There have been directives from top levels of Army leadership to cut down on business systems and automate capabilities where possible.

“It’s a big push right now from the secretary and the chief is, hey, do we need all of these systems, why do we have them?” CIO Leonel Garciga said during a presentation Wednesday at the Potomac Officers Club’s Army Summit. “A lot of it is a process. Lot of it is, ‘we’ve had it for the last two decades, sir.’ Some of it is really old.”

Unveiled at the end of April, the Army Transformation Initiative is a top-down effort to improve how the service operates by shrinking headquarters elements, becoming leaner, slashing programs that aren’t efficient and changing how money is spent.

The goal is to cut obsolete programs and systems that don’t contribute to success on the modern battlefield.

“The Army is trying to change as fast as we are seeing the operational environment change as well as the technological environment change. Army Transformation Initiative is actually our response to that and how can we go about doing that,” Lt. Gen. Karl Gingrich, deputy chief of staff, G-8, said at Wednesday’s summit. “You’re going to start to see what we are trying to do and how we are trying to move faster to respond to that operational environment. No longer can we wait for the next [Program Objective Memorandum], for the next budget cycle. We have to be able to change now and change at the pace that is required of us as a force … It’s also about structure, and what we’re trying to do is eliminate waste and obsolete programs. You’re going to see a lot of different change inside of our equipping programs. You’re going to see a lot of different change inside of our force structure. We’re paying for this, largely, mostly ourselves.”

Garciga noted that for him as CIO, ATI means rethinking the way they deliver capability across the board, but officials are still working through that.

Secretary Dan Driscoll and Chief of Staff Gen. Randy George have both asserted that the Army wants to buy commercial where possible and try to get out of the paradigm of developing long-yielding programs of record — all in an effort to speed capability to field.

“The model is going to change and I think that’s — I keep stressing this idea of our traditional model of full stack, bespoke capabilities, just going to tell you that’s pretty much dead,” Garciga said. “There’s very few areas where it’s like, yeah, that makes a lot of sense, we should probably do that. Almost holistically, across the board, as we triage just functions that are happening across the enterprise, more and more, what we’re seeing is, hey, we can just do this here, let’s go get that done. Starting to think about what that model looks like, it’s really, really important.”

Garciga also noted that the undersecretary recently signed a memo directing major Army organizations to submit three human-intensive processes to the CIO to focus on how to either automate them, augment them with artificial intelligence or machine learning, or get rid of them entirely.

“Lots of cuts, dynamic workforce shaping, it’s a little different right now. How do we make up for some of those losses and still provide capability and take this opportunity to actually relook and rethink things that we’re doing in the Army right now to deliver capabilities?” Garciga said. “I think this is really important, long time overdue. It really took the stress on the system to get really serious about, oh my god, we still have to do the mission, how do we really look at doing this more efficiently? Big push, so next 20 days, we’re going to see a lot of churn on that.”

These new initiatives could provide big opportunities for the defense industrial base to support the Army, Garciga said, charging audience members to start thinking about how their organizations can contribute.

Members of Congress, on a bipartisan and bicameral basis, have been frustrated so far with the Army regarding the rollout of the broader transformation initiative. While there has been widespread support for the underlying notion of the effort, service leaders have yet to transmit any documents related to ATI, to include analysis for how the decisions to cut programs were made, or how officials will make funding and program decisions in the future.

Army Secretary Dan Driscoll told the Senate Appropriations Subcommittee on Defense earlier this week that in the next 10 days, lawmakers can expect to see documentation.

The post In line with Army transformation efforts, CIO looks to streamline business systems and push automation appeared first on DefenseScoop.

“This is something that, when they say ‘incidents happen,’ it innovates us and urges us to make the requirement, and make the devices, and make the technology available. So, this is something that we are taking as a priority,” Katie Arrington, the senior official performing the duties of Pentagon CIO, told lawmakers Thursday.

She shed new light on those and other near-term plans during a House Armed Services subcommittee hearing about the DOD’s current IT and AI posture.

Reports first emerged in March that Defense Secretary Pete Hegseth shared high-stakes military operational plans in a group chat — via the encrypted but unclassified texting app Signal — with several of his counterparts in the Trump administration and an American journalist (who unveiled the ordeal after he was accidentally added to the group chat). Cybersecurity advocates, former military officials and members of Congress immediately raised concerns about the messages and warned that sharing classified or sensitive information on non-government platforms about planned military operations could put servicemembers’ lives at risk.

With support from President Donald Trump, Hegseth repeatedly pushed back on criticism about his Signal use — and news reports have since surfaced that the SecDef has texted in multiple other chats on the app, where Pentagon business was discussed. 

In April, the Pentagon inspector general opened an investigation into Hegseth’s participation in transferring details about impending military operations on unclassified networks. Officials involved are also reviewing whether DOD’s official policies and procedures were followed and if records retention requirements were met.

“The way we have traditionally communicated is going into a [Sensitive Compartmented Information Facility, or SCIF] and having a high-side communication, and that has been the way we have worked it for many, many, many, many years. And we’re evolving. The technology is evolving. And I will just say that it is [up to] my office, along with many others, to ensure that we come up with a real capability in real-time to allow that communication to go forward. It’s paramount,” Arrington said.

“And I’m not really fond of voice [communications]. I think that there’s enough microphones and people out there in the world that I really like the idea of text messaging and ensuring that our elite senior leaders can communicate effectively away from their offices, because the government doesn’t [just] function within the building, within the Pentagon, or within the White House, or within this building itself,” she added.

