• When it comes to speeding up the Defense Department’s acquisition processes for big weapons systems, things are headed in the wrong direction. That is one of the findings of the Government Accountability Office’s annual assessment of the Pentagon’s major procurements. GAO said on average, DoD’s major acquisition programs are taking 11 years to deliver their first capabilities — about three years longer than planned. The report also found slowdowns in DoD’s so-called “middle tier” of acquisition — a pathway that’s explicitly designed for speed.
  (Weapon Systems Annual Assessment - Government Accountability Office)
• The IRS is taking major strides to wean itself off paper. The IRS estimates more than 94% of individual taxpayers no longer need to send mail to the agency, and that 125 million pieces of correspondence can be submitted digitally each year. For taxpayers who still prefer filing paper tax returns, IRS is working on being able to digitize that paper return. “If you choose to send us the paper, we will process it. But we are ushering in some nice tools with the modernization," said Darnita Trower, the director of emerging programs and initiatives at the IRS. "We don't intend to have people continue keying in tax returns manually. We want to scan and extract that data,” Trower said.
  (IRS hit a ‘big milestone’ to wean itself off paper. What comes next? - Federal News Network)
• A National Science Foundation initiative aims to bring better data to the cyber workforce challenge. The Cybersecurity Workforce Data Initiative is out with a new report explaining how many official labor data sources do not fully account for cybersecurity work. That includes classifications used by the Bureau of Labor Statistics and the Education Department. The initiative’s report recommends marrying up cyber workforce definitions with federal labor databases. And the initiative, led out of the NSF, is now preparing to potentially conduct a survey of the U.S. cyber workforce.
  (NSF initiative aims to bring better data to the cyber workforce challenge - Federal News Network)
• The Senate Armed Services Committee has greenlit a number of AI-related provisions in its version of the 2025 defense policy bill. The committee's version of the bill requires the Defense Department to initiate a pilot program that will assess the use of AI to improve DoD shipyards and manufacturing facilities operations. Lawmakers also want the Defense Department to develop a plan to ensure that the budgeting process for AI programs includes cost estimates for the full lifecycle of data management. The bill would also expand the duties of the Chief Digital and Artificial Intelligence Officer Governing Council.
  (Senate lawmakers pushing a number of AI-related provisions - Senate Armed Services Committee)
• Victims of identity theft are waiting nearly two years, on average, for the IRS to give them their tax refunds. In cases where a scammer stole someone’s identify to get that person's refund check, the IRS took about 22 months to complete those cases. The National Taxpayer Advocate said the COVID-19 pandemic drove up wait times when the IRS shut down processing centers. But, so far this year, wait times are not going back down to pre-pandemic levels.
  (Identity theft victims are waiting nearly two years to receive their tax refunds - National Taxpayer Advocate)
• The Cybersecurity and Infrastructure Security Agency just ran the federal government’s first artificial intelligence tabletop exercises. It involved more than 50 AI experts from government and industry, who convened last week at a Microsoft facility in Reston, Virginia. The exercise simulated a cybersecurity incident on an AI-enabled system. The event will help shape an AI Security Incident Collaboration Playbook being developed by CISA’s Joint Cyber Defense Collaborative.
  (CISA, JCDC, government and industry partners conduct AI tabletop exercise - CISA)
• Senate lawmakers are seeking to limit funding available for the Defense Department's initiative designed to support cyber operations across the military services. It is known as the Joint Warfighting Cyber Architecture (JCWA). The Senate version of the defense policy bill is looking to restrict funding available for the effort until the commander of U.S. Cyber Command (CYBERCOM) provides a comprehensive plan to minimize work on the current JCWA. The Senate Armed Services committee also wants CYBERCOM to create a baseline plan for a more advanced version of JCWA. House and Senate leaders will begin negotiating the defense bill once the Senate clears its final version of the measure.
  (Senate seeks to limit funding for JCWA - Senate Armed Services Committee)
• The Biden Administration is contemplating a new acquisition policy that would clear up some confusion on when contractors have to follow the government’s rigorous cost-accounting standards. The Cost Accounting Standards Board is asking for public feedback on potential rules that would lay out exactly how those standards apply to indefinite delivery contracts. According to the Government Accountability Office, those types of agreements make up about half of federal contract spending, but there are not clear standards on when the cost accounting standards apply to them.
  (Whether and How to Amend CAS Rule - Office of Federal Procurement Policy, Cost Accounting Standards Board)

The post Major DoD acquisition programs taking too long, GAO says first appeared on Federal News Network.

The Army tackled one of its toughest challenges: Creating a common operating picture for all of its allied partners.

The recent Yama Sakura 85 exercise demonstrated how the Army, the Australians and the Japanese could securely share information by using an architecture based on zero trust principles.

Col. Rett Burroughs, the chief information officer & G6 for the Army’s I Corps, said over the course of the 10-to-12 day training event last December, the Army successfully brought their allied leaders onto a single and secured network at the tactical edge.

“What we are looking at is properly being distributed across the entirety of the Pacific. We could have a command and control node anywhere in Australia, Thailand, Philippines, Japan, Korea, Hawaii, Guam or Alaska, and back here at Joint Base Lewis McChord, Washington so that now every node has roles and responsibilities. How do we ensure that conductivity happens across all of those different nodes that are very disparate and spread out? And then how do we leverage the technology of transport to ensure that we’re getting applications all the way to the edge?” Burroughs said on Ask the CIO. “We spent months preparing to ensure we had right safeguards in place. In its simplest form, in the application for the warfighter, which is definitely my area of concern, it brought the Australians and the Japanese together because before it was the Australians and the Americans, and then it was the Americans and the Japanese. The Australians couldn’t be in the same Tactical Operations Center as the Japanese. Now we have the ability for the first Australian division commander to talk directly with senior generals from the Japanese Ground Force Command.”

Burroughs said in previous exercises, the Americans and Australians would talk, and then the Americans and Japanese would talk, with the Army acting as the “go-between” for the Australians and Japanese. And Burroughs readily admits everyone knows what happens when you play the game of telephone.

“Our goal here was to establish one common operating picture and the ability to voice video chat, and share specific information,” he said. “The application of this proved critical in the ability for staff to make informed recommendations, and for commanders to make informed decisions. We weren’t just slinging all this data just because commanders need and want everything.”

Broader application than just the Army

The success of the Yama Sakura 85 exercise proved this shared network and zero trust concept for more than just the Army, but any federal organization can take the basic concepts to create a common operating picture.

John Sahlin, the vice president of cyber solutions for General Dynamics-IT, which supported the Army with integration expertise, said these same approaches could help agencies such as FEMA, which has to create shared networks to help cities or states recover from disasters.

“I’ve been fascinated by this problem set ever since I deployed for the Hurricane Katrina relief efforts back about 15 years ago. We started thinking about a military mission for that humanitarian assistance effort and it turned very quickly into an interagency and even local government support mission,” Sahlin said. “We had good communications. We had a good sight picture. We had good mapping data, which nobody else in the area did. We had to quickly share that data with first responders, the local hospital, the parish sheriff, non-government organizations like the Red Cross. I think that these are lessons of zero trust at the tactical edge for information sharing to inform that on scene commander, are lessons that can be learned, not only for the military at the tactical edge, but for any organization that has field-deployed, forward-deployed organizations that need to share data to execute a mission rapidly and make those changes dynamically with first responders with interagency support, things like that.”

Burroughs added this approach of creating a distributed network supported by zero trust tools isn’t just important for the tactical edge, but for Army commanders in garrison or commands who have to coordinate with the National Guard or local first responder communities or anyone outside of the service.

“Now we don’t have to have these disparate networks that do not talk to each other because of classification and policy, which you clearly went through during the Katrina catastrophe,” he said. “Now what we’re doing is we’re taking need to figure this out on the fly out during a catastrophe. We’re actually getting ahead of it now by addressing it before the next catastrophe. So when something does come in competition or crisis, we’re actually able to deal with it in a methodical way instead of reacting.”

Shift toward data-centricity

In many ways what Burroughs and Sahlin are describing is how the Army, and really every agency, must be more of a data-centric organization.

Lt. Col. Roberto Nunez, the chief of signal services support for Army I Corps, said the implementation of zero trust capabilities forces the end users to shift that data culture because they have to tag and label information much more specifically and consistently.

“You can say ‘all right, here’s all my data that I want to share, all my users that are also tagged and labeled as well as what they’re authorized to use and what they cannot use. Therefore, you can plug in with other mission partners to share that information and you can create that common environment moving forward, whether it’s joint coalition, at least from a DoD point of view,” he said. “If you want third parties to join in, whether it’s corporate America, academics, other organizations or other government agencies, you can do that if everything’s data-centric, labeled and tagged accordingly. This is what is great about zero trust.”

Burroughs said planning for the next Yama Sakura 87 exercise in December already is underway. But he said these capabilities aren’t turned on during the exercise and then turned off. The network is always on and therefore the Army is always iterating how to make secure information sharing better, faster and easier.

Chief Warrant Officer 4 Phil Dieppa, a senior services engineer for Army I Corps, said what the Yama Sakura 87 exercise and other demonstrations have shown the service that the “come as you are” model works because of the zero trust capabilities.

