Teramis, the leading platform for Controlled Unclassified Information (CUI) discovery, validation, and continuous monitoring, announced today that Stacy Bostjanick, former Chief of Defense Industrial Base (DIB) Cybersecurity within the Office of the Department of Defense Chief Information Officer, has joined its Advisory Board. The move comes as defense contractors increasingly face pressure to demonstrate compliance with NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC) program.
Bostjanick brings more than three decades of federal acquisition, cybersecurity, and defense contracting experience. During her government career, she played a pivotal role in the development, evolution, and implementation of the CMMC program, helping shape cybersecurity requirements across the Defense Industrial Base. As Chief of DIB Cybersecurity, she served as the Department's focal point for implementing CMMC across more than 220,000 companies in the DIB and led efforts to guide the program through federal rulemaking.
“Stacy’s leadership has been instrumental in advancing cybersecurity across the Defense Industrial Base and helping organizations understand and navigate CMMC requirements,” said Brandon Sessions, President of Teramis. “Her experience, insight, and perspective will be invaluable as Teramis continues to help defense contractors and compliance partners accurately identify, validate, and continuously monitor Controlled Unclassified Information across their environments.”
Teramis was purpose-built to address one of the most persistent challenges in CMMC compliance: knowing exactly where CUI resides. The platform enables organizations to discover CUI across Microsoft 365, file shares, endpoints, email systems, and other repositories, producing defensible evidence to support scoping, enclave design, assessment preparation, and ongoing compliance efforts.
“One of the greatest challenges organizations face is obtaining accurate visibility into where sensitive information actually exists,” said Bostjanick. “Effective cybersecurity and compliance programs depend on sound data and informed decisions. Teramis is helping organizations replace assumptions with evidence, which is increasingly important as CMMC requirements become operational across the Defense Industrial Base.”
Prior to leading the Department’s DIB cybersecurity initiatives, Bostjanick held numerous senior acquisition and contracting leadership positions, including serving as Head of Contracting Activity for the Defense Intelligence Agency and as a Senior Contracting Officer supporting major missile defense programs. Throughout her federal career, she managed and oversaw billions of dollars in highly complex defense contracts.
The appointment signals Teramis's commitment to helping defense contractors reduce compliance costs, minimize assessment risk, and improve the accuracy of CUI scoping and management. For companies navigating CMMC, having an advisor with deep insight into the program's origins and requirements could prove critical. As Bostjanick noted, accurate visibility into sensitive data is foundational to effective cybersecurity, and Teramis’s platform aims to provide that evidence-based approach.
Teramis describes itself as a purpose-built CUI discovery, validation, and continuous monitoring platform designed specifically for the Defense Industrial Base and CMMC advisory firms. Trusted by organizations supporting more than $10 billion in defense programs, Teramis helps organizations accurately scope CMMC assessment boundaries, validate compliance efforts, manage CUI spillage, and maintain continuous awareness of sensitive data locations. More information is available at www.teramis.us.