Earlier this week, Trump named Kirsten Davies to serve as the DOD’s next CIO in a permanent capacity. Until she takes the helm, Arrington is currently wearing dual hats as acting CIO and chief information security officer. During Trump’s first term, Arrington served as the department’s CISO for acquisition and sustainment. In 2021, under the Biden administration, it was disclosed that her clearance was suspended as “a result of a reported Unauthorized Disclosure of Classified Information and subsequent removal of access by the National Security Agency.” Public details are sparse, but a lawsuit associated with the scandal was settled between Arrington and the DOD in 2022.

At the hearing on Thursday, she told lawmakers that — behind one other “classified endeavor” — finding a way for senior government leaders across agencies and the White House, as well as members of Congress, “to have true secure communications on a day-to-day basis” is considered the “number two priority” in her office.

“That’s what I’m doing right now, sir, because it is paramount for me,” Arrington reiterated.

She didn’t expand on what the unfolding efforts to accelerate secure texting options currently entail. In her written testimony, Arrington pointed to one key modernization initiative that will involve producing an enterprise-wide Mission Partner Environment to underpin secure information exchanges between U.S. officials and international allies at various classification levels.

“My office’s job is to make sure that we do better for both you, the secretary of defense, the deputy, the president — everyone across the board — it’s a forcing function. It is something that is a priority for our office to make sure that we have that in rapid time. I would be more than happy to give you a classified brief on all of the efforts that we’re doing to ensure security of communications,” Arrington told lawmakers at the hearing.

The post Post-Signalgate, Pentagon CIO prioritizes secure platforms for sensitive instant messaging appeared first on DefenseScoop.

Under the Software Fast Track (SWIFT) program, the Pentagon will use artificial intelligence to replace legacy authority to operate (ATO) and Risk Management Framework (RMF) processes when buying new software. Acting DOD CIO Katie Arrington signed a memo authorizing the new effort, and it will officially launch May 1, she said.

“We need to change our thought process, because having software in an ATO that is a static environment doesn’t help the warfighter,” Arrington said Tuesday during a keynote at the UiPath on Tour Public Sector event, produced by FedScoop. “What changes every single day is the network, the software [and] the environment. Why are we so structured to stay in a static position when our adversaries are always dynamic?”

As the Pentagon becomes more dependent on software-based capabilities, leaders have looked to pivot away from traditional ATO frameworks encumbered by lengthy administrative processes and manual paperwork that can stifle modernization. Some organizations have begun exploring continuous authority to operate (cATO) methods, which use automated monitoring and security controls to approve software without need for reauthorization.

Instead, SWIFT will do a third-party assessment of companies’ cybersecurity postures based on 12 risk characteristics. Vendors will also be required to provide a software bill of materials (SBOM) “from production and sandbox” that is certified by a third party, Arrington said. 

“I have AI on the backside — large language modeling — that will determine if there are any anomalies, if there’s something in your source code that’s bad. If not, you get a provisional ATO,” she said.

Arrington added that SWIFT will allow the department to pivot away from the current RMF, a structured set of guidelines used to identify and manage potential cybersecurity risks on networks. For more than a decade, the framework has guided the Pentagon’s acquisition process for all of its systems — from development to sustainment.

“I’m blowing up the RMF. The RMF is archaic, it’s a bunch of paperwork,” Arrington said. She added that in the next year, she hopes that ATOs are “something I never hear about again.”

SWIFT comes as Secretary of Defense Pete Hegseth is pushing the entire department to speed up procurement and delivery of digital and software-based capabilities. In March, Hegseth issued a memo that calls on Pentagon leaders to use innovative acquisition authorities — from the Software Acquisition Policy to commercial solutions openings — to rapidly buy software.

“We need more innovation. The [secretary of defense] has told us, bring software, bring [commercial-off-the-shelf] into the building faster, at a more rapid rate,” Arrington said. “And our job is to ensure that we are doing the best to ensure that we have lethality, that we’re ready and that we’re efficient.”

When the program launches, Arrington said she plans to bring together all of the department’s CIOs, chief information security officers, the acquisition and sustainment directorate and other stakeholders at the Pentagon. In the near future, the department plans to release a request for information (RFI) to gather industry input.

The post New Pentagon program to speed up software acquisition set to launch May 1 appeared first on DefenseScoop.

Questions have swirled inside the DOD since President Donald Trump directed all federal agencies to dramatically shrink their civilian workforces early into his second administration. 

Those efforts began with actions by multiple agencies across the federal government to fire recently hired or promoted workers who are in a trial period known as probationary status. Several recent legal decisions, however, have reversed those terminations — at least temporarily. The decisions include an order from a Baltimore-based federal district judge affecting 18 federal agencies and another from a San Francisco-based federal district judge affecting six agencies, including DOD.  

Although it’s not a definitive number of all probationary employees separated from DOD to date, a new declaration filed in the case before the U.S. District Court for the Northern District of California sheds light on some of the early impacts defense personnel are experiencing as a result of Trump’s order. 

In the filing, Timothy Dill — the official performing the duties of the assistant secretary of defense for manpower and reserve affairs — revealed DOD records indicate that since Feb. 13, the department “separated, or notified of termination, 364 probationary employees in light of recent” guidance from the Office of Personnel Management.