“The great thing about zero trust is that we don’t trust anything until we explicitly have that conversation and say that ‘I trust you.’ Once we do that, then we can start communicating and making those services available one at a time,” he said.

The post How the Army is always testing, training on zero trust first appeared on Federal News Network.

The Marine Corps celebrated a much sought after milestone in February: obtaining an unmodified audit opinion for fiscal 2023.

This two-year effort proved that the corps’ 2023 financial statements “present a true and fair reflection of the Marine Corps’ financial information,” which is about $46 billion in total assets.

While audits say there still are seven areas where the Marines still need to improve, Greg Koval, the assistant deputy commandant for resources for the Marine Corps, said this historic feat means, for maybe the first time ever, they can provide accountability, transparency and validity for their spending.

“It gives us transparencies into the cost of production, and in the future, it means the tracking of the cost of maintenance for many of our weapons system platforms,” Koval said on the discussion Marine Corps Milestone: Unqualified Audit Insight. “What it does over time is allow us to really plan, program, budget, execute better and identify those programs, where maybe they cost a little bit more, a little bit less, get those funds to the right place more timely so that we’re better able to execute and give the warfighter what they need to execute the mission. Ultimately on the financial side, we’re here to support them, help them and give them everything they need. So when they deploy, they’ve got the best solution, the best weapons systems they can have at that point in time.”

Like most of the Defense Department, the Marine Corps has been under pressure from Capitol Hill for decades to achieve a clean audit and has been putting more significant resources and focus on the challenges since 2017.

Marines new general ledger system

The Marines came close previously to a clean audit before the 2023 opinion. For example in 2012, the Marines thought it had achieved a “favorable opinion,” only for the DoD inspector general to reverse that decision in 2015.

DoD, as a whole, is targeting fiscal 2028 to achieve a clean financial opinion.

The Marines success demonstrates that it is possible for the largest organizations in DoD to successfully align their data, systems and processes to achieve this goal.

“At the beginning of this journey, we moved to a new general ledger. We had what we called SABRS, which was known and loved across the Marine Corps for over three decades. We took everybody off of that accounting system and moved into this new modern enterprise resources planning (ERP) system, which had its set of challenges. We basically adopted a system that smaller DoD components used, and some of our business processes were new to the system, new to the process, so there was a huge learning curve there,” Koval said. “That learning curve didn’t just impact the financial folks, but they impacted supply and procurement. There were times where we were working hard to pay vendors on time because the system wasn’t working as our old system did. But I think it really brought some additional discipline and internal controls to the financial processes that ultimately helped us understand some of our procurement and logistic processes a little bit better. It really kind of opened our aperture on some of the costs that we were incurring, who we were paying, and it gave us that additional transparency and visibility into the data.”

That major shift in the way the Corps did business, Koval said, really kicked the entire effort into gear by providing the financial team with the agility needed to understand and improve its data.

For any agency or large organization, the big data challenge can be daunting, said Joe Nave, principal federal finance transformation lead for KPMG, which helped the Marines achieve the clean audit opinion.

Analyze and assess risks

“You had to sift through the business processes across the board for geographically dispersed organizations such as the Marine Corps. You look at all of the integration across the rest of the DoD and the different partners outside of the spectrum that the Marine Corps has operational control over, and you start to look at how complex and complicated those processes can really be. From our perspective, it was helping them analyze, assess risk, boil down a couple of them and get the activities that we really needed to accomplish down to a finite list, where we could really focus our efforts and help them move some of these big rocks associated with the material weaknesses and audit deficiencies,” Nave said. “I think over time, you look at the way that the workforce is structured and having to do 100% of the day job, and then you add in some of these audit priorities and you add in some of the samples, we’ve really had to look at ways to modernize and automate those processes to help facilitate quicker reviews, quick requests, quality control ease, and make sure that we’re set up for success and able to respond efficiently and effectively to the audit.”

Nave said moving to the new ERP accounting system played a significant role in helping the Corps adapt processes and procedures as the needs change during the modernization process.

“I like dash boarding as a way to make sure that our clients have the insight that they need to see in real-time where progress is being made, and where progress is being made against those discrete buckets [of goals],” he said. “Then usually, we like tiger teams to assess progress against that. These small, mobile, tactical units, if you will, are going out and solving these problems with brute force, and then focusing on the sustainment of that. That really gets us to our end goal of a modified opinion and being able to continue that modified opinion, year in and year out, layering in that automation and modernization to those tiger team efforts.”

Auditors say the Marines still had seven material weaknesses to resolve.

Koval said a lot of those were on the property side and the need to better integrate data from disparate systems.

“What the audit did for us was really bring those organizations closer together. It broke down a lot of the walls and communications in the way that we work with each other,” he said. “Now, supply, logistics, procurement and accounting all have a better understanding of what we do, how we impact each other and what needs to change to make the organization more efficient, effective and to save costs, frankly, going forward.”

Going forward, among the Marines’ goals are to continue to build upon the previous two-year effort to further integrate processes and systems to make them a more efficient organization.

Nave said the Marine Corps now are set up for long term sustainment because of the process and procedural changes they’ve made and for audit response overall.

The key lessons learned from the Marines’ experience that other military services and organizations can heed, Nave said, is adaptability, being comfortable with the plan, and understanding that plans will change over time.

“We really want systems working for us, not against us. We want to make sure that our IT environment is squared away. We want to make sure that all of the interfaces or feeder systems that we have are clearly laid out. And we’ve looked at the complexity of those different processes and made sure that those all make sense,” he said. “So it is really just a rationalization of your portfolio and trying to make the sandbox smaller. First make sure everything’s in the sandbox, and then what can you do to make it smaller? Then I think leadership must set the tone from the top, cascading that information down and emphasizing the importance. Whether it’s an audit or any other objective you’re trying to accomplish, having that buy-in and tone from the top has been critical.”

The post The team effort that led to the Marines’ clean audit triumph first appeared on Federal News Network.

The Army has seen enough from its six pathfinders using digital engineering tools and techniques that it’s ready to go all in on.

A new memo, which Gabe Camarillo, the undersecretary of the Army, signed Tuesday, sets the stage for broader adoption of digital engineering capabilities and practices.

“We are looking to benefit from that utilization of digital engineering tools to be able to help establish the right processes in the Army, the right training and really how do we adopt adapt our institutional approach to be able to accommodate more digital engineering,” Camarillo said in a speech during the AFCEA NoVa Enterprise IT day. “The commercial automotive industry does this already. The commercial aircraft industry obviously has been doing this for a really long time. And we’ve actually taken some significant steps in this area….We’ve got a toehold, if you will, in the Army in those areas. We want to expand on it and really accelerate some of the efforts in those three areas, and then the goal is we would expand it out.”

Camarillo said the Army has been using digital engineering tools and capabilities in three areas, ground vehicles, aviation and sensors, which the policy also calls out.

The policy outlines four lines of effort. The first is to create digital engineering focus areas as centers of gravity to be able to begin to accelerate the adoption of digital engineering tools.

“The reason why we’re taking this approach on this first LOE is we recognize that you know, the way DE is employed varies or its varied based on the commodity area that you’re talking about. It’s very mature in a lot of these domains,” he said.

Army taking commodity-focused approach

The Army has applied DE tools and capabilities to the XM 30 Bradley Infantry Combat Vehicle replacement program, the Future Long-Range Assault Aircraft effort and the M113 Armored Personnel Carrier. All three of these pathfinders are in sustainment funding mode.

The second line of effort is around shaping interoperability and standards for implementation. Camarillo said the Army doesn’t want to just pick one or two tools, but use a more commodity-focused approach.

Camarillo added the Army needs to understand the standards around interoperability or cybersecurity, for example, and then be more consumers of the market versus dependent on one tool or a set of tools.

“If we’re going to be consumers in this market, we have to articulate what we need to industry. I think over time, the software will evolve to accommodate us,” he said. “We’re already seeing a lot of great dialogue with multiple vendors along this side. I think part of it is also standardizing our contracts approach so that we know what we’re asking for and that we do so in a in a rational, consistent way.”

Third line of effort is to continue to test out these concepts through Pathfinder programs.

“These programs range the lifecycle of a weapon system from early design, like I mentioned with the XM 30, all the way to some programs that are well under sustainment as legacy programs to be able to identify how we can utilize them. The goal here is to just think about how do you change our processes? So if you’re doing a preliminary design review of a system in development, or if you’re doing the need to identify cost driving parts for a legacy system? How do you get after that by looking at some of these Pathfinder programs?” he said. “The fourth [LOE] is workforce, developing our workforce, ensuring that they have the right training. And then of course, looking at opportunities to train with industry, particularly with those partners that have really evolved digital engineering capabilities and practices, and doing the right kinds of talent exchanges with industry to be able to permeate some of the best practices over to the Army.”

Looking for workforce training

As with any new policy or new initiative, the workforce tends to be the biggest challenge. While digital engineering isn’t necessarily a brand new concept for the Army, it will need to find some of those champions and experts and then start to spread the knowledge.

Camarillo said the opportunities to learn from industry experts who have been using digital engineering for some time and have Army employees bring back some the best practices from these vendors.

“We have some pretty robust training with industry programs and private party talent exchanges. We’re looking to expand those to include some of these digital engineering companies that have pretty robust practices in place,” he said.

