Today, the impact of software on the battlespace is stronger than ever, and the Department of Defense has recognized the necessity of upgrading its systems to keep pace with United States adversaries. In February 2022, the department released its first software modernization strategy, a three-pronged approach designed to drive these efforts forward.
According to Rob Vietmeyer, chief software officer for the deputy chief information officer for information enterprise in the DOD, the strategy is not just a technological endeavor, but an evolution of processes and relationships.
“Software is not just a tool. It’s not just about operations – it’s now about survival and mission success. Software is a real strategic asset that can significantly improve our competitive advantage,” Vietmeyer said during his keynote address at ExecutiveBiz’s 2023 Defense Software Modernization Forum on Wednesday.
“Our adversaries will attack our weakest links, and if we are not ready for nation state advanced persistent threat attacks, our sensitive information can be compromised,” he emphasized.
To prepare the DOD for these impending threats, the plan aims to accelerate the expansion of the department’s enterprise cloud environment. A key part of bringing this goal to fruition, said Vietmeyer, is more quickly implementing industry capabilities and delivering them to the edge.
He noted the Joint Warfighting Cloud Capability contract, which opened a “direct contractual relationship with the vendor community,” as one step the DOD has already taken toward this goal.
Establishing a department-wide software factory ecosystem is another priority for the DOD. DevSecOps, said Vietmeyer, is a “game changer” in this area because it fits into the “fundamental” idea of visibility in software production.
Vietmeyer said that this focus on production has pulled both security and program management teams into the earlier stages of the development lifecycle, which challenges traditional, siloed processes.
This “blended model,” he said, is driven by the end user’s interaction with a new software. To create the best possible products, the DOD has begun collaborating with industry more closely.
“The major transformation we are seeing in the department is that we are working with our industry partners and building out our secure software development capabilities – tying them together in ways that we haven’t in the past,” said Vietmeyer.
“Our adversaries are now starting to attack us early in our supply chains, so the notion that we can outsource all of that, take delivery and only worry about deployment and operations no longer holds true,” he said.
Weaving the software modernization strategy together is the goal of revamping acquisition processes for increased resilience and speed. Vietmeyer estimated that around 50 to 60 acquisition programs within the department have adopted a new strategy, and said that the DOD is continuing to work with the acquisition community to progress these efforts.
Looking toward the future, Vietmeyer aims to incorporate modern approaches to security, such as continuous authorization, into the process. These changes require moving away from traditional risk management approaches and prioritizing cyber posture visibility across the development, testing and production phases of the acquisition process, he said.
Vietmeyer reiterated that today, the definition of a system does not only include production, but extends from the early stages of the process to deployment, including testing and development.
“The change that needs to happen now is on the delivery platform, the means of production and the means of securing the software capabilities that will sit on top of that,” he said.
Do you want to learn more about technology initiatives within the DOD? For an in-depth look at the Navy’s modernization efforts, the Potomac Officers Club is hosting its 2023 Navy Summit on June 21, an event that will convene Navy officials and industry experts to discuss the service branch’s technological journey. To learn more and register to attend, click here.