Since then, the Pentagon “directed DOD military departments and components to offer reinstatement or revoke pending termination notices for these employees,” he noted. The department started a process to rehire roughly 65 employees, so far.

“The remainder are pending notification, declined to accept the offer of reinstatement, or requested additional time to consider the offer,” Dill wrote.

This declaration came after Judge William Alsup requested information from the government about placing reinstated probationary employees on administrative leave. 

Alsup cited “news reports” that at least one agency had placed reinstated staff on administrative leave, and said that was “not allowed by the preliminary injunction.” He later followed up that request, noting that the documents the government provided showing compliance with an order from the District of Maryland didn’t include DOD, and asked for an update from the Pentagon.

In the declaration, Dill confirmed that staff being reinstated are being placed on administrative leave from the time of their termination until they complete appropriate onboarding procedures. Those with pending statuses will remain on administrative leave until a decision is made about their future.

That process appears to reflect a similar approach being taken at other agencies. In the declarations provided in the District of Maryland case, most of the 18 agencies said they were placing reinstated workers on administrative leave.

In a response Thursday, the unions and other organizations that brought the Northern District of California case argued that the information the government provided — including the statement from DOD — doesn’t show compliance with the preliminary injunction.

Specifically, the plaintiffs said the government falls short “by failing to communicate the information ordered by the Court; and by placing previously-terminated employees back only on ‘administrative leave’ rather than returning to service.”

The plaintiffs include AFL-CIO affiliates the American Federation of Government Employees and the American Federation of State, County and Municipal Employees, Main Street Alliance, the Coalition to Protect America’s National Parks, and other groups.

In an off-camera press briefing Tuesday, two senior defense officials noted that removing probationary employees is one of three primary mechanisms DOD is applying to carry out its workforce reduction process across a pool of more than 900,000 employees. Originally, as part of the plan, Defense Secretary Pete Hegseth announced aims for the department to part ways with about 5,400 probationary employees.

“The first removals of probationary employees were directly focused on employees that were documented as significantly underperforming in their job functions, and/or had misconduct on the record,” a senior defense official told reporters.

They also suggested that in recent weeks “there has been no other signal from the department on future intended removals of probationary employees.”

It remains unclear on Thursday where technology-aligned positions fall among the Trump administration’s priorities for what roles will be retained during their major workforce reduction effort. 

DefenseScoop sent requests for more information to spokespersons at DOD’s personnel and readiness directorate, Chief Information Office, Chief Digital and AI Office, Defense Innovation Unit, All-Domain Anomaly Resolution Office and the Defense Information Systems Agency.

A communications official for the P&R directorate referred DefenseScoop to each of those individual offices for breakdowns of their probationary terminations and reinstatements. 

Spokespersons from the department’s CIO and DIU acknowledged the inquiries but haven’t yet provided responses. CDAO and AARO spokespersons declined to provide personnel numbers or share details about the impacts on their workforce.

The post Court filing offers insight into DOD’s probationary workforce kerfuffle after firings appeared first on DefenseScoop.

Mark Gorak, the organization’s principal director for resources and analysis, shared new details about those unfolding modernization plans Thursday and discussed areas where new Trump administration-led changes and disruption could help enable or accelerate ongoing efforts.

“I look at this [period of transition] as a challenge and an opportunity, and how we can do things differently. So to leverage technology, the very first thing I think about is not the way we do it today, but if I had to do this today — this function, if I had to redesign it today — what would that look like?” Gorak said at FedScoop’s Federal Forum.

Before becoming a longtime senior advisor in multiple hubs at the Defense Department, Gorak served in the U.S. Army for more than three decades. In his current role, he’s intent on applying real-world data and analytics to inform decision-making across all aspects of the DOD’s cyber enterprise.

“You have to start with the data. So, I run the cyber workforce for the Department of Defense — about 225,000 people. So the first thing I asked is, well, how many people do we need? How many people do we have? What level of qualification are they and what are the requirements for each of those positions?” Gorak said.

Over the last two years, his team has been working to answer those questions and ultimately define the specific knowledge, skillsets, abilities and task proficiencies that future employees would need for each of the department’s 73 different cybersecurity roles.

“We’re moving away from education, certification, experience, pedigree — and we need to get to skills-based hiring. One of my number one goals for this year is to get to skills-based hiring. I’m working with other federal agencies to allow us to do that. Again, I think this is a great opportunity with this administration coming in and the momentum to make these kinds of things happen,” Gorak said.

Officials in the CIO’s office have also recently begun to identify the proficiency levels that each individual and organization needs to accomplish their broader missions at the department.

“We just started that this year. It was due last month for cybersecurity. By February of next year, we’ll have our entire workforce proficiency levels coded. So, that’s where the data comes from. And that’s a foundation of how we’re doing everything,” Gorak noted.

One contemporary challenge or “frustration,” in his view, is associated with the years-long and often drawn out timelines it takes to introduce new HR policies and technology platforms within the DOD.

“To get a system approved from start to finish, the department takes two to four years. So we have to be more agile, flexible and responsive to the needs. And our needs are determined by the enemy, by our adversaries, so we have to keep up with them,” Gorak said.

Offering a price comparison, he said that for the cost of one F-35 Joint Strike Fighter aircraft, officials could “redo the entire HR systems within” the Pentagon. 

However, Gorak recognizes that that argument wouldn’t sell well to supporters of the JSF.