The policy also calls on the Army to develop recipes and guidelines as well as creating standard contract language and contract data requirements lists to ensure consistency in the products vendors deliver to the Army.

The private sector has been using digital engineering for many years. Simply put, digital engineering relies on data, advanced technologies such as simulation and modeling and traditional systems engineering practices to create digital models instead of the more traditional paper based models. These virtual representations can change over time as the needs of the organization or technology changes and they make it easier for the developers to understand a host of challenges ranging from cost to sustainment to how this system will work with other systems.

Digital engineering isn’t new

Digital engineering is not a new concept for DoD. The Pentagon issued a digital engineering strategy in 2018. That strategy outlines five elements necessary for the digital engineering ecosystem including, formalizing the development and use of models, providing an authoritative source of truth, incorporating technological innovation, establishing a supporting infrastructure and environment, and transforming the culture and workforce to adopt and support digital engineering.

The Army’s policy is building on the work done by DoD as well as other services over the last few years.

Camarillo said the policy will help the Army in its race to catch up with the private sector.

He said the entire effort is about accelerating the adoption of these tools, after the Army’s six pathfinders showed the potential and value of digital engineering.

“The benefits to us is it’s going to be the way that we do business in terms of developing warfighting capabilities in the future,” he said. “It enables our ability to identify requirements tradeoffs earlier in the process, to plan more adequately for sustainment of both hardware and software. It identifies cost drivers in the operation of weapon systems in the future. And it helps us to identify and mitigate technical risks through more robust modeling and simulation and the development of digital twins.”

The post Army sets stage for broader adoption of digital engineering first appeared on Federal News Network.

When it comes to software development, the Army is going to stop worrying about the color of money.

That’s because as part of its new approach to software modernization, the Army is rethinking what sustainment means.

Margaret Boatner is the deputy assistant secretary of the Army for strategy and acquisition reform, said one of the main tenets of the policy signed by Army Secretary Christine Wormuth in March is to reform several legacy processes that is keeping the service from adopting modern software development approaches.

“We are targeting a couple of really key processes like our test and evaluation processes, and importantly, our cybersecurity processes. We really are trying to modernize and streamline those as well as changing the way we think about sustainment because software is really never done. We really have to retrain ourselves to think about and to acknowledge the fact that software really needs to stay in development all the time,” Boatner said in an exclusive interview with Federal News Network. “Right now, our systems and our acquisition programs, once they’re done being developed, they go through a process that we call transition to sustainment, meaning they’ve been fully developed and are now going to live in our inventory for 10, 20, 30 years. We’re going to sustain them for a long period of time. When a system makes that transition, the financial management regulations dictate that they use a certain color of money, operations and maintenance dollars. With that color of money, we can really only do minor patches, fixes and bug updates. So that’s an example of a legacy process that, when you’re talking about a software system, really tied our arms behind our back. It really prevented us from doing true development over the long term with the software solutions.”

Boatner said under the new policy, software will no longer make the transition to sustainment. Instead, the program office will keep operating under research, development, test and evaluation (RDT&E) funding.

“It’s recognizing that a continuous integration/continuous delivery (CI/CD) model software is never done. That way, our program managers can plan to use the appropriate color of money, which in many cases might be RDT&E, which is the color money you need to do true development,” she said. “So, that will give our program managers a lot more flexibility to determine the appropriate color money based on what they want to do, such that our software systems can really continue to be developed over time.”

The Army has been on this path to software modernization path for several years, with it culminating with the March memo.

With the lessons from the 11 software pathways to testing out a new approach to a continuous authority to operate to the broad adoption of the Adaptive Acquisition Framework, Boatner and Leo Garciga, the Army’s chief information officer, are clearing obstacles, modernizing policies and attempting to change the culture of how the Army buys, builds and manages software.

Army updating ATO policy

Garciga said by keeping programs under the RDT&E bucket, the Army is recognizing the other changes it needs to complete to make these efforts more successful.

“We need to relook at processes like interoperability. Historically, that was not a parallel process, but definitely a series process. How do we change the way we look at that to bring it into this model where we’re developing at speed and scale all the time?” he said. “I think we’re starting to see the beginnings of the second- and third-order effects of some of these decisions. The software directive really encapsulated some big rocks that need to move. We’re finding things in our processes that we’re going to have to quickly change to get to the end state we’re looking for.”

Since taking over the CIO role in July, Garciga has been on a mission to modernize IT policies that are standing in the way. The latest one is around a continuous ATO (C-ATO).

He said the new policy could be out later this summer.

“We’ve told folks to do DevSecOps and to bring agile into how they deliver software, so how do we accredit that? How do we certify that? What does that model look like? We’re hyper-focused on building out a framework that we can push out to the entire Army,” Garciga said. “Whether you’re at a program of record, or you’re sitting at an Army command, who has an enterprise capability, we will give some guidelines on how we do that, or at least an initial operational framework that says these are the basic steps you need to be certified to do DevSecOps, which really gets to the end state that we’re shooting for.”

He added the current approach to obtaining an ATO is too compliance focused and not risk based.

Pilot demonstrated what is possible

Garciga highlighted a recent example of the barriers to getting C-ATO.

“We started looking at some initial programs with a smart team and we found some interesting things. There was some things that were holding us back like a program that was ready to do CI/CD and actually could do releases every day, but because of interoperability testing and the nature of how we were implementing that in the Army, it was causing them to only release two times a year, which is insane,” he said. “We very quickly got together and rewickered the entire approach for how we were going to do interoperability testing inside the Army. We’re hoping that leads to the department also taking a look at that as we look at the joint force and joint interoperability and maybe they follow our lead, so we can break down some of those barriers.”

Additionally, the Army undertook a pilot to test out this new C-ATO approach.

Garciga said the test case proved a program could receive at least an initial C-ATO in less than 90 days by bringing in red and purple teams to review the code.

“I’d say about three months ago, we actually slimmed down the administrative portion and focused on what were the things that would allow us to protect our data, protect access to a system and make a system survivable. We really condensed down the entire risk management framework (RMF) process to six critical controls,” he said. “On top of that, we added a red team and a purple team to actually do penetration testing in real time against that system as it was deployed in production. What that did is it took our entire time from no ATO to having at least an ATO with conditions down to about less than 90 days. That was really our first pilot to see if we can we actually do this, and what are our challenges in doing that.”

Garciga said one of the big challenges that emerged was the need to train employees to take a more threat-based approach to ATOs. Another challenge that emerged was the Army applied its on-premise ATO approach to the cloud, which Garciga said didn’t make a lot of sense.

“We put some new policy out to really focus on what it means to accredit cloud services and to make that process a lot easier. One of our pilots, as we looked at how do we speed up the process and get someone to a viable CI/CD pipeline, we found things that were really in the way like interoperability testing and how do we get that out of the way and streamline that process,” he said. “In our pilots, the one part that we did find very interesting was this transition of our security control assessors from folks that have historically looked at some very specific paperwork to actually now getting on a system and looking at code, looking at triggers that have happened inside some of our CI/CD tools and making very difficult threshold decisions based on risk and risk that an authorizing official would take to make those decisions. We’re still very much working on what our training plan would be around that piece. That’ll be a big portion of how we’re going to certify CI/CD work and DevSecOps pipelines in the Army moving forward.”

The post Army changing the color of money used to modernize software first appeared on Federal News Network.

