DoD in Transition by GovLoop

DoD IN TRANSITION

A GovLoop Guid e 2

CONTENTS THE CHALLENGE OF DIMINISHED RESOURCES «4«

EXECUTIVE SUMMARY

PREVENTING SECURITY BREACHES THROUGH PRINTER PROTECTION

THE STATE OF TECHNOLOGY AT DoD

13 HOW AN ARCHITECTURAL APPROACH IS TRANSFORMING CYBERSECURITY

THE CALL FOR COLLABORATION « 14 « THE NEED FOR INNOVATION « 24 « THE REALITIES OF TOMORROW « 34 «

WHY YOU SHOULD CONSIDER A NEW APPROACH TO ENTERPRISE TASK MANAGEMENT

THE STATE OF OPERATIONS AT DoD

ACHIEVING BETTER NETWORK VISIBILITY & MANAGEMENT

SECURING DoD WITH INTEGRATED MACHINE LEARNING TECH

THE STATE OF WORKFORCE AT DoD

MODERNIZING GOVERNMENT DIGITAL STRATEGIES

HELPING DoD MAKE THE MOVE TO CLOUD

40 CONCLUSION 42 DoD ORG CHART 43

ABOUT GOVLOOP

44 ACKNOWLEDGMENTS

DoD in Tra ns ition 1

EXECUTIVE SUMMARY Every four to eight years, most federal agencies face the challenge of potential transition. Which initiatives will endure into a new administration and which will be stripped of their resources? Will the current leadership stay in place or will the agency’s very organization be reconsidered? In this time of transition, the Department of Defense (DoD) is no exception. In fact, Joshua Marcuse, Senior Adviser for Policy Innovation at DoD, said that the uncertainty of a new administration is the dominant concern for the department. “First and foremost, you have to recognize that the big question is about the presidential transition, and how that will affect the organization,” he said in a recent interview with GovLoop. “So, it doesn’t make a ton of sense to talk about priorities for the next one or two years, because there’s a chance that they will change considerably.”

A GovLoop Guid e 2

Nevertheless, there are certain issues that DoD will have to confront regardless of who sits in the Oval Office. In this new GovLoop guide, we’ll explore four high-level issues that will continue to challenge DoD in the coming years, including: ««The Challenge of Diminished Resources: Even as budgets and personnel dwindle, DoD must continue to meet its mission. ««The Need for Innovation: To keep pace with changing technologies, new threats and enhanced workforce demands, DoD must become more agile and innovative. ««The Call for Collaboration: Across agency divisions and sectors, DoD must seek new partners and new partnership models to pool resources and ideas. ««The Realities of Tomorrow: While DoD meets the demands of today, it must also prepare for the challenges and opportunities of the future. To fully explore the implications of each of these issues, we will focus on three specific areas in each section: technology, workforce and operations. We will also share short descriptions of some initiatives and programs that DoD is undertaking to tackle current priorities.

DoD in Tra ns ition 3

THE CHALLENGE OF DIMINISHED RESOURCES

In fiscal year 2017, the Presidentâ&#x20AC;&#x2122;s budget called for more than $582 billion in DoD funding. However, that budget was more than $17 billion less than what the department anticipated. On the chopping block were weapons systems and planned procurements. The department needs to find new ways to cut costs and literally do more with less. A GovLoop Guid e 4

Technology In the late 1980s, DoD was in desperate need of an upgrade. Rivalries among the services had led to failures in the Iran hostage rescue mission and the invasion of Grenada. Resources were split among the services and not shared. Each branch used its own technologies to outfit missions. Enter the Goldwater-Nichols Act in 1986. The act brought substantive changes to the way the military was structured and created joint commands that compelled the services to work together and share resources.

As part of the shift to cybersecurity technologies, DoD plans to use the additional funds on a $100 million program to build and secure a new background investigation IT system and to replace DoD’s Host Based Security System, which the Obama administration proposed. Richard Hale, DoD’s Deputy Chief Information Officer for Cybersecurity, told Federal News Radio that the department needs smarter software that can detect malware code even when hackers modify it just enough to elude today’s scanners.