“So how do I communicate that this is a priority, with all the other priorities we have? And, to me, it’s that teaming aspect of what do our people deliver and how do they deliver it — and that partnership with technology,” he explained.

“This is a golden opportunity for us in that as we are reducing people, which I think we will, we have to have technology. So that’s a catalyst for us to actually start to make real change and to make it quickly,” Gorak said. 

The post DOD cyber workforce policy leader sees ‘golden opportunity’ to modernize appeared first on DefenseScoop.

The review will launch as the Pentagon is moving to modernize its communications and data transport capabilities and implement warfighting concepts like Combined Joint All-Domain Command and Control.

“We’re kicking off a study soon on non-terrestrial networking protocol. And I think that’s going to really allow us to take the scalability, the network management agility of 5G and really push that across a lot of our communications architecture,” Mike Dean, director for C3 infrastructure in the office of the DOD Chief Information Officer, said Thursday during a panel at the Potomac Officers Club’s annual Defense R&D Summit in Northern Virginia.

The NTN examination, which is slated to begin in a few weeks, will include officials from across the department as well as engagement with industry, according to Dean.

“It’s a kind of an internal look in the DOD, across the DoD, [with] a lot of stakeholders. And it’s both with industry and our DOD mil [departments] and agencies,” he told DefenseScoop at the conference. “We’re just trying to get a sense of where they are and where they’re headed, so we can set policy and resources.”

The Pentagon is pursuing new satellite systems, drones and other airborne platforms to help move data and better link U.S. military forces and key allies and partners.

The plan for the upcoming study is to “do industry engagement, bring those folks in, start saying, ‘What kind of capabilities do you have? What are you working on?’ So that we can look long term and say, ‘How do I set the requirements, how do I set the resources, and how do I set the architecture and policy?’” Dean remarked. “Because what we don’t want to do is be in a situation where we have Tetris, we have all these solutions coming in, and now we’re trying to mix and match. And having that framework in place allows us to do it quicker.”

DOD has a variety of initiatives underway that are expected to boost non-terrestrial networking. For example, the Space Development Agency is moving forward with plans to build out a massive constellation of hundreds of satellites in low-Earth orbit known as the Proliferated Warfighter Space Architecture for data transport and missile tracking.

The Pentagon is also working to onboard new wireless tech with 5G and “FutureG” initiatives.

These efforts are intended to help the military communicate faster and manage data more effectively.

“One of the things we’re excited about when you look at taking satellite communications from [geostationary orbit] all the way down to LEO and not GEO, [is] you’re able to … decrease latency, increase throughput. And that’s the kind of advantage you [also] get from 5G. So we think if you pair those two, that’s going to be pretty powerful, particularly as you’re trying to track” forces that are forward deployed and keep up with “the pace of battle,” Dean said.

The post Pentagon to launch new study focused on non-terrestrial networks and protocols appeared first on DefenseScoop.

President Donald Trump has nominated former Fox News host Pete Hegseth to serve as defense secretary, and billionaire investor Stephen Feinberg to be deputy SecDef in his second term. Both men need Senate approval. If confirmed, they and the White House will have the option to name new officials or keep on existing staff for certain top Defense Department positions.

In conversations over email this week, sources revealed who is currently functioning in a few of those key roles between now and the arrival of DOD’s new bosses.

“Acting Chief Information Officer is Ms. Leslie Beavers,” a spokesperson told DefenseScoop late Tuesday.

Beavers, who retired from the Air Force as a reserve brigadier general, was tapped as acting CIO in July 2024 after John Sherman’s departure. She previously served as Sherman’s deputy and helped oversee multiple high-stakes, enterprise IT initiatives inside DOD.

A Pentagon spokesperson also confirmed that Gurpreet Bhatia is temporarily serving in dual-hatted roles as acting deputy CIO for cybersecurity and DOD’s chief information security officer. Before working at the Pentagon, Bhatia led the National Security Agency’s engagements with foreign partners, among other senior government roles.

Defense acquisition expert Radha Plumb assumed the role of DOD’s chief digital and artificial intelligence officer in April 2024. In a recent interview ahead of her planned departure from the department, Plumb told DefenseScoop that Principal Deputy CDAO Margie Palmieri was set to serve as the acting chief of the office in the interim until Trump’s pick is named.

Personnel in the CDAO told DefenseScoop Wednesday that the hub is largely operating as if Palmieri is its director this week. Pentagon spokespersons did not confirm that she’s officially leading the organization.

Separately, sources at the Defense Innovation Unit told DefenseScoop this week that former Apple executive Doug Beck continues to head the organization, where he took the helm in April 2023. Historically, “the DIU director is not a politically appointed role,” one official noted.

The post DOD names officials temporarily helming key tech offices as the Pentagon awaits new leadership appeared first on DefenseScoop.

In an exclusive interview Tuesday, Department of Defense acting Chief Information Officer Leslie Beavers briefed DefenseScoop on this unfolding pursuit — and the overarching aims for expanding it to enable the U.S. military, Canada and their other closest international partners to work more seamlessly and securely together on combined operations.

“At the heart of interoperability between nations is trust and cooperation. And ICAM is partially a technology solution, but the more challenging part is the cooperation portion and the solution,” Beavers explained.

Putting it simply, ICAM for the DOD refers to a broad approach for establishing and maintaining trusted environments where users can tap into authorized resources — like databases and information systems — while ensuring the department knows who is on the network at any specific time. It’s also a key element of the broader zero-trust architecture concept that the Pentagon is currently moving toward.