• DoD's former chief digital and AI officer has a new job in the private sector. Craig Martell, who served as the Defense Department's first chief digital and artificial intelligence officer for almost two years, is joining Cohesity as its chief technology officer. In that new role, Martell will seek to accelerate the innovation internally and the advocacy externally of Cohesity’s AI-powered tools and capabilities to improve the use of enterprise data. Martell came to DoD in 2022 after spending most of his career in the private sector with LinkedIn, Dropbox and Lyft. Martell left DoD in March and Radha Plum, the former deputy undersecretary of Defense for acquisition and sustainment, assumed the CDAO role in early April.
  (Former DoD chief digital and AI officer joins new company - Businesswire)
• A draft version of the House defense policy bill would raise junior enlisted pay by 15%. Members of the House Armed Services Committee want to give enlisted troops ranked E-1 through E-4 a 15% raise. Last month, the committee introduced the Servicemember Quality of Life Improvement Act to address recommendations made by the House quality of life panel. The legislation is meant to serve as the foundation for all quality of life issues in the 2025 defense policy bill. The Defense Department is also in the middle of its Quadrennial Review of Military Compensation, which will impact lawmakers’ final decision. President Joe Biden’s 2025 budget proposal also includes a 4.5% raise for all service members.
  (Draft version of House defense policy bill proposes 15% raise for enlisted members - House Documents)
• The Postal Service is pausing some of its facility changes until next year. USPS is looking at 60 of its mail processing facilities and considering whether to move some operations to larger regional hubs. But Postmaster General Louis DeJoy said the agency will pause these plans until at least January 2025. That is because more than a quarter of the Senate recently called on USPS to pause these changes until a third-party regulator can weigh-in on the merits of its network modernization plan. USPS said its reviews will not result in facility closures or career employee layoffs.
  (DeJoy agrees to pause some USPS facility changes until 2025 - Federal News Network)
• The Postal Service is looking to raise prices on more than just mail. USPS is asking its regulator for a 25% increase on the rates it charges for Parcel Select, a package service that caters to high-volume shippers. USPS said it does not plan to raise prices on consumer-focused package services, such as Ground Advantage, Priority Mail and Priority Mail Express. But in July, USPS is planning on raising the price of its first-class Forever stamp to 73 cents.
  (USPS recommends new prices for Parcel Select - USPS)
• The Army Software Factory program is expanding to add a new chief learning officer (CLO). The Army Software Factory describes itself as an Army Futures Command unit that enables soldiers to become software professionals. The CLO will oversee the learning and development initiatives for the entire organization. The person will also lead the development of the software factory's organizational, programmatic, operational and policy matters pertaining to training programs, strategic initiatives and activities. Applications for this Austin, Texas-based GS-14 position, which is open to the public, are due by May 17.
  (Army Software Factory hiring a chief learning officer - USAjobs.gov)
• Joint Force Headquarters-DoD Information Networks has completed "Locked Shields 2024," its largest cyber exercise. Locked Shields focuses on cyber attacks on critical infrastructure in real time. The exercise brought together 3,500 participants from 40 countries. This year’s Locked Shields tested out artificial intelligence and 5G technologies. The Defense Department plans to operationalize lessons-learned during the exercise through the Rockville, Maryland-based National Cybersecurity Center of Excellence, in partnership with Marshall University and West Virginia University.
  (JFHQ-DODIN completes its largest cyber exercise - CCDCOE)
• Data experts across the federal government are setting shared goals. The Chief Data Officers Council is calling on its members to make the federal workforce more data-savvy and make sure agencies are able to hire the data experts they need. The council is also focused on making agency data sets easier to share with top users. Chief data officers are planning to help their agencies prepare for a rise in artificial intelligence tools. The council is looking to make progress on these goals by the end of fiscal 2025.
  (About Us - CDO Council)
• The House Armed Services Committee wants to modernize the Defense Department’s processes to grant a cyber authority to operate (ATO). If passed, the 2025 defense policy bill would require DoD to establish and regularly update a digital directory of all authorizing officials in the military departments. It would also require the military service's chief information officers to implement a policy requiring authorizing officials to presume a platform is secure if it has already been accredited by another military service. Lawmakers, defense officials and industry partners have long said lengthy ATO processes are slowing down software development within the DoD.
  (Draft defense policy bill would streamline ATO processes - House Documents)
• The Cybersecurity and Infrastructure Security Agency is adding more depth and details to the common vulnerabilities it provides public and private sector organizations. A new effort called the "Vulnrichment," will add details such as Common Platform Enumeration, a Common Vulnerability Scoring System, Common Weakness Enumeration and Known Exploited Vulnerabilities to its Common Vulnerabilities and Exposures (CVEs). So far, CISA said it has enriched more than 1,300 CVEs and will continue to add more details in the coming weeks to the other CVEs. CISA is listing all this new data on its  Vulnrichment GitHub Repository.
  (CISA enriches common cyber vulnerability data - GitHub)

The post DoD’s former chief digital and AI officer heads to private sector first appeared on Federal News Network.

The Office of Advocacy, an independent organization within the Small Business Administration, flagged its concerns in public comments on the CMMC regulations. Once effective, the Defense Department’s rules will require many defense contractors to have their compliance with cybersecurity standards certified through a third-party audit.

“Advocacy is principally concerned with the ability for small businesses to meet and comply with the standards and timelines set out in the CMMC program without further clarification and guidance documents from the DoD,” SBA Advocacy officials wrote in a Feb. 26 letter to DoD Chief Information Officer John Sherman.

DoD released the proposed CMMC rule for comment in December. Pentagon officials expect to finalize the rules later this year or in early 2025. The goal of the program is to ensure defense contractors are following cybersecurity standards meant to protect sensitive information.

In an April 26 webinar hosted by Geroge Mason University, Office of Advocacy Deputy Chief Counsel Major Clark emphasized his concerns with the costs of CMMC compliance.

“I hear quite often others saying that, well small businesses can recoup some of these costs from the government, which is not necessarily true, because most small business contracts are fixed price contracts,” Clark said. “They give a bid that is accepted. All of these other bells and whistles are not necessarily are allowed. And then the other aspect of this is many of the small businesses are subcontractors to the large primes. And these costs factors that they are saying can be recouped are not necessarily going to flow from that large prime down to that small business.”

Clark said the overall environment for small businesses is increasingly “treacherous.”

“It’s not that they don’t want to participate. It’s at what cost are they going to be able to participate? And how are they going to reap any type of profit?” he said.

The Pentagon revamped many aspects of the original CMMC program in late 2021, largely due to concerns about the cost of the program on small businesses. Under the current program, not all companies will have to get a third-party certification. And companies will be able to defer on instituting some cybersecurity requirements until a later date so they can still compete for defense contracts.

Still, DoD estimates that approximately 76,000 companies will need to get an audit from a CMMC third-party assessment organization (C3PAO).

Former Federal Chief Information Security Officer Grant Schneider agreed that implementing the cybersecurity requirements will be expensive for many businesses.

“It’s going to be burdensome, and it’s still going to be for most organizations, overhead costs that they’re going to have to bear,” Schneider said. “Certainly the program office has talked about the fact that they anticipate that these costs will be rolled in to rates from vendors, but how much do you roll in on your rate versus your competitor, when many things end up being a lowest cost technically acceptable? That is a concern that I think everyone’s going to need to be paying attention to.”

DoD will allow companies to create special IT “enclaves” for handling sensitive defense information. The idea is it would be less costly than implementing DoD’s cybersecurity requirements across a company’s enterprise network.

But SBA’s Office of Advocacy argues DoD needs to provide more details on the process for creating those special enclaves.

“The current rule does not provide clear guidance on the process to create enclaves, which would allow more small business subcontractors to participate in DoD contracts without meeting the full requirements necessary for the prime contractor,” SBA Advocacy officials wrote in their letter to DoD.

The office also wants more information from DoD on the role of C3Paos and the “indemnification a C3PAO has if a contractor or subcontractor is out of compliance.”

The Office of Advocacy also highlighted a concern among many CMMC stakeholders: whether there will be enough certified C3PAOs to handle the demand for certifications.

“Stakeholders raised concerns that if there are an insufficient number of C3PAOs to timely inspect every contractor before the rule is effective, then small businesses will be the last ones to be certified,” officials wrote in the letter. “Advocacy recommends creating a streamlined process to provide organizations with C3PAO certifications. . . . Particularly, there should be availability of C3PAOs for small businesses and ensure small business owners are not falling behind.”

The post CMMC is coming, but concerns for small businesses persist under revamped rule first appeared on Federal News Network.

• Lt. Gen. Bob Skinner adds another piece to the Defense Information Systems Agency's modernization puzzle. DISA's new five-year strategic plan is more about emphasizing and highlighting its current roadmap than making any new or dramatic changes. But DISA Director Air Force Lt. Gen. Bob Skinner said simplifying and consolidating support for the warfighter will continue to drive these initiatives. In the 2025 to 2029 strategic plan, DISA detailed four strategic imperatives, six operational imperatives and eight goals. DISA said it remains focused on several departmentwide, enterprise-level tools, such as by 2030 delivering a common IT environment, developing a DoD enterprise cloud environment and integrating identity, credential and access management and zero trust capabilities.
  (DISA's new 4-6-8 strategic plan - DISA)
• The IRS plans to keep adding more employees, but it also needs more money to keep them. The IRS is looking to grow its workforce by about 14% between now and 2029, tapping into some of the $60 billion it got to modernize under the Inflation Reduction Act. But the agency is asking Congress to bump that funding up to $104 billion that it would have to spend through the next decade. IRS Commissioner Danny Werfel said that if those funds run out, the agency will not be able to sustain its growing workforce. “Either you don't replace people that retire, you furlough, and a last resort, you RIF," Werfel said, referring to a reduction in force. "Those are the realities that could happen.”
  (IRS seeks 102,000-employee ‘right-sized’ workforce – and more money to avoid possible layoffs - Federal News Network)
• The Office of Personnel Management is rethinking the job skills needed for more than 40,000 human resources employees. Across all agencies, OPM has created new competency models for HR positions. Those models cover all HR management work, as well as more specialized skills. It is part of a broader effort to address strategic human capital management, while emphasizing skills-based hiring. Many of the newly defined skills, like decision-making and teamwork, emphasize hands-on qualifications.
  (OPM redefines the skills that 40K federal HR employees need - Federal News Network)
• The Defense Innovation Unit is looking for new ways to track down cyber adversaries who might already be inside DoD networks. DIU is shopping for what it calls a "hunt kit," which must be able to function without any internet connection. It also cannot rely on any additional resources from a partner’s on-premise infrastructure. The hunt kit must be able to fit in a carry-on bag and it has to meet weight and dimension limitations of international commercial flights. The vendor has to complete a prototype hunt kit for government testing within four months of receiving an Other Transaction award. Responses are due by June 14.
  (DIU seeking joint cyber hunt kit solutions - Defense Innovation Unit)
• The IRS is letting some of its employees keep working remotely until the start of 2025. IRS planned to end its remote work pilot program in June, but now it will keep it running until January, to continue gathering more feedback and data. The IRS will not add more employees to the pilot program, but employees already in it can choose to opt out. A Treasury Department assessment found jobs advertising remote work led to the most hires, and that retention and engagement scores remained stable. The IRS is already meeting the Biden administration’s requirement to have federal employees working in the office about 50% of the time.
  (IRS extends remote work pilot, in bid to ‘keep up’ with workforce expectations - Federal News Network)
• Vendors providing technology products to the government now have a better sense of how much of their product agencies are buying, and who is buying it, through the schedules program. The General Services Administration expanded the "demand data" program to vendors who provide technology products like laptops or software licenses. GSA said through demand data, contractors can customize their price list to those items that customers are more likely to buy. GSA launched the demand data effort in January 2023 for the general supplies and services schedule and found a relatively small number of products generated 50% of overall sales.
  (New data from GSA giving vendors more insights into IT buying - buy.gsa.gov)
• The federal HR workforce may soon see more support from the Office of Personnel Management. OPM is making plans to launch an HR career growth website this fall. The online platform will be a way for federal HR practitioners to access information and interact as a community. In the meantime, OPM is currently piloting an HR career pathing model at nine agencies. The end goal is to encourage better retention of HR employees, and help them grow in their careers.
  (Upcoming launch of HR career growth platform - Office of Personnel Management)
• Sasha Baker, the acting under secretary of Defense for policy, officially stepped down from her post last week. She has been serving in that role since 2023, when Colin Kahl left the position. Amanda Dory, the director of the Africa Center for Strategic Studies at the National Defense University, will temporarily step into Baker’s role. Last year, President Joe Biden nominated Derek Chollet to be the Pentagon’s policy chief and renominated him earlier this year, because the nomination has been stalled in the Senate.
  (Sasha Baker officially steps down as Pentagon’s policy chief - DoD)

