The Pentagon’s Office of the Chief Information Officer (CIO) in 2024 will begin to implement and start building out on actions it created solid foundations for last year, a top Defense Department (DoD) official said today.
Principal Deputy CIO Leslie Beavers highlighted during GovCIO’s Defense IT Summit in Arlington, Va., several modernization and cybersecurity priorities for the Pentagon this year – including cloud and zero trust.
She highlighted that the department is focused on expanding cloud operation to the edge, and the next piece would be getting the cloud out to allies and partners for collaboration on foreign soil. In other words, pushing forward the department’s cloud services to military branches outside the continental U.S. (OCONUS) through its Stratus private cloud solution.
Separately, on the communication side, Beavers said the Pentagon is focusing on modernizing 5G out to all the military installations.
“The commercial world has it but there are a lot of military installations in a lot of remote places, so we’re pushing to get that done by ‘28,” she said. “We’re also looking at how do we figure out how to make the open radio access network in 5G work, which proves to be actually much harder than I thought.”
“And then there’s the dynamic spectrum sharing piece that we really have to get after to make more spectrum available to the commercial world,” Beavers added.
On the cybersecurity side, she highlighted that the Pentagon is full force ahead on zero trust. “We’ve got the implementation plans, now we need to start executing,” she said.
She said that the DoD’s Portfolio Management Office has been reviewing a total of 39 zero trust implementation plans across the department’s components and is now working to synchronize and simplify them, which “gives us a lot of benefits going forward,” she said.
“What is challenging us is the continuing resolution, unfortunately, because this money was a new start for this year,” Beavers said of Congress’ failure to pass full budgets for fiscal year 2024. “Our efforts to do proof of concepts to actually figure out okay, we’ve got the zero trust framework, we know what the target level capabilities are, and then how do we match that to the products and services that are available in the marketplace to put together the offerings that will help us get to zero trust.”
“We are committed to get there by ‘27 because that’s not a department set objective – that’s an adversary response objective, so we can’t really afford to have it slip,” she said. “The CR is at least a one for one impact, but the longer it goes on, the ratio can get higher than that.”
Finally, Beavers highlighted on the cybersecurity front the DoD CIO is focused on and getting after its software supply chain and then building out a partnership with the Defense Industrial Base.
“Software supply chain security is one of the areas that I worry about,” she continued, adding, “DevSecOps goes a long way as we build out the software development factories and the capabilities around developing software securely.”
“That’s going to become particularly important when you talk about AI models,” she said. “That’s really the area that I, for this year … I’m trying to get some good solid progress and … we’re really moving out on that area as well.”