While many ICAM capabilities are already functioning across the Pentagon, there’s much room for improvement, and innovation — particularly with international allies.

“We were talking about ICAM when I walked in the building in 2018 and I hadn’t seen any really noticeable progress. That’s why I went all in last year to make headway on ICAM. And so, I think we’re to the point where we’ve got good momentum. We’ll keep building on these lessons, and then we’ll take it to the next level and make a functional, scalable, sustainable and secure network for our allies and partners, as well as the joint force,” Beavers said.

The CIO and members of her team meet every six months with their counterparts across the Five Eyes alliance, comprised of the U.S., Canada, Australia, New Zealand and the United Kingdom. 

When a new top information official from the Canadian Forces, Ross Ermel, joined those meetings fairly recently, Beavers said they immediately “just kind of hit it off.” With shared intent to accelerate ICAM interoperability between the nations, Beavers and Ermel volunteered to collaboratively scope the complex challenges down from the large chunks they’d been going after to a much smaller problem they could pilot a technical solution for and work out the policy issues around to ultimately make some meaningful headway.

“And we had a big win last week when we made that happen for 35 people. It sounds like a small number, but it was the first technology solution where we truly federated our identity, credential and access management. That means that the U.S. identity provider computer trusted the Canadian certificates coming through, and vice versa. So that is a big step,” Beavers said.

Though she didn’t share the name of the ICAM capability or any platforms that might be involved in the pilot, the CIO confirmed that this is associated with a combined IT system that the U.S. and Canada built together and have been using for years — but the identity piece has always been managed on the American side only. 

In federating it, the Pentagon team is now expanding its “trust” to the systems of another nation.

“So this enables them to log in from Canada, using their own identity provider to get access to these combined systems that we both use. So, it sounds small, but it is quite monumental,” Beavers told DefenseScoop. 

Building momentum on these smaller-scale “baby steps,” she said the next steps involve working through the engineering and policy challenges to expand it with other Five Eyes partners in a way that should also work with every member of the NATO alliance down the line.

“We’re using kind of this small use case as the pathfinder, and then we’re building on those lessons, with an eye on exporting to NATO,” Beavers explained.

She and Ermel are set to spotlight this work at the NATO Edge Conference on Wednesday.

When previewing this latest progress for DefenseScoop, Beavers added that she’s hopeful the nations involved right now will go all in on building out the solution and accelerating the overall adoption — “because the follow on will be an update to [Allied Communications Publication 240], which is the Five Eyes directive on how to set up networks.” 

Notably, the CIO and her team also consider this work to be “foundational” and “a major enabler” to the Pentagon’s plan for fully realizing next-generation, Combined Joint All-Domain Command and Control (CJADC2) that leaders believe will be a key to winning in future warfighting constructs.

“The important thing to understand is this is part of a three-step journey that gets us to full interoperability with allies and partners,” Beavers noted.

Step one encompasses instituting zero trust in the cloud. ICAM is the second piece that allows the DOD to know and trust who accesses its information in the clouds and makes them all function together. And the third step is attribute-based access control, which Beavers said occurs at the application level. 

“So, we are making steady progress, and by the end of next year — with a bit of luck — we should have those three solved, at least in a simple use case, which will jump-start us as a community to build out a lot more functionality,” the CIO told DefenseScoop. 

The post US, Canada reach ‘monumental’ ICAM milestone they hope to expand across NATO appeared first on DefenseScoop.

He entered the role in December 2021, a tumultuous era marked by controversy over the Joint Enterprise Defense Infrastructure (JEDI) cloud effort. In the midst of the fallout, Sherman recognized that the department needed to pivot.

“I truly felt we were figuratively fighting and dying on a hill not worth fighting and dying on,” Sherman told DefenseScoop. “All this litigation that we were stuck in and back-and-forth between the several cloud service providers, I felt we were all expending energy against the wrong goals.”

Six months into his tenure as DOD CIO, he made the recommendation to cancel JEDI — a program that sought a single vendor for the Pentagon’s first enterprise cloud capability — and pivot to a multi-vendor acquisition process under what is now known as the Joint Warfighting Cloud Capability (JWCC).

“That, to me, has been the flagship or one of the top achievements I’ve had as CIO,” Sherman said.

Sherman announced June 6 that he would be departing as Pentagon CIO by the end of the month, moving into a new role at Texas A&M University, his alma mater, as the Dean of the Bush School of Government and Public Service.

During an exit interview with DefenseScoop on Monday, Sherman reflected on his nearly three-decade career in government where he often campaigned for novel approaches and technologies to accomplish missions.

“Anytime you’re doing something new, you’re gonna break some glass doing it,” he said.

A ‘digitally focused’ IC

After serving in the Army as an air defense officer in the 24th Infantry Division, Sherman said he was interested in working in the intelligence community and initially applied to be an all-source analyst at the Central Intelligence Agency.

But when he received his interview package, he was sent to Building 213 in Washington, D.C.’s Navy Yard where the DOD was standing up the new National Imagery and Mapping Agency — now known as the National Geospatial-Intelligence Agency (NGA). Sherman was hired as an imagery analyst in 1997, investigating and distributing geospatial intelligence on the Iraqi Republican Guard.

