At a time when the stakes couldn’t be higher, the DoD needs to harness and apply ingenuity and innovation to bolster U.S. military superiority in the digital age in light of current geopolitical conditions, said Ellen Lord, the former DoD undersecretary of defense for acquisition and sustainment, during the Cyber, IT, and Innovation Subcommittee hearing.
The stakes are too high
Lord emphasized that the DoD needs to streamline its procurement process for software, to build and maintain the advantage of the nation in that realm.
“In an era of strategic competition, among technologically advanced powers, software will shape the nature of deterrence and define national security advantage,” Lord said to members of the subcommittee. “The urgency to empower our defense and national security apparatus across all domains with both the best existing and emerging technology is critical to not only preserve our freedoms but also those of our partners and allies.”
During her statements, Lord explained that the DoD needs to change to ensure the best technology is available at the time, scale, and speed to support our warfighters.
What changes need to be made?
The necessary transformation should encompass the development of a proficient workforce capable of acquiring and implementing top-tier software.
This workforce would intend to reduce time and expenses for emerging innovators supporting national security endeavors, and establishing the necessary infrastructure and governance for effective data management.
“[DoD] agencies must acquire software to meet current mission needs while also having the agility to quickly respond to future threat environments,” Lord said. “This makes DoD’s statutory, regulatory, and budgetary framework ripe for streamlining to build and maintain the nation’s software advantage.”
One method to accomplish this, Lord described, is to lower the ‘barriers of entry’ for new software companies with innovative capabilities.
What is the problem?
A hindering aspect of the process is for software companies to gain approval for software systems. Companies need to be granted an Authority to Operate; this can take up to a year, and the process can require multiple ATO’s depending on the program, services, or DoD entities.
The DoD’s continuous Authority to Operate process is looking to provide ongoing monitoring, cyber-defense, and the adoption of an approved DevSecOps reference design. Unfortunately, there are still steps required before cATO can be fully realized as promised.
“A critical first step is to require an ATO joint standard or common definition ATO for DoD,” Lord said. “Consistent institution and execution across DoD for the evolution from static ATO to cATO will catalyze consistency and portability as systems and software move into continuous evaluation and approval.”
Where do we find innovation?
Lord emphasized to lawmakers the importance of fostering a procurement culture within the DoD that prioritizes purchasing readily available commercial software offerings.
To achieve this, Lord stressed the need to operationalize policies and procedures supporting modern software development and delivery practices.
She highlighted that the procurement process presents both challenges and opportunities in software acquisition. Lord emphasized the necessity of adequate funding, training, and development to equip the acquisition workforce with the necessary skills.
Lord concluded that aligning training innovation with software innovation is essential for the DoD to deliver the most innovative software and technology to its national security workforce.