Nation-state actors targeting the defense supply chain want one thing: disruption. That’s the threat Jennifer Roberts thinks about every day as CISO at FGS and why she spent 2025 and 2026 building an organization that can keep running even when an attack lands, earning CMMC certification and standing up a cyber supply chain risk management program along the way.
Roberts is a finalist for WashingtonExec’s Chief Officer Awards in the Private Company CISO Executive of the Year category. The event takes place live June 2.
In this spotlight, she reflects on key achievements, offers advice for those following a similar path, shares current priorities and more.
What key achievements did you have in 2025/2026?
In 2025-2026, my key achievements centered on advancing cybersecurity maturity, resilience and supply chain assurance within the defense industrial base (DIB). I led our organization to successfully achieve official CMMC certification, demonstrating full alignment with required security controls and establishing a sustainable, audit-ready compliance posture. This milestone validated our ability to safeguard sensitive data while maintaining mission effectiveness.
Additionally, I designed and operationalized a comprehensive cyber supply chain risk management program. This included implementing standardized third-party risk assessments, continuous monitoring capabilities, and integrating supply chain risk considerations into enterprise governance. As a result, we significantly improved visibility into vendor risk across critical dependencies.
I also drove cultural transformation by embedding cybersecurity into business operations through targeted training, executive engagement and measurable performance metrics. Collectively, these efforts strengthened our defensive posture, enhanced stakeholder confidence, and positioned the organization as a leader in secure, compliant operations within the DIB.
What are your primary focus areas going forward, and why are those so important to the mission?
Looking ahead, my priorities center on three areas: resilience, intelligence-driven defense and secure innovation. First, cyber resilience — we are evolving from prevention-focused security to ensuring mission continuity under attack. In the DIB, disruption is the objective of our adversaries, so our ability to operate through cyber events is critical to national security.
Second, we are advancing intelligence-driven cybersecurity by integrating threat intelligence more deeply into our operations. Nation-state actors are increasingly targeting the defense supply chain, and staying ahead requires real-time visibility, proactive threat hunting, and strong partnerships with government and industry.
Third, we are focused on secure digital transformation. As we adopt cloud, AI and advanced engineering environments, security must be built in from the start. This includes protecting sensitive design data, enforcing least privilege access, and ensuring that innovation does not outpace our ability to secure it. These priorities are essential because cybersecurity is no longer just an IT function, it is foundational to protecting capability, preserving strategic advantage, and maintaining trust with our partners.
What is your best career advice for those who want to follow in your footsteps?
My advice is to build both depth and perspective. First, master the fundamentals, understand how systems work, how they fail, and how adversaries exploit them. Technical credibility is essential, especially in high-stakes environments like the DIB.
Second, broaden your perspective beyond technology. The most effective CISOs understand the business, the mission and the risk landscape. Cybersecurity is ultimately about enabling outcomes, not just enforcing controls. Third, invest in communication and leadership. Having the ability to translate complex cyber risk into mission impact and influence decisions at the executive level is what sets great leaders apart.
Finally, stay curious and mission-driven. This field evolves constantly, and the threats we face are real. If you stay grounded in purpose such as protecting critical systems, supporting national security, and enabling innovation, you will not only succeed, but make a meaningful impact.