“Working that Republican Guard account for several years will, and continues to be, one of my fondest memories in the IC — working with some amazing teammates in Building 213 supporting U.S. Central Command and other entities with what I thought was insightful analysis during the no-fly-zone days, and then moving to the start of Operation Iraqi Freedom and onward,” Sherman said.

He would spend the next 23 years in the intelligence community, including as the CIA duty officer in the White House Situation Room, an all-source analyst on the National Intelligence Council and a role at the NGA Office of the Americas.

Notably, Sherman was part of the small team that was present in the White House Situation Room on the morning of the September 11 attacks on the World Trade Center.

“It was a sobering experience, but also we were honored to be there to support crisis operations on that day,” he said.

In 2014, the CIA was looking to become more “digitally focused,” and Sherman became one of two deputy directors of the CIA’s Open Source Enterprise (OSE) managing the tradecraft of open source intelligence. He led the Middle East and Asia portfolios, as well as the portfolio for emerging technologies where he first began experimenting with commercial cloud capabilities, he noted.

While at OSE, Sherman helped stand up a low-side cloud capability called the Open Source Data Layer and Services (OSPLS). The effort leveraged Amazon Web Services and other capabilities provided by the IC’s Commercial Cloud Services (C2S) program to provide a cloud-based environment for less sensitive and non-critical information.

He detailed how he also took part in the Eyesight Mission Users Group. Although the group’s focus is classified, Sherman said the experience taught him critical lessons on data standards and exactly how cloud technology works.

“What I was able to do was, as one of the initiative leaders, use open-source gathered information to feed into NSA’s gov cloud — which was their part of the classified capability — to then run the compute against this open-source information and find new things that we would not have been able to discover otherwise,” he said.

Sherman was later tapped to serve as the intelligence community’s CIO in 2017, and during his time he initiated several innovative changes that allowed the IC’s IT enterprise to evolve. 

One of those was shifting focus on a program known as the Common IC Desktop Enterprise, which initially looked to create a unified architecture that would allow analysts and officers to move between agencies without the hassle of transferring their data. Despite all of the money and time the IC had already invested into the effort, Sherman said he recognized it wasn’t working.

“It was never going to scale out to being this IC-level capability that it was envisioned to be, and so we pivoted to a federated architecture where we would have standards and then be able to accomplish some of the same interfaces — but not with this unified overall architecture that we were first going along,” he said. 

Another accomplishment as IC CIO was the creation of the Commercial Cloud Enterprise (C2E) program. The intelligence community had been using a single-vendor approach under C2S since 2014, and Sherman initiated the follow-on C2E effort to bring a multi-vendor, multi-cloud capability to the IC in 2020, with Amazon Web Services, Microsoft, Google, Oracle and IBM serving as vendors.

“I’ll also admit this freely — C2E was the model for what became JWCC at DOD,” he said.

Leaning into hard decisions

Sherman was brought into the Defense Department as the principal deputy CIO in 2020, later replacing then-CIO Dana Deasy when he left his position in 2021. Although the department was grappling with many problems with its IT enterprise then, there are still a number of other issues the new CIO who replaces him will face in the future, he said.

“I don’t know what the next hard decision is going to be, but be ready to lean into that,” he said. 

Still, Sherman touted the accomplishments he made during his time at the Pentagon, especially related to the department’s pivot to JWCC and the awards made to Google, Oracle, Amazon Web Services and Microsoft for the program at the end of 2022.

He noted that over $700 million worth of task orders across all three security classifications have been awarded through JWCC to date, with organizations like the F-35 Joint Program Office, defense agencies and combatant commands all on board with the program.

JWCC’s growth has also initiated the Pentagon’s new Joint Operational Edge (JOE) initiative to provide cloud capabilities at the tactical edge — a concept he calls the “lily pad.” One JOE cloud has already been installed at Joint Base Pearl Harbor-Hickam in Hawaii, another is coming online next in Japan, and the Pentagon is currently looking at sites for a third one in Europe, he said.

“One of the big things that we talk about a lot with cloud tradecraft is procuring cloud is not the end of the story. You have to learn how to use it, you have to learn how to apply it to your mission,” Sherman noted.

As it prepares for the next phase of the program, dubbed JWCC 2.0, Sherman has directed the CIO’s team to conduct an after-action review of the entire effort. 

“While I’m a huge fan of it, I know it’s not perfect. Because like with C2E, we’re kind of figuring out how to walk and chew gum in a multi-vendor environment,” he said. “What can we do better for JWCC 2.0? Are there things we can put into place to make [software-as-a-service] offerings easier to manage?”

Along with cloud modernization, Sherman has led efforts to improve user experience at the department by creating a UX portfolio management office at the CIO, fix the lengthy authority to operate (ATO) process in response to complaints from industry, and move the Pentagon into adopting a zero-trust cybersecurity framework by 2027.

In a statement to DefenseScoop, Deputy Secretary of Defense Kathleen Hicks praised Sherman for positioning the department for success while he served as CIO.

“John tackled some of the most complex challenges in the Department during his tenure, advancing the Department’s information advantage and improving our decision superiority, from the combatant commander down to the platoon leader,” Hicks said. “His leadership on ground-breaking initiatives such as the Joint Warfighting Cloud Capability, Zero Trust Architecture, and the Emerging Mid-Band Spectrum Sharing assessment materially strengthened US national security.”

A key challenge for the department moving forward will be to ensure it is modernizing at the pace it needs to, all while leveraging industry capabilities when it can, he said.