The Goldwater-Nichols Act represented the first major substantive changes to the department since its creation in 1947. Goldwater-Nichols was revolutionary, but now the art of war is changing. Cybersecurity and other civilian lead services are gaining importance. As a result, cybersecurity was one of the few areas to see a major increase in the latest budget.

However, the increase in spending in cybersecurity means cuts to other areas. According to the DoD budget proposal, the department plans to scale back on a wide array of weapon systems. In total, the planned procurement budget was cut by $8.2 billion.

In fact, despite the fact that the overall Defense budget was down by $17 billion from the initial fiscal year 2017 request, the funding for cybersecurity and other similar technologies went up by more than $1 billion to $35 billion across the services.

“How to manage ongoing budget pressures is going to be something that the current secretary and the next secretary are both going to contend with,” Marcuse said. And technology is sure to be part of that discussion.

Workforce To reduce costs, DoD is looking to modernize. One of the most widely considered measures is to reduce the overall size of the military.

strength of 450,000. These aren’t the first major cuts to the Army either; in 2012 the service cut more than 80,000 troops and shut down 13 brigade and combat teams. In total, the Army will have cut 120,000 soldiers — or 21 percent of the active force — since 2012.

Although no agency likes to see a smaller workforce, DoD has reached a point where the cuts are necessary due in large part to the 2011 Budget Control Act – also known as sequestration.

The Army also will cut about 17,000 Army civilians, shrink its two-star staff, and reduce headquarters size by 25 percent.

Sequestration will cut $487 billion from projected Defense spending over the next 10 years. Without cutting personnel, those congressionally mandated cuts are unattainable.

Even the Navy is thinking smaller. Thousands of active-duty sailors’ jobs will be downsized in FY 2017 via normal separations and retirements. The Navy doesn’t think it will need to separate any billets from service, but will find the staff reductions through retirements and natural attrition.

To help meet the requirements, the Air Force announced in January 2016 that it is issuing reductions in force (RIFs) to 1,000 civilian employees. The agency will attempt to avoid completely separating any employees, however, by using RIF flexibility to place them in other jobs or to reduce their pay.

The workforce cuts will go a long way to helping DoD stay fiscally afloat, but they do mean more work for the employees who remain. DoD is looking at alternatives for the types of work employees are responsible for and what work can be outsourced.

The Air Force is not alone. The Army is also looking to reduce its staff size. In July 2015, the Army announced it would shrink two brigade combat teams and convert at least one more as it cuts 40,000 soldiers to reach an active-duty end-

DoD in Tra ns ition 5

Operations DoD officials aren’t thinking only about a smaller personnel footprint, but a physical footprint too. Base Realignment and Closures (BRAC) is a big part of how the department plans to make dramatic cuts in the future. And BRAC is a big part of defense reform legislation currently on Capitol Hill.

However, any type of base closure is a political hot button issue because no member of Congress wants a military installation in their district to close. Regardless, the Pentagon has stressed once again that base closures are fiscally necessary. Closure pain could be eased by the fact one in five military facilities is so poorly maintained that they now meet the Pentagon’s definition of failing, according to DoD’s Facility Condition Report. That number has more than doubled in the past five years due in large part to budget cuts that make building upkeep a low priority.

“Whether you call it BRAC or infrastructure reduction, there is a clear and pressing view that the amount of infrastructure that DoD is managing and maintaining is well beyond its need at the moment,” said Kathleen Hicks, who served as a senior civilian official at the department and now is Senior Vice President at the Center for Strategic and International Studies (CSIS).

The excess capacity problems are most acute in the Air Force and Army. Those services’ rough calculations suggest that 30 percent of Air Force facilities are not used properly, and the Army has more than 20 facilities that should be shuttered.

And it’s not just reformers who are calling for BRAC. The Pentagon’s fiscal 2017 budget request marks the fifth year in a row that defense officials have requested a BRAC round.

In the absence of a BRAC authorization, the Army’s Installation Management Command ordered all of its base commanders to consolidate their tenants into the newest and best buildings a few months ago so that older facilities can be mothballed — avoiding the costs of facility upkeep and demolition until budgets improve.

