top of page
  • Giesler LLC

Spotlight on Women: Stacy Bostjanick

Stacy Bostjanick is a woman of incredible achievement and is making strides in the realm of cybersecurity for this nation. She is currently the Director of the Cybersecurity Maturity Model Certification (CMMC) program in the U.S. Department of Defense, is a member of the Senior Executive Service, serves as the Chief of Implementation and Policy, and is Deputy CIO for Cyber Security in the office of the CIA.

Before joining the DoD CIO Ms. Bostjanick served as the Director of the Supply Chain Risk Management for Office of the Chief Information Security Officer (Acquisition & Sustainment). She also served at the Defense Intelligence Agency (DIA), as the Head of Contracting Activity, in which she was responsible for planning, managing, directing, and accomplishing the total DIA procurement program. Ms. Bostjanick has worked as a Senior Contracting Officer for the Missile Defense Agency on the Standard Missile 3 Block IA and IB development and production program and was responsible for cradle-to-grave execution of over $5 billion of highly complex, cutting-edge contracts for our nation's missile defense systems. Ms. Bostjanick has also served as the Deputy Procurement Executive with the Office of the Director of National Intelligence where she had responsibility for establishing Intelligence Community Enterprise-wide Policy and submissions to the Program Management Plan on an annual basis.

As the Director of CMMC, Ms. Bostjanick is responsible for driving this critical program through the federal rulemaking process and ultimately implementing the program across more than 220,000 organizations that make up our Defense Industrial Base (DIB). This includes collaborating across the federal government with partners, such as the Department of Homeland Security, to standardize the CMMC process and truly federalize it. Additionally, Ms. Bostjanick is responsible for ensuring that the defense acquisition community is trained and capable of incorporating CMMC requirements into its programs.

During a CMMC Forum back in May, Bostjanick said she is hopeful an interim rule will be approved for the newest iteration of CMMC, CMMC 2.0, which rolled out back in November of 2021. This will allow CMMC 2.0 to through a 60-day comment period after which the program requirements would be able to be included in all federal contracts and acquisitions by May 2023.


bottom of page