“As we talk big thoughts about edge cloud and transport and zero trust, never forget that it comes down to a service member’s ability or civilian’s ability to do their job — not only at the Pentagon, but out at Osan Air Base in Korea, or onboard a ship in the Red Sea, or at a special forces detachment in Africa,” Sherman emphasized.

Another will be tackling the Pentagon’s growing tech debt, he added. Warfighters are still using a lot of outdated technology from previous conflicts in the Middle East, and Sherman noted that understanding that priority and leveraging the entire enterprise to address it quickly is crucial for the department.

“We’ve got to pay the piper on this because in the digital battlefield that we’ve seen in places like Ukraine and what we could have to face in the western Pacific, these digital IT capabilities are war-winning technologies,” Sherman said. “It’s not just blinky lights and data centers, this is the difference for decision capability for our commanders.”

When asked what advice he would give to the next DOD CIO, Sherman emphasized the importance of working as a team with all of the departments and components at the Pentagon, as well as collaborating with industry as much as possible.

Leslie Beavers, DOD’s principal deputy CIO, will serve as acting CIO as Sherman departs until the department makes a decision on a full-time replacement.

He also pointed to the importance of strong leadership when making hard decisions and setting a clear north star for some of the departments where change might be a heavy lift.

“This has been the greatest opportunity I’ve had professionally, but also I’d be lying if I didn’t say it’s the most challenging,” Sherman said. “So that would be my advice to the next CIO: Buckle your chin strap and get ready, because this is going to be a heck of a ride.”

The post From Building 213 to the Pentagon: John Sherman reflects on his legacy in government appeared first on DefenseScoop.

Now, following the official release of DOD’s new Fulcrum: IT Advancement Strategy on Tuesday, the Chief Information Office-led team that shaped it is moving to mobilize an enterprisewide commitment to the four, integrated directions the blueprint is organized around.

“I’m going to spend the rest of this calendar year making sure that we put in place the right governance structure to help oversee synchronizing the department to move out and deliver in these lines of effort,” Principal Deputy Chief Information Officer Leslie Beavers explained.

In an exclusive interview with DefenseScoop to preview Fulcrum ahead of its publication, Beavers shed light on Pentagon leadership’s vision for carrying out this next-generation IT strategy and what its realization could really look like for DOD.

“It was really important to crystallize the department’s vision into what success looks like, which is what we are attempting to do here in Fulcrum because I am trying to get program managers across the department — not just within the CIO organizations, but in all the different weapon systems program offices — to make decisions a little differently, to make them with the user experience in mind, to make them with interoperability as a priority first and really defining what success looks like, and giving them that vision,” she said.

Lean Six Sigma

CIO leaders aim to expedite DOD’s evolution from a hardware-defined to a more flexible, software-defined enterprise through Fulcrum, which builds on the flagship 2019 defense modernization strategy.

“This is really representing a maturation of that strategy. We were at the five-year point [in] the tech industry, the modernization journey — that’s why it’s not a new strategy. It’s an advancement of the previous strategy. It’s taking into account the new technologies that have been developed and, kind of, the changing world situation and how we are just providing that kind of refreshed vision for how we need to move out in the department in the next five years,” Beavers told DefenseScoop.

Unlike heaps of prior federal strategies, she deliberately ensured that this one wasn’t nicknamed with an abbreviation.

“I didn’t want an acronym — another DMS [for defense modernization strategy], or something like that. That just doesn’t inspire you to, like, want to read it,” Beavers said.

She opted to host “a little competition” amongst DOD colleagues to encourage a creative name for the new guide.

“Whoever came up with the name that I chose, I took to lunch. There were over 40 people involved in writing this document, by the way, from across the department. So this isn’t just Leslie-, or even CIO-team generated. This is a Department of Defense team-generated strategy. And because Fulcrum is at the pivot point between the national security strategies and the defense strategies, how do we translate those strategies into specific actions to take within the department to deliver those capabilities? That’s why Fulcrum really resonated with me when it was one of the proposals,” Beavers explained. 

In the interview, she emphasized that professionally she intentionally pursues a “Lean Six Sigma” managerial approach.

“You start with the customer experience first, and what are you trying to deliver for the end user or the customer? In this case, it’s the warfighter — and my experience over the years with being a reservist and having a lot of connectivity challenges is one of the main reasons why I’m here. So starting with, what does it feel for the warfighter? How we function from a warfighter perspective is most important,” Beavers said. 

In her view, the U.S. combatant commands are Fulcrum’s primary end users.

“We are very closely partnered with the Joint Staff, J6. I look at them as our main conduit into the combatant commands. And when I say ‘warfighter,’ I’m thinking of everybody, from at the combatant command headquarters all the way out to the soldier, or the Marine sitting on an island, isolated somewhere,” Beavers said. 

Broadly, the Fulcrum strategy is structured around four lines of effort that the document states represent “a strategic shift that embraces technology as a mission enabler.” They include:

• LOE 1: Provide Joint Warfighting IT capabilities to expand strategic dominance of U.S. Forces  and mission partners.
• LOE 2: Modernize information networks and compute to rapidly meet mission and business needs.
• LOE 3: Optimize IT governance to gain efficiencies in capability delivery and enable cost savings.
• LOE 4: Cultivate a premier digital workforce ready to deploy emerging technology to the warfighter.