The post DISA’s new five-year plan will consolidate support for the warfighter first appeared on Federal News Network.

A new group within DoD seeks to track how well new technology makes its way to the troops. Heidi Shyu, the Under Secretary of Defense for Research and Engineering said DoD will use advanced data analytics to do the job at hand. The team is called, “The Transition Tracking Action Group” or T-Tag. For details, the Federal Drive with Tom Temin talked with DoD’s Chief Data Officer for Research and Engineering, Cyrus Jabbari.

Interview Transcript: 

Tom Temin Well, first of all, tell us to tag. What is this all about and what problem is it trying to solve?

Cyrus Jabbari The Transition Tracking Action Group, or the Tag, is all about enhancing the department’s visibility on its investments using data analytics, breaking data silos, and unifying them together in novel ways so that we can have better insight over what we are doing, what we have invested in, and therefore oversight.

Tom Temin And when you say invested in, you mean what exactly what areas of investment do you look at.

Cyrus Jabbari A number of different types of technology investments. So, the department prioritizes 14 critical technology areas. That’s been a key focus for us to get a better handle of how are we road mapping for those 14 critical technology areas, and what are things that are in the pipeline that we are developing or that we could take from the commercial sector? What the Transition Tracking Action Group cares about, though, is the whole wealth of technology investments, from research and engineering to acquisition that exist along that lifecycle that we could better observe, better get a hold of, and better bring to the warfighter or to the field.

Tom Temin What are some of those critical technologies? You mean like directed energy? Artificial intelligence?

Cyrus Jabbari Yes, that’s exactly right. Of the 14 critical technology areas, Heidi Shyu’s vision for technology competition says that there are these quote unquote, seed areas of emerging technology think biotechnology, quantum and so forth. Then there are these more commercially adopted technology areas that we prioritize, such as trusted artificial intelligence and autonomy or advanced computing and software. And then there are more defense specific critical technology areas like hypersonics directed energy, the ones you alluded to. So those are the critical technology areas that we prioritize. But we don’t just want to get greater fidelity on the critical technology areas. There are other technology areas that the department prioritizes. I think in the Navy, for example, naval power or maritime systems in the Army, soldier mobility or lethality. And then obviously, with the announcement of the replicator initiative, we have niche combinations of technologies, such as what Deputy Secretary of Defense Kathleen Hicks announced the focus for replicator in this first tranche will be on what are called all domain autonomous, a tradable or ADA2 technologies. We want to get a better grapple of across research, engineering, and acquisitions, and throughout the defense innovation ecosystem. What is in the pipeline and how can we better leverage it?

Tom Temin Right. So, what is the impediment to understanding the total picture now?

Cyrus Jabbari I think within any large organization, as you would see across industries, we are discovering that there is a huge need to get data outside of the data silos that they exist in. There’s been a significant move within the Department of Defense to be responsive to Congress, to make sure that we could at least get a greater hold of our financial data. And we’ve made significant strides since at least 2018, when the department established its first universe of transactions through the Advancing Analytics, otherwise known as Advanced Enterprise Data Analytics Platform, where we unified all of the different general ledger accounting systems across DoD and had them talk to each other so we could create a common financial operating picture with great fidelity and near real time visibility. And so, since that innovation within dog, there’s been a lot of work from the battlefield to the boardroom to break data silos. The TTAG is trying to focus on something that is of common interest, not only within the department’s research and engineering and acquisition and requirements communities, but also to Congress and the common taxpayer when they want to make sure that we could answer questions on what is in the valley of death or what made it across the Valley of Death, and how efficient are we being in tracking those things across or within those valleys?

Tom Temin We’re speaking with Cyrus Jabbari. He’s the chief data officer for research and engineering at the Defense Department. And I guess this is also a way that you can avoid duplication of investment. Or, you know, one company getting money for the same thing from two different far-flung pieces of DoD. Not that that could ever happen.

Cyrus Jabbari Well, I think that with any greater insights, very wise senior leader actually coined the term, at least to me for the first time, that with greater insight, you can provide greater oversight. These are things that our leadership says should have been or could have been perhaps prioritized. To answer these age-old questions that it sounds like TTAG is trying to address right now. Tracking technology transitions, as you know, is not something that has just sprung up in the year 2024. That interest has existed for decades. So, we want to, using the novel innovations in tools, in policy and process changes that have been taking place in the past few years. Want to capitalize on that? Break data silos so that we could provide greater insight and therefore support better oversight.

Tom Temin Right. So, besides oversight and accountability, what you have to have, though, is there an element of making sure that, golly, this technology has so much promise. Why isn’t it productized quicker? Why isn’t it turning into an acquisition and getting it into the troops’ hands, so to speak? Which is the ultimate goal of all of this?

Cyrus Jabbari That’s exactly right. So it’s setting us up to get better insights into the investments we make and the products that make it to the warfighter, or have not yet made it to the warfighter, or could make it to the warfighter based on the requirements that we understand those requirements generated by the end users, the warfighters, the combatant commands, etc.. It’s also laying the groundwork, though, for us to understand and capitalize on our impact in economic security and economic growth. Through TTAG, we’ll get greater insights into the investments that we have made that ended up into the commercial sector, that ended up being productized and see our contributions to the commercial sector and private capital spaces. But better yet, it will be incredible to see insights such as those things that we initially invested in and were productized that we ended up buying on the back end and delivering to the warfighter. I’m very excited to see more information from those outputs.

Tom Temin And how does TTAG itself work? I mean, is there a room somewhere in the Pentagon that has a name t tag on it now, and who comprises T tag and who do you matrix with to get the information in and back out?

Cyrus Jabbari So TTAG, although formally established this past month, has actually been in the works in an informal capacity for about two years. Really, the background for what generated this was in May of 2021, Deputy Secretary of Defense Kathleen Hicks announced the launch of an Innovation Steering Group and the Innovation Steering Group, or ISG. One of its main lines of efforts was to map this defense innovation ecosystem that everybody talks about, that you see being mapped in, I think, academic and commercial spaces. We wanted to get a greater handle of when we say the word innovation, what do we mean? And who is actually executing work in support of that in relation to the mapping of the defense innovation ecosystem, which I was very happy to support when it was first announced. We also noticed that everybody talks about technology transition, but we have different definitions for what transition means or what a technology even means. So, I was thrilled to support the first ever standardized definition of technology transitions and technology transition pathways that was codified in a joint memorandum from Honorable Heidi Shyu, our Chief Technology Officer, in conjunction with the Undersecretary for Acquisition and Sustainment, honorable Bill LaPlante, and then Undersecretary for policy. Colin Kahl. That memorandum was issued in April 2022. And as a data nerd, that helped me have a common lexicon where we could then start to search for and tag technology transitions, in the past year and a half, since we’ve been building out advanced analytics prototypes or pilots where within seconds, for example, for the first time ever, we can actually track the number of new entrants into the defense innovation ecosystem through research, development, test and evaluation dollars and see that within the past three years, it’s actually increased by 62%. Or we can track small business innovation research, small business technology transfer transitions, which get a lot of commentary externally within seconds, again through these prototypes. In addition to prototyping out solutions through unique data connections that we’ve built and demonstrated back to what was the Innovation Steering Group and community of interest within the department trying to attack this problem, we also created the Informal Transition Tracking Action Group, which was tasked to develop an initial set of recommendations in an implementation plan that would get the most senior leaders sign off from the Deputy Secretary of Defense to the Secretary of Army, Navy, Air Force, the Undersecretary, leaders within the office of the Secretary of Defense, and the chairman or Vice chairman of the Joint Chiefs of Staff. On what is the first attack we could make in breaking data silos, unifying data. And for the first time ever, getting a tranche of data that tracks technology transitions, as described earlier, that implementation plan is actually finalized. We are in our final moments of receiving approval, hopefully, and I look forward to keeping you updated on what we decide to do. But yes, TTAG is going to continue to prototype data analytics solutions and consider policy and process recommendations that need to address key data sets.

