2022 was a big year for IT modernization and cybersecurity at the Defense Department (DOD), with many developments around hybrid cloud, zero trust, and more to come this year. These were the biggest stories in defense IT that will impact 2023 initiatives, such as the recently awarded Joint Warfighting Cloud Capability (JWCC).
Zero trust dominated tech conversations at DOD all year, culminating in the release of the Pentagon’s long-awaited five-year zero trust strategy, which established a cohesive zero trust vision and outlined the capabilities needed to reach “target level” zero trust readiness by 2027.
The strategy will be crucial to implementing the DOD’s ambitious Joint All-Domain Command and Control (JADC2) plan, which aims to modernize the department’s command and control infrastructure to “deliver information advantage at the speed of relevance.” Zero trust offers the possibility to secure data and information transfer to meet mission demands without compromising cybersecurity or user experience.
The five-year strategy also supports the department’s efforts to move to an enterprise-wide cloud environment. The recently awarded Joint Warfighting Cloud Capability (JWCC) intends to support capabilities such as JADC2, as well as the department’s artificial intelligence (AI) and data acceleration initiative, also known as ADA.
The DOD Office of the Chief Information Officer (OCIO) established Zero Trust Portfolio Management Office (PfMO) to coordinate the department’s zero trust architecture execution. Plus, to complement the Pentagon’s efforts, the Air Force plans to release its own zero trust strategy in early 2023.
Moving forward this year, the zero trust conversation will focus on integrating security solutions across the different service branches and Fourth Estate for ease of communication and data access.
“Zero trust is more than an IT solution. Zero trust may include certain products but is not a capability or device that may be bought. The journey to zero trust requires all DOD components to adopt and integrate zero trust capabilities, technologies, solutions and processes across their architectures, systems, and within their budget and execution plans,” DOD CIO John Sherman wrote in a foreword to the new strategy.
As DOD users became more mobile than ever before due to telework during the COVID-19 pandemic, the Defense Information Systems Agency (DISA) initiated an effort to move network-based security to application-centric and data-centric security. The Thunderdome zero trust prototype became the starting point for moving away from the legacy castle-and-moat cybersecurity approach to extending the perimeter from the user to the edge of the data.
DISA awarded the $7 million Thunderdome zero trust prototype in January 2022 and announced a six-month extension in July, setting the project’s competition date for January 2023.
As the department phases out its legacy Joint Regional Security Stack (JRSS) program to replace with Thunderdome, DISA Cyber Technical Director Drew Malloy said this prototype is not intended to be a singular solution to zero trust.
“Now, is this going to be the ‘be all end all’ for that on zero trust? Absolutely not,” he said at AFCEA’s TechNet Cyber event last year. “But these are the large deltas that we identified in our architecture that we felt we needed to prioritize.”
DOD announced its new division, the Chief Digital and Artificial Intelligence (AI) Office (CDAO), at the beginning of 2022 to further advance the department’s digital transformation with AI innovation. The CDAO merges the now-defunct Joint Artificial Intelligence Center (JAIC) and the Defense Digital Service.
The CDAO is responsible for coordinating and boosting the department’s data and AI efforts. The Defense Digital Service and JAIC functions were reorganized and now report to the CDAO. In April, Craig Martell was named the new CDAO, and the office reached full operating capability in June.
The new office’s priorities include improving user experience and aligning new AI products and services with combatant commanders’ mission needs. Rapid AI innovation is one of the Pentagon’s top priorities as AI will be critical to implement JADC2.
The CDAO will lead AI, data and analytics integration, strengthen industry engagement on AI and lead on “international engagements to enable AI readiness and responsibly use data, comport with data sharing requests and requirements, and adopt AI capabilities at speed and scale.”
One of the DOD’s top priorities is transforming user experience and warfighter experience through artificial intelligence, zero trust and automation.
“One of the things we talk about is user experience, and that is something we are going to be working on,” DOD CIO John Sherman said at the DOD Digital & AI Symposium.
DISA’s Hosting and Compute Center (HaCC) built a cloud portfolio to meet warfighter needs through a user-centered design approach. The Special Operations Command (SOCOM) and DISA are rolling out cloud capabilities in 2023, with user experience remaining top of mind.