Defense leaders estimate a new base closing round would save billions of dollars annually, and vow the process would be more efficient than in 2005, when the focus was on shifting the U.S. military toward fighting nonconventional wars such as those in Iraq and Afghanistan.

“

There is a clear and pressing view that the amount of infrastructure that DoD is managing and maintaining is well beyond its need at the moment.” Kathleen Hicks, Senior Vice President, Center for Strategic & International Studies

Takeaway #1

Takeaway #2

To ensure that DoD is fiscally

Although defense spending is

viable in years to come, the

down, DoD is making strategic

department is making tough

investments in the future,

staffing reduction choices

particularly in the area of

now. Its workforce is expected

cybersecurity. The budget for

to drop by more than 20

cybersecurity actually grew by

percent in the next five years.

more than $1 billion in FY 2017.

A GovLoop Guid e 6

Initiatives & Programs DON TRACKER In an effort to streamline recordkeeping and reduce cost overruns, the Navy is investing in next-generation recordkeeping technologies. The enhancements will help rein in spending and pinpoint which programs are truly effective. The program is called the Department of the Navy (DON) Tasking, Records, and Consolidated Knowledge Enterprise Repository (TRACKER). DON TRACKER will replace multiple Navy and Marine Corps task management and records management applications and processes. This new technology is very necessary considering that the Navy has more than 20 recordkeeping systems. A single, web-based solution, DON TRACKER will sort enterprise information services, common businesses rules and processes, consistent task and record terminology, user training aids, and Common Access Card authentications all in one place. Not only will DON TRACKER streamline data storage, but it will also help with task management and workflow. The software is designed to prepare, assign, assemble and distribute tasks via electronic workflow templates and forms. Think of DON TRACKER as the Navy’s personal reminder system.

Better Buying Power 3.0 It might seem obvious, but one of the best ways to save DoD money and resources is to buy new products, services and technologies more efficiently. Enter DoD’s acquisition reform known as Better Buying Power 3.0. The goal of Better Buying Power 3.0 is to reduce cost overruns that traditionally caused trouble for big military acquisition programs. The third version of the reforms, which started in 2011, focuses on innovation, technical excellence and the quality of products, according to a report from its implementation. Version 3 also places a premium on specific steps officials believe are needed to drive technical excellence into the systems the military buys. Those tactics include using data to drive decisions and allowing acquisition professionals to get more access to training. The tactics are already working. DoD showed a decline in the growth of annual contract costs from about 9 percent in 2010 — when the reforms began — to about 3.5 percent in 2015.

DON TRACKER was successfully piloted in 2013, and the Navy expects a full rollout by the end of 2016.

Joint Information Environment The FY 2017 budget clearly showed a strong emphasis on cybersecurity, cloud, infrastructure and unified capabilities with each area getting a budget increase. To ensure that these priorities are implemented uniformly and correctly, DoD is using the Joint Information Environment (JIE) model for their implementation and use. JIE was created in 2013 as a single, joint, secure, reliable and agile command, control, communications and computing enterprise information environment. Think of it as the one-stop shop for all things digital. You can learn more about JIE in our GovLoop guide. Now DoD will use that same approach to cybersecurity and the cloud. For example, Washington Technology reported, “the JIE framework can be seen in the recent shift from localized network protection to a more enterprise approach for securing the DOD enterprise with the Joint Regional Security Stacks.” The Air Force is leading the other services in JIE initiatives for cloud. It is using the Collaboration Pathfinder cloud platform for email, collaboration tools and storage capabilities. JIE goes a long way to building a cohesive technology vision for DoD, especially in tight budget times.

DoD in Tra ns ition 7

Printer security breach? Not on your watch. Defend your network with the world’s most secure printers. New enterprise HP LaserJets with JetIntelligence provide the industry’s deepest printer security.1 Features including HP Sure Start with its self-healing BIOS, whitelisting, and runtime intrusion detection come built in. hp.com/go/printersthatprotect

The world’s most secure printers and deepest level of security: Based on HP review of 2015 published embedded security features of competitive in-class printers. Only HP offers a combination of security features for integrity checking down to the BIOS with self-healing capabilities. Available on the HP LaserJet M527, M506, M577 and as an upgrade on the M552, M553, M604, M605, and M606. Some features will be made available as a HP FutureSmart service pack update on selected existing Enterprise printer models.