Tom Temin And by the way, that definition of transition, does that encompass the idea of not transitioning from research to a prototype, but transitioning into something, again, in a warfighter’s arsenal or toolset that’s actually deployable and useful for the mission?

Cyrus Jabbari Yes, we want to emphasize the importance of tracking things that make it to the field to demonstrate our return on investment. Absolutely.

Tom Temin So if you haven’t crossed the Valley of Death with it, then it hasn’t transitioned really well.

Cyrus Jabbari I think in a more meta sense, as described by, say, the Office of Strategic Capital, for example, there is not just one Valley of Death, but there are different valleys of death or stages. That idea needs to cross from lab to prototype, from prototype to product and product to scale. And so, you could think of something being in the field as that scale, moments that end state. We want to track across those valleys, within the valleys, but also across those different iterative steps, because that helps us then connect to technology solution, ideally, and its owner or its performer within the department to the next stage that could sherpa it across the valleys.

Tom Temin And your job as chief data officer, then, is to help people choose the right data that has to be combined to get the answer they want from different systems throughout DoD.

Cyrus Jabbari Yes, this is one of the most exciting parts of the digital transformation journey that I’ve seen in DoD, because as we’ve developed those prototypes that I alluded to, we’re seeing them being heavily integrated within common business processes that did not exist before. And so hopefully when we get this massive shift in transitions, data, and analytics, we will be able to enable the technology officer, the chief technology officer, and the various technology officers and users, acquirers across DoD and even researchers to see what’s in the wild and what’s maybe missing.

The post DoD gets serious about technology transfer to the troops first appeared on Federal News Network.

• A defense contractor is facing heavy fines and probation for admitting to a bribery scheme with a former Naval Information Warfare Center employee. The Justice Department said Cambridge International Systems, Inc., headquartered in Arlington, Virginia, pleaded guilty to giving everything from a ticket to the 2018 Major League Baseball all-star game in Washington, D.C. to funneling $2,000 a month to James Soriano, a contracting officer with the Naval Information Warfare Center. In return, Soriano helped steer contracts of more than $132 million to Cambridge International. The company will be sentenced on July 3 and faces up to five years corporate probation and $500,000 in fines.
  (Defense contractor pleads guilty to bribing Navy contracting officer - Justice Department)
• The tug of war is intensifying over what to do with the Windfall Elimination Provision (WEP) and the Government Pension Offset (GPO), as bipartisan lawmakers are doubling down on efforts to get their Social Security Fairness Act passed. The bill aims to give public sector workers a full Social Security amount by repealing both WEP and GPO. The two provisions reduce Social Security payments for certain federal annuitants. In a letter to the House Ways and Means Committee, Reps. Abigail Spanberger (D-Va.) and Garret Graves (R-La.) pointed to the bill’s 316 co-sponsors, making it one of the most broadly supported bills in the House. But lawmakers appear undecided on whether they will move forward with that full repeal, or instead keep the provisions and simply alter the benefit calculations.
  (Repeal or reform? House lawmakers weigh responses to WEP, GPO - Federal News Network)
• A bipartisan bill will put the Postal Service’s network modernization plans on hold, if the bill makes it through Congress. The Protect Postal Performance Act would bar USPS from shaking up its delivery network in areas where the agency is not meeting standards for on-time mail delivery. That means ensuring at least 90% of first-class three-to-five-day mail arrives on time. If it does not meet that standard, the legislation would prohibit USPS from opening Regional Processing and Distribution Centers. These large facilities serve as hubs for long-distance transportation where employees sort mail and packages going to other regions. Reps. Nikki Budzinski (D-Ill.) and Jack Bergman (R-Mich.) introduced the bill. USPS is seeing a major drop in on-time delivery in areas where it has already opened these large facilities.
  (Budzinski Introduces Bipartisan Bill to Halt USPS Processing Facility Consolidations - Rep. Nikki Budzinski (D-III.))
• The Army is on track to meet its 2024 recruitment goals. The service wants to bring in 55,000 recruits by the end of the fiscal year, a number it has a shot at hitting, said Army Secretary Christine Wormuth, who credits the success of its Future Soldier prep course. It should be noted that the service lowered its recruitment goal this year. In 2023, the Army wanted to bring in 65,000 new soldiers, but this year the service decided to shrink its authorized troop levels as it transitions from counterinsurgency missions to large-scale combat operations. The service has missed its annual recruitment targets for nearly a decade.
  (Army on track to meet its recruitment goals - Federal News Network)
• Are prices under the multiple-award schedule contracts fair and reasonable? The General Services Administration is asking industry 15 questions about how to better align schedule pricing with commercial practices. The questions in GSA's request for information included whether using the same labor-category names and descriptions — across schedule special item numbers as a standard practice — would reduce administrative costs and burdens. GSA is using the RFI as part of its review of agency practices to streamline how it determines “fair and reasonable” prices on schedule contracts. Responses to the RFI are due by May 8.
  (GSA seeking feedback on "price reasonableness" on the schedule contract - GSA)
• The State Department’s Diplomatic Security Service is setting a goal to have women make up at least 30% of its incoming recruits by 2030. Diplomatic Security is making that commitment as part of the 30x30 Initiative that 240 other law enforcement agencies have already signed onto. Operating in over 170 countries, Diplomatic Security is also looking to ensure its policies and culture allow it to recruit and retain women as law enforcement officers.
  (Diplomatic Security Service commits to 30×30 initiative - State Department)
• Investing in federal retirement services is top of mind for NARFE, the National Active and Retired Federal Employees Association. The organization is calling on Congress to give more resources to the Office of Personnel Management in fiscal 2025. OPM is the long-time overseer of retirement processing for federal employees. The agency has been starting to chip away at modernizing the largely paper-based system, but without proper investments and oversight, NARFE said it is concerned that widespread delays on retirement claims and processing will continue.
  (Letter on fiscal 2025 Financial Services and General Government appropriations - NARFE)
• The Army will begin conducting cognitive assessments of all soldiers before they attend basic training. The goal of the test is to establish a baseline before soldiers are exposed to repeated blasts in training and combat. The Army also wants to use wearable devices to continuously track and monitor blast exposures. The service has yet to find the ideal gauges to track exposure to blasts for soldiers, but plans to assess various wearable devices, which the Special Operations Command will eventually purchase.
  (Army will conduct cognitive assessment during training to prevent traumatic brain injury - Senate Armed Service Committee)

The post Defense contractor pleads guilty to bribery first appeared on Federal News Network.

It seems like long ago. Thousands of active duty service members applied for religious exemptions from COVID vaccines. Now we know how well the armed services did in processing the exemptions and the discharges of service members from the armed services. For details, the Federal Drive with Tom Temin talked to Project Manager Marie Godwin in the Defense Department’s Office of Inspector General.

Interview Transcript: 

Marie Godwin We wanted to ensure that service members were treated fairly, and that their exemption requests and discharges were processed in accordance with the law and DoD regulations. And we also received a number of hotline complaints alleging that the military services were improperly processing religious accommodation requests. So we wanted to review that process and determine if those allegations had any merit. So specifically, the complaints were alleging that the military services were processing the requests too quickly and not performing individualized review of the requests as required by the law and DoD policy. But in the end, we found the allegations did not jibe with our findings, and our report confirms that those allegations were, in fact, unfounded.

Tom Temin All right. Do the requirements on the DoD specify a timeline or a period of time in which they have to decide these? Usually the problem is the government gets backlogs of things. In this case they were processing them. It sounds like efficiently.

Marie Godwin Yes, the DoD does establish time requirements, and the time requirement depends on if the service requires a waiver of policy for that religious accommodation request or not. So for the Army, Marine Corps and Navy, they had 90 days to process the requests. The Air Force had 30 days to process the requests because they had decentralized decision process that did not require a waiver of policy.

Tom Temin You didn’t look then at whether the discharges or the exemptions were correct or not. It was just simply looking at whether they were processed in a way that was in accordance with their policy for processing them.

Marie Godwin That’s correct.

Tom Temin All right. Let’s go into that a little bit further. You said the Army, Navy, Marine Corps had a 90 day policy and the Air Force 30 days, maybe a little bit more detail on why that was the case, that variance.

Marie Godwin Sure. That’s just an overarching DoD policy that establishes the time requirements. And the DoD policy says that if the religious accommodation request requires a waiver of department policy, then it can be processed within 90 days. And I think the thought behind that is that it takes longer to process that through a central decision authority. If the request does not require a waiver of policy, as is the case with the Air Force, then the time requirement for that processing is only 30 days.

Tom Temin In what’s involved in processing that even takes 30 days?

Marie Godwin Sure. There’s a number of things that happen in the process, and it differs by military service. But generally, the service member submits a request. They have recommendations from their chain of command. They meet with a military chaplain to discuss their request. There’s also medical subject matter expert recommendations, and all these are processed up through the decision authority to consider.

