It’s been five years since the Defense Department adopted the Risk Management Framework to assess the cybersecurity of its IT systems. It was a rough ride at first, but DoD organizations have started to work the bugs out. The Army has just launched a three-phase RMF reform effort called Project Sentinel. Nancy Kreidler, the director of cybersecurity and information assurance in the Army CIO’s office talked with Federal News Network’s Jared Serbu about what the Army’s changing, and why.