Ponemon Institute, “Annual Global IT Security Benchmark Tracking Study,” March 2015.

A GovLoop Guid e 8

« Industry Spotlight «

Preventing Security Breaches Through Printer Protection An interview with Joe Wagle, Worldwide Director for Solution Consulting, HP

At most agencies, security is everything. Hours and hours of manpower go into ensuring that systems are not vulnerable to internal or external breaches. Systems security has had to evolve quickly but some agencies have more seamlessly adapted to this evolution than others. At DoD, security is an integral part of the mission, and it has been a shining example for other agencies in implementing systems security protocols.

ing your risk. HP offers Printing Security Advisory Services, a thorough assessment of the security status and risk profiles. HP uses a team of security experts to engage with agencies to assess the level of risk in the print environment. This effort renders a roadmap and policy document with tactics to make the environment secure. Additionally, part of the services prong includes training. This training entails educating Chief Information Security Officers, the people who administer the printers, plus end users on the risks of unsecure printers.

However, despite DoD’s ability to lock down data through inhouse techniques, the department isn’t an expert at everything. As a result, areas that do not outwardly appear to be a critical part of security infrastructure are at risk of falling through the cracks. One example is printing. In an era of increased cyberattacks, printers are becoming more vulnerable to security breaches. Because of the few security controls in place, attackers view printers as the weak link in an agency’s security. As a result, DoD and other agencies need to address the fact that their printers have become a very open and unsecure data source that must be protected more stringently. They must treat printers like other devices in their network.

Second, HP must ensure that the software on the devices stays secure. Tools such as HP Security Management are a great example of software that keeps devices secure and compliant with the print policies that are implemented after the security assessments. Control user access and authorization are also necessary. This means using software that ensures only authenticated users are operating the device. “So if there is a data breach related to printing, we will have the forensic information to easily trace it back to a specific time, place, and device,” Wagle said.

To better understand how to protect the printers in your organization, GovLoop spoke with Joe Wagle, Worldwide Director for Solution Consulting HP, an information technology company that specializes in securing printers and PCs.

Finally, Wagle explained that the devices themselves have to exhibit the utmost security. This is particularly important in a sensitive environment like DoD where documents that may be printed are often more classified than documents at other agencies.

Wagle explained the issue with a simple comparison: “Imagine a house where all the doors are locked with certainty, but there is one kitchen window in the back that has been left wide open and there is a great big flashing sign around it saying, ‘Burglars enter here.’” Unsecure printers are the open window to an agency’s systems and must be addressed.

In addition to a three-pronged strategy, your own end users are also important. They need to understand the risk of the data on the pages they print, handle, and store. HP understands this is a social and cultural change as well as a technology fix. As Wagle explained, “We never want sensitive data just sitting around on devices, which is something we run into in government institutions all the time. Sometimes you walk up and there is just someone’s Social Security number or a bank statement on a piece of paper.”

But there are challenges to closing that window. DoD’s security policies and procedures are much more complex than other agencies’ because of the inherently sensitive materials they work with on a daily basis. Additionally, the department is so large that it has an astronomical range of printing devices and people who use them. Both of these elements make it difficult to implement standardized security measures. This is where HP comes in.

To counter this, agencies can implement HP Access Control. This requires printer users to use their badges or another method of identification to print documents. This means no more documents sitting at printers unattended, and if there is a security breach, the agency will know exactly when it happened and where it came from.

“The idea of printing as a threat or as a risk is relatively new, even to very sophisticated DoD security departments,” Wagle said. Outsourcing printer security to an organization such as HP allows agencies to rely on someone who knows best practices and standards regarding printer security to lock down their devices.

Ultimately, securing every door and window into your data systems allows agencies to work efficiently without worrying about who might be creeping in through their printers.