Tom Temin Right. And just to clarify once more. You didn’t look at the quality of the decisions versus, yeah, you can stay or you’re discharged. But again, just whether they were processed in the proper manner.

Marie Godwin Right. So we looked at did they have all of the required recommendations? And was the proper decision authority deciding on their request?

Tom Temin We’re speaking with Marie Godwin. She’s a project manager in the Inspector General’s Office at the Defense Department. So generally, everything went according to each armed service’s policy for getting those things processed. Any exceptions or any outlying issues that you discovered?

Marie Godwin So for religious accommodation requests, we found that the Army and Air Force were taking much longer to process the exemptions than the DoD time requirements. So the Army, as we said before, had 90 days to process those requests, and they were averaging about 192 days to process the requests. The Air Force had 30 days to process those requests, and they were averaging about 168 days.

Tom Temin Yikes. And do we know why it took so long to do those?

Marie Godwin Well, we spoke with the military personnel involved in processing religious accommodation requests, and they told us that in a typical year, they only receive 3 or 4 requests for religious accommodation. So they were just overwhelmed by the sheer number of the requests.

Tom Temin  And could be that the religious exemption has maybe more subtle decision making that’s required. It’s hard to tell, that sounds like a tough one. Maybe they’re afraid to make the call in some cases.

Marie Godwin Well, I think they just wanted to take the time to make the correct decision and make sure that it was an informed decision.

Tom Temin All right. So what recommendations do you have then? Sounds like they would be centering around the religious exemption request because that’s what caused the outlying cases.

Marie Godwin So we had three recommendations. We had one for religious accommodation requests, one for medical and administrative exemptions and one for discharges. So for religious accommodation requests, we recommended that the DoD issued new guidance for periods of high volume request to decrease processing times. Military personnel told us that they only receive a few requests per year, and under those conditions, the existing policies were sufficient, but not in periods of high volume requests. So this recommendation aims to improve the processing time so that service members are not significantly impacted while they’re awaiting a decision.

Tom Temin All right. And what about for the medical and administrative? Recommendations there?

Marie Godwin Sure. We recommended that the DoD require personnel to document exemption approvals in service members personnel records. We had found that they weren’t always being documented in their records, so we anticipate that requirement will reduce the risk of errors and ensure that the service members vaccination status is accurate in the medical readiness systems.

Tom Temin And for the discharge petitions. That means that people want to be released from the military rather than have the vaccine. That’s what that particular application is.

Marie Godwin Correct. So we recommended that the DoD require uniform discharge types and reentry codes for all service members who were discharged for vaccination refusal. And we made that recommendation because of the DoD does not issue uniform discharge types and reentry codes, then service members will experience different impacts to their educational benefits and eligibility to re-enlist.

Tom Temin I was going to say reentry codes. Does that mean that there’s like a revolving door over vaccinations? You can be discharged and then come back?

Marie Godwin Well, when a service member leaves military service, they’re issued a certificate of release from active duty service. And that lists your discharge type and your reentry code. And the reentry code just indicates a service members eligibility to re-enlist in the service later. So we found that some service members received reentry codes that required them to obtain a waiver to re-enlist, while other service members receive codes that banned re-enlistment altogether.

Tom Temin Got it. And so the recommendation there was or did you have any for that particular class of application.

Marie Godwin So we recommended that they have uniform discharge types and uniform reentry codes.

Tom Temin Got it. And did the department say yeah we agree.

Marie Godwin They actually did not agree with that recommendation. But they provided another plan to address the recommendation. So once they provide that plan to us, we’ll reevaluate the recommendation.

Tom Temin This is more than history then. Because should another type of pandemic happen in the country, or we have another one of these situations where mass vaccinations become the general mode of the land, this could come up again.

Marie Godwin You’re absolutely right. And so DoD allows service members to request medical or administrative exemptions from any vaccination, not just COVID 19.

Tom Temin It could be measles, mumps or polio for that matter.

Marie Godwin Right. The military services have a list of ten or so required vaccinations for all service members.

The post Pentagon report card for dealing with vaccine refuseniks first appeared on Federal News Network.

The Reagan Foundation and Institute graded the health and resilience of what it calls the U.S. national security innovation base. This concept includes a wide range of stakeholders, such as national security agencies, research centers, laboratories, universities, traditional defense contractors, startups, venture capital, and allies and partners. 

The report card gave the country a generous A- in innovation leadership; a strong B when it comes to funds available to national security innovation initiatives; and a B when it comes to the willingness of the private sector to work with the federal government.

But the U.S. got a tough grade in customer clarity, or the ability of the government to signal demand not just through communicating innovation priorities and issuing strategies, but also through providing stable funding and utilizing acquisition pathways available to the Defense Department to buy at speed.

While the government communicates its innovation priorities to the industry somewhat well, budget instabilities and limited application of novel acquisition pathways that the Pentagon continues to use as an exception rather than the rule is what lowered the grade.

“For the first 80 yards in the last 10 or 15 years, the clarity from the Pentagon has been 20/20. Whether it be the strategy documents they put out, the national security documents, the war games we are invited to. The red zone — I can understand some of the grades that were given,” Eric DeMarco, the president and CEO of Kratos Defense, said during the National Security Innovation summit Wednesday. “The companies that actually bring a product forward, it might not be 100% of the requirement, but it’ll be 90-95% of the requirements. They get to that red zone and then the traditional process takes over.”

While the Pentagon has signaled through various reforms that it wants to do business with small and non-traditional companies, the majority of contracts still go to the top defense contractors. 

And the top 25 Small Business Innovation Research awardees, some of whom received less than $100 million in funding through the DoD SBIR program, got less than $500 thousand in the subsequent round of awards, indicating that DoD awards companies that don’t transition their technology into production.

“If we do not have more production contracts, if we do not see startups winning programs of record, because you can only require Silicon Valley to be as patient as it can be for a little bit of time before people start saying, ‘Okay, it’s impossible to work with the DoD.’ So we do think there has been an extraordinary change in the way we communicate, extraordinary education on both sides within the DoD on how venture works, within venture capital on how the DoD works and the expectations there, but we have to see some more wins in the next few years or I do think we are going to see capital dry up,” Katherine Boyle, the general partner at Andreessen Horowitz, said. 

Last year, the Pentagon announced Replicator, the department’s program to field thousands of small, cheap drones. Congressional appropriations allocated more than $200 million in 2024 to push the effort forward, which could provide a boost in sales for smaller companies. Assistant Secretary of the Army for Acquisition, Logistics and Technology Doug Bush said the service is the biggest participant in the first round of the initiative so far. One system the service was working on made the cut for the initial round of the Replicator program, and the Army is already proposing several systems for the second round of the program. Air Force Vice Chief of Staff Gen. James Slife said the service has plans to participate in the second round as well.

And the Defense Innovation Unit, designed to connect technology companies with the Pentagon, just got a major funding boost. Congressional appropriators proposed an additional $800 million in the DIU accounts. That’s up from the $191 million enacted last year. 

Additionally, Bush said major reforms, such as Mid-Tier Acquisition and the Software Pathway are making a difference as defense officials are pushing Congress for more contracting flexibilities.  

“It does take time to filter through the system, but it’s becoming more normal to do, for example, a properly structured [Other Transaction Authority acquisitions] versus a FAR-based contract for certain activities. We’re moving away from fixed-price development, except in very exceptional cases; we’re able to go much faster with Middle-Tier Acquisition and Software Pathway, to get programs started, respond to urgent needs, and actually get something up in the field. So I think the loosening of the reins, so to speak, is having an effect, but we’re far from where we want to be,” Bush said.

How can DoD and industry traverse that last 20 yards?

“We are doing all of the things, we’re investing in the innovation base, we’re putting together DIU, we’re increasing SBIR spending, we’re communicating more openly about programs where companies are going to have a real shot, whether it’s Replicator or whatever. But actually transitioning that into real production is virtually impossible,” Trae Stephens, the co-founder and executive chairman at Anduril Industries, said. 

Stephens said that, in the end, it comes down to decision-making. 

“We can certainly offer hundreds, if not thousands of policy suggestions, authorities that need to be changed, ways that oversight can play into the process in more effective ways. But at the end of the day, I think it’s primarily just decision-making. If you assume you have all the policies, you need to make the right decisions; can we make the right decisions or not?” he said.

The post Limited application of novel acquisition pathways hinders defense innovation first appeared on Federal News Network.

The Defense Information Systems Agency’s data strategy is less than two years old, but it’s already ripe for an update.

The next version, under development, will put an even sharper focus on data quality and advanced analytics to improve how DISA uses artificial intelligence and other tools.

Steve Wallace, the director of emerging technology and chief technology officer at DISA, said a new tool, called Concierge AI, embodies the agency’s plans for integrating data with AI today and in the future.

“How do we augment our staff, leveraging large language models, and bring the sheer amount of data that we have, whether it be unstructured documents or structured documents, and deliver that to the user in a user friendly sort of manner?” Wallace said in an interview with Federal News Network. “Almost like a chat bot that you’re seeing in many different places, but how do we make that specific around the DISA mission, sometimes focused on the back office features, but then also with an eye on how do we do defense cyber operations (DCO) and help an analyst better do their job to dissect an attack and what have we seen before, based on after action reports and that type of thing.”