Each of those lines is also supported by a series of strategic objectives that span Pentagon portfolios, which further detail the envisioned way ahead — and indicate clear, measurable mechanisms to trace teams’ progress.

“This really translates strategic vision into tangible actions that the warfighter should feel,” Beavers said.

Typically, government strategies don’t go “down to that level,” she added. But on Beavers’ part, this was purposeful — drawing from her unique background in the government and major corporations, like GE Healthcare and NBCUniversal. 

“[Often] in industry, the pervasive opinion is that if you don’t know your numbers, you don’t know your business. And in the [DOD], we know certain numbers. But I’m trying to really grow the kind of awareness all the way down into the organization — beyond just the CIO, or beyond just the senior leaders — to get after making tangible progress that they can tell the story on so that they can get the right resources to continue to grow,” the deputy CIO said. “These modernization initiatives and IT have not always been at the forefront of people’s minds as important things to fund, and they really, I think, should be.”

Notably, the launch of this new pathway and plan comes as the Pentagon and military are working hard to realize a number of next-generation initiatives, including but not limited to those to enable the Joint Warfighting Cloud Capability (JWCC), Combined Joint All-Domain Command and Control (CJADC2), and an enterprise-wide cybersecurity approach based on the contemporary concept for zero-trust.  

“We’re facing a whole-of-nation threat, and it requires a whole-of-government, whole-of-nation response,” Beaver noted.

She continued: “So, I really want to foot-stomp that we’re only as good as our weakest link, especially in the cyber world. Taking to heart the cybersecurity and interoperability functionality — that — I need everybody to work on. This is not something that we can do by ourselves. Within the IT workforce, we’re less than 10% of the total workforce. We can’t do it for everybody, so we’ve got to have everybody pile on and help. If they are willing to give me a little bit of time and read Fulcrum, it’s a short read, but it would be very helpful.”

‘The Big Uglies’

Beavers’ unique professional experience spans decades and disciplines.

Her defense career began as an Air Force intelligence officer, and she ultimately retired as a reserve brigadier general. Before she took on this position within the Office of the CIO, she served as the director of intelligence surveillance and reconnaissance enterprise capabilities (ISREC) — where she led Project Herald, the under secretary of defense for intelligence and security’s Defense Intelligence Digital Transformation Campaign.

“That work absolutely influenced the Fulcrum work, because we just built on what we learned from Herald and scaled it up to the department. And so, we did have a lot of participation across the board,” Beavers noted. 

It took six months for dozens of DOD officials to develop, refine and agree upon the final version of the Fulcrum strategy.

“It’s lightning fast [for DOD],” Beavers said.

“I didn’t want a strategy that was in the silos. I needed something that was cross-cutting about delivering for the customer and that user experience, that customer focus is throughout the document. And to do that, you have to think of the outcomes. So, I started assembling that team in January. We really kind of rolled our sleeves up and had 40 people in a room working on it,” she explained.

Outside of her military career, Beavers’ leadership approach is also informed by more than 15 years of experience in multiple private sector industries — including as a vice president at NBC/Universal Pictures tasked with recovering 80 years of broadcast content destroyed in a fire.

“I tend to gravitate towards what I call the ‘big uglies,’ which is a quote that comes out of Disney’s Three Musketeers. Oliver Platt’s character says that when he runs into this guy in the dungeon, he’s like, ‘Oh, big ugly!’ and turns around and runs away,” she explained.

“But I’m the one that stands there and tries to sort out the big uglies and take on the areas that I think are foundational and really important, but maybe don’t get the attention that other kind of flashier options to work on,” Beavers said.

Though she did not refer to it in this way herself, one could argue that a Pentagon-central “big ugly” that influenced Fulcrum was the viral “Fix Our Computers” push.

“I think it’s a natural response. I would have done it without the Fix Our Computers campaign anyway, because I’m in the Fix Our Computers campaign — like, that’s what I’ve experienced. So we are, within the department, very aware of that challenge,” she said.

Now that Deputy Defense Secretary Kathleen Hicks signed off on this new strategy, Beavers and her team are shifting to a phase where they intend to, as she put it, “mobilize the department-wide commitment to” executing on each of its four guiding inclusions.

“To do that, I’m going to highlight at least one area within each of the LOEs to champion and make sure that the governance processes that I oversee align with driving progress within that area. And so I’m working with the team on that, but [Mission Partner Environments, or MPEs] kind of very top of the list. The cyber workforce is top of mind,” she explained.

Officials involved are also generating even deeper, specific metrics that will be an annex to the overarching plan.

“So for example, if you’re saying, ‘Well my cloud implementation is pretty good, but I want to work on my cyber workforce stuff, what are the metrics? What should I be doing to develop that?’ So that will be coming out,” Beavers said.

Another in-the-works resource that will soon accompany Fulcrum is an associated implementation plan meant to firm up a distinct framework for carrying out the DOD’s fresh strategic vision.

“Then I’ll pick a few flagship efforts to champion, personally, to demonstrate for the department how to do this. Within the DOD, we’re pretty resourceful — and the whole ‘improvise, adapt and overcome’ [notion] is part of our DNA. When you do have these kinds of flagship efforts, other people will pile on. And so I’ll be looking for that to start happening. I think that’ll take another six or eight months before I’ll start seeing a pile on, but that’ll be my next benchmark,” Beavers told DefenseScoop.

The post What DOD’s new Fulcrum IT strategy means for warfighters appeared first on DefenseScoop.