or near, our system.”
Sherman said the Pentagon is “well-postured” to withstand a digital barrage by Beijing “based on what I know right now.”
“But as with any sort of defensive mechanisms, we can always improve it.”
He emphasized that working with U.S. Cyber Command and NSA chief Gen. Paul Nakasone to “keep the Chinese back on their heels" would be a "top priority.”
Sherman’s nomination now goes to the full Senate, where he appears to be on a glide path to confirmation.
However, Senate Republicans have blocked national security nominees over unrelated issues in the past.
Martin Matishak is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.