The overarching goal is to reduce the friction to the user to find and analyze data to drive better decisions. And doing all it in a way that uses natural language to make it easier on the employees, Wallace said.

That idea of reducing friction, making data easier to understand and use is central to the update to the DISA data strategy.

DISA wrote in a LinkedIn post on March 13 that the agency has made progress around setting up data governance and a data architecture as part of its implementation plan.

“The evolution of quality data and advanced analytics within the DISA community is the sole focus of the chief data office and will empower the agency to harness AI technology and AI situational awareness, predictive intelligence and decision-making agility, thereby enhancing national security and organizational readiness,” DISA wrote.

The updated DISA Data Strategy for 2025-2027 will focus on these mechanisms as part of the modernization and maturation of the agency’s data efforts.

DISA’s lessons in using AI

Concierge AI is part of how DISA is demonstrating the modernization and maturation. Wallace said the initial pilot is giving security folks and users a level of comfort in using the LLMs in a government-cloud Impact Level 5 environment.

“Some of the lessons we’ve learned is really around how do we secure these [LLM] environments? The concept of these vector databases is generally new, how do we secure them? How do we make sure that we’re doing the right thing by the data that we’re ultimately storing,” Wallace said. “I think we’re going to learn a lot as well as we start to ingest a large document set, which we haven’t necessarily done yet in the lab. It’s been very small dribs and drabs, but I’ve been encouraged by what I’ve seen just with the limited amount of what we have been able to do. In the first half of this calendar year, we expect to have something out to the digital workforce to start experimenting with, and from there, we’ll gather information about the user’s experience, and then, potentially, make it go more wide scale.”

One big opportunity to take better advantage of LLMs and AI tools is for defensive cybersecurity actions. Wallace said some of DISA’s cyber analysts already are modeling an attack, decomposing an attack and understanding exactly what happened by applying AI and LLMs.

“Any way that we can augment them by taking the datasets and feeding them into some sort of model to provide some sort of output so that they can have a one stop shop, if you will, to understand the dynamics of things that we’re seeing is probably one of the biggest ones that that’s out there in front of us,” he said.

Other priorities: Quantum, mobile devices

Aside from AI, Wallace is also focused on several other priorities, including quantum encryption and rolling out classified mobile devices.

DISA awarded an Other Transaction Agreement to Sandbox AQ to figure out how to build a quantum resistant infrastructure in 2023. The prototype under development is for quantum resistant cryptography public key infrastructure.

“We’re in the phase right now of doing some crypto discovery. The OTA has, I think, eight different deliverables. We’re approximately halfway through it right now,” Wallace said. “This is about an education for us, and how we’re equipping the workforce to actually understand how some of these things work and the differences and, and watching as all of this evolves a lot more to come.”

The classified mobile device effort is further along. Wallace said he expects DISA to start rolling out the next generation devices in the coming months.

The post DISA sets the table for better AI with data management first appeared on Federal News Network.

When it comes to speed to decisions, the Army Software Factory offers an important use case. The organization leaned into automation and collaboration tools to disseminate information two to three days faster than through other means — like email or meetings.

This simple, but real-life example is helping the Army, and the Defense Department more broadly, fill the communications gulch that can exist in organizations, especially as agencies continue to adjust to a hybrid workforce.

“What we are most excited about is actually seeing these collaboration technologies that have been so successful in the private sector make their way into the public sector,” said Rob Seaman, senior vice president of platform product at Slack, during Federal News Network’s DoD Cloud Exchange 2024.

In addition to the productivity benefits from leveraging a collaboration platform, GovSlack’s recent FedRAMP High authorization means security conscious public sector agencies can rest assured their data is well protected, Seaman said.

“There are a few key aspects of these collaboration technologies that can help with some of the larger agencies that are interconnected and geographically dispersed or may have people that are working both in the office and at home,” he said. “Some of the primary benefits we see from these collaboration technologies are alignment and speed, as well as the ability to get people together and aligned around a particular initiative or topic where they can work faster than you ever have been able to do before.”

How to stay connected without meetings

Seaman said employees can work together or asynchronously without missing a beat or feeling like they were left out of a discussion.

He said executives at Slack, for example, encourage employees to write documents or record an audio or video clip in lieu of a meeting.

“We do this all the time, where instead of scheduling an all-hands call for the company, every other all hands we will actually do asynchronously, and our executives will just record clips, and then people can go in and watch them at two times speed whenever they like,” he said. “They can actually just read the transcripts instead of watching it if they aren’t in a place where they can listen to audio or it might be interruptive to what they have going on at home.”

Another benefit is the integration with third-party applications that collaboration and productivity tools bring, Seaman said.

How to reduce friction, increase agency speed

At Salesforce, Slack’s parent company, executives manage all of their approvals — from expenses to leave requests — right in Slack using the platform’s integration and automation capabilities.

“We’ve seen a reduction in the median time it takes to approve expense reports from 2.4 days to 1.7 hours  — across 80,000 employees,” Seaman said. “We see a ton of value in actually bringing the systems that your people need to use into where the communication is happening. When somebody needs to approve an expense report or somebody needs to approve a project brief or creative brief or something like that, just bring it to where they’re communicating. It’s also like a notification that may spark a conversation or requires a human to take an action.”

That integration with other software as a service applications is something any large organization in the public or private sector can take advantage of, he suggested. Too often organizations force employees to “context switch” between applications that don’t talk to one another, causing frustration and friction in their daily work, Seaman added. Slack has 2,700 apps that are integrated out of the box.

Seaman said authorizations like FedRAMP High and additional compliance features like application programming interfaces  for e-discovery and data loss prevention tools help engender confidence in the tools.

“The fact that using tools like this — that allow you to achieve a higher level of alignment across your organization, and all of your initiatives will ultimately make you as an agency faster — it allows you to embrace hybrid work,” he said.

“One of the ways that you can achieve that is by bringing more and more of your systems into where the communication is happening. Don’t make people go search for tasks. Bring tasks they need to do to them, and allow them to quickly act on them. You’re going to be faster, you’re going to save money, and, ultimately, they’re going to be happier and more productive.”

Discover more articles and videos now on Federal News Network’s DoD Cloud Exchange event page.

The post DoD Cloud Exchange 2024: Slack’s Rob Seaman on powering productivity, collaboration first appeared on Federal News Network.

The Defense Department’s IT modernization journey is as complicated as it is long. There is plenty of progress but even more opportunity to take advantage of cloud services capabilities — current and still to come. In 2024, DoD asked for more than $58 billion for technology and cyber funding, which is $13 billion more than what it asked for in 2023.

Andrew Churchill, vice president of public sector at Qlik, said while the funding is important, the Pentagon still is working to overcome policy hurdles, such as those around cyber authorization to move systems and data outside of its on-premise data centers and networks and to the cloud.

“One of the things that’s really important is now creating an enterprise of enterprises. DoD has made awards to Microsoft, Google, AWS and other cloud providers, and they now need to make sure that those systems and data environments are interconnected and operate just as they did when it was all behind their firewall,” Churchill said on Federal News Network’s DoD Cloud Exchange 2024. “One of the big things that needs to happen is a cultural shift around how they are going to bring all of those people that manage these platforms together and begin to break down some of those silos now that they’re in the cloud so they can take advantage of what the cloud is designed to make possible.”

Churchill, of course, is referring to the data that lives in each of the cloud instances. Military and civilian employees from across the department must share information and communicate in bigger and more immediate ways than ever before.

Available, trusted and ready DoD cloud presences

He said this is why DoD must rationalize the policies and access to those systems to better support coordination — to create agility within the processes that integrate and govern data.

“We reimagined the way that those cloud services were going to be consumed and deployed, and therefore how we architected those systems. What we really see as the potential is the idea that you are not going to simply deliver that same application that you had on-premise. You are going to have a set of services from ServiceNow, AWS and Salesforce, and build a set of capabilities that does benefits enrollment or does personnel readiness in the DoD,” Churchill said. “So how am I going to make those things available, trusted and ready to be able to support what obviously is going to become the most important thing in terms of strategic advantage going forward?”

This integration of different software as a service applications is starting to pick up steam across DoD.

The Navy’s big data platform, Jupiter, and the Army’s enterprise resource planning system, the Enterprise Business Systems – Convergence, are two examples of  such one-stop-shop platforms for cloud services.

Churchill said in the end, for both DoD and civilian agencies, these technologies all must lead to improved mission outcomes. In that vein, agencies need to rethink the path they take to IT modernization, he said.

“With low-code, no-code types of capabilities, the level of effort that you previously needed to deliver new capabilities is very different,” Churchill said. “When you start talking about artificial intelligence and analytics, it is more and everywhere. That should be the goal if you’re going to deliver financial management data that belongs everywhere in personnel decisions, supply chain decisions and in tactical execution. It’s about pervasively embedding decision support capability in business processes, in mission process workflows and everywhere you go.”

Discover more articles and videos now on Federal News Network’s DoD Cloud Exchange event page.

The post DoD Cloud Exchange 2024: Qlik’s Andrew Churchill on unifying DoD’s cloud enterprise first appeared on Federal News Network.