The Army introduced new Google workspaces to impact the user experience and tackle the department’s recruiting challenges under direction from CIO Raj Iyer, who recently announced his impending departure. Improving user experience also drives Martell’s vision as he spearheads AI integration efforts across DOD.
“We can’t just deliver good IT, that’s not good enough,” HaCC Director Sharon Woods said at an FCW DOD Cloud Workshop. “We have to deliver a dynamic customer service experience so that we’re not just delivering the best value IT, but we’re doing it in a way that really matters for the customer.”
Defense IT leaders frequently cite good data management and governance as the foundation of AI innovation. As the CDAO continues to ramp up operations, Martell and other defense IT leaders will emphasize data management to get ready for AI.
“We gotta get the data right. And if we get the data right, AI is going to come for free, AI over time is going to happen in the department. I am very confident about that,” Martell said at a TransformX event.
Matt Jacobsen — director of the Air Force’s newest software factory, Hangar 18 — said AI holds promise for all DOD but only if program managers can optimize data management practices, something Hangar 18 hopes to address.
“We have a program manager that comes to Hangar 18 saying, ‘Hey I need help managing my data,’ and we’ll say, ‘What do you need?’ and he’ll say, ‘Gather it all!’ — That’s not a great strategy,” Jacobsen said in an interview with GovCIO Media & Research last year. “A lot of these program managers are not literate in data practice, so we don’t have that relationship. We are in the trenches. We have a very long way to go before we see widespread use of AI and ML in this space.”
Maj. Ryan Harth, deputy director at the AI division in the Force Modernization Center at Army Special Operations Command (USASOC), told GovCIO Media & Research in an interview that data is the heart of AI, which is then the heart of JADC2.
“At the center of AI, ML and predictive analytics is data,” he said. “You can only do any of those with enough of the right and or relevant data. For organizations that are geographically dispersed, such as USASOC, it’s almost mandatory to leverage a hybrid solution to architect the pipelines necessary to move from a producer to a production environment.”
SOCOM CDO Thomas Kenney set plans to develop a data-centric culture to innovate with AI effectively, and CDAO Data Scientist Lead James Doswell described his office’s work as primarily focused on managing data properly before developing AI use cases.
“As we are seeing more people come into the platform and try and build these AI/ML models, agencies are sending data to us and the data you receive one day, the next day something is completely off,” he said at an event last year. “It goes through a lot of different transformations. What we’re trying to do is be able to perform monitoring and learning and perform statistical analysis on that data, learning on top of data as we receive it, then be able to detail-document exactly what’s happening. The amount of time it takes to do that, is there any amount of data drift as it comes in that will affect your AI model? So being able to understand the full lifecycle of the data before it even gets to the AI model [is important].”
In 2023, expect to see more stories around how various DOD components are optimizing data management and governance to prepare for AI.
DOD awarded Joint Warfighting Cloud Capability (JWCC) contracts to Amazon, Google, Microsoft and Oracle at the end of the 2022 calendar year, marking the dawn of a new era for DOD cloud.
The JWCC intends to complement current cloud efforts across the department, such as the Army Enterprise Cloud Management Agency’s (ECMA) cArmy effort, SOCOM’s mobile communications prototype, DISA’s Vulcan DevSecOps program and the DISA HACC Infrastructure-as-Code (IaC) initiative.
DISA’s Woods expects the JWCC to be one piece of the cloud puzzle, not the “end all be all” of DOD cloud, according to a new interview with GovCIO Media & Research kicking off the new year.
Because DOD aims to balance its own private cloud networks with commercial cloud solutions, hybrid-cloud security and modernization challenges will drive the IT narrative at DOD in 2023.
One key trend will be edge computing as the services continue to push data access to the network edge to improve user experience and response times.
Fog computing, which computes data close to the edge of the network instead, allows for higher interoperability and scalability than edge computing, which will be a high priority for defense IT leaders exploring mobile computing solutions for JADC2 in 2023.
The DOD Undersecretary of Defense for Research and Engineering (R&E) Capability Prototypes Office expects the Air Force Research Laboratory (AFRL) to develop innovative fog and edge-computing technologies for JADC2, according to a document published on SAM.gov in August 2022.