HP follows a three-pronged method to ensure that security. Security requires implementing technology, but also policies and procedures. First, printer security starts with understand-

DoD in Tra ns ition 9

THE STATE OF TECHNOLOGY AT DoD DoD spends about

$44 BILLION EACH YEAR on information technology + cybersecurity

The fiscal 2017 budget allocates $12.5 billion to science + technology to further innovation

A GovLoop Guid e 10

- CLOUD -

In the first quarter of 2015, DoD was awarded the highest value in cloud contracts compared to other agencies.

The pentagon is using at least 8 companies to provide cloud services.*

*Including Google for the Defense Education Agency’s Learning Management System and Amazon for the Defense Information Systems Agency’s Information Assurance Support Environment.

- CY B E R S EC U R I T Y DoD’s fiscal 2017 budget request includes nearly $7 billion in cybersecurity spending for the upcoming year.

DoD aims to have

133

CYBER MISSION FORCE TEAMS by 2018

68 CYBER 27 PROTECTION COMBAT TEAMS MISSION TEAMS

13 NATIONAL MISSION 25 SUPPORT TEAMS TEAMS

There were 30 million known malicious intrusions on DoD networks between September 2014 and June 2015. However, less than 0.1% of those attacks compromised a cyber system.

80% POOR USER PRACTICES

DoD in Tra ns ition 11

of cyber incidents can be traced to 1 of 3 factors:

POOR NETWORK AND DATA MANAGEMENT PRACTICES

POOR IMPLEMENTATION OF NETWORK ARCHITECTURE

to worry less and innovate more “Are we secure? Are we innovating?” Good questions. At Cisco we know that the more effective and simple your security solutions are, the more you can push the boundaries of what is possible. See why there’s never been a better time to use security to spark your next great idea at cisco.com/neverbetter

A GovLoop Guid e

« Industry Spotlight «

How An Architectural Approach is Transforming Cybersecurity An interview with Marty Roesch, Vice President and Chief Architect, Security Business Group, and Matthew Galligan, Regional Manager for Security, Department of Defense Sales Team, Cisco

Many of us are plagued with thoughts of whether we locked our front door or rolled up the windows in our car as we drift off to sleep at night. But agency IT teams worry much less about physical security. Instead, they toss and turn over the thought of potentially unsecure virtual networks. As the modern cyberthreat environment continues to evolve, the technology used to protect these networks from cyberattacks must also advance.

up the holes on the devices and get back to a known good state,” Roesch said.

One way to ensure your agency’s networks are as secure as possible is through the deployment of an integrated, architectural approach to security. This comprehensive model ensures that security and network infrastructure can operate together seamlessly. End-to-end network security is critical to keeping an agency’s data secure but it also plays a crucial role in countering the new generation of complex cyberthreats.

Roesch emphasized that, “currently, DoD’s operational readiness is doing better than ever because of the efforts that have been made to incorporate best practices.” However, DoD’s networks are also larger and more complex than ever, said Galligan. Given the challenge of managing such a large infrastructure, DoD and other agencies are adopting new technologies to automate and accelerate the time it takes to detect a threat. The increase in network size and capabilities has called for more innovative ways to ensure total network security.

Many security models are developed around securing the core components of the network, dealing with an attacker during an attack, or figuring out what happened after an attack. However, Cisco takes it a step further by working to cover all phases of the attack continuum.

To better understand how an architectural approach to security is helping agencies, specifically DoD, GovLoop spoke with Marty Roesch, Vice President and Chief Architect of the Security Business Group, and Matthew Galligan, Regional Manager for Security for the Department of Defense Sales Team at Cisco, an industry leader in networking equipment.

An architectural approach offers a way to ensure security while accounting for growing networks. “Security technologies are integrated and interoperable at a level where they can essentially reinforce each other and be more effective than standalone technologies,” Roesch explained.

They explained that at DoD, system security starts with a foundation of control over the operational environment across the entire organization. “It is necessary for employees to internalize the security plan, accept compromise is inevitable, and be able to regain control of the environment and remain resilient in the face of threats,” Roesch explained.

Through the architectural approach, end-to-end models manage security and provide unified response capabilities at a much broader scope. This moves away from taking the events of systems across technologies and putting them in an event management platform to more meaningful integration that leverages the intelligence that the various technologies bring to the table. A big issue agencies face in security is the ability to orchestrate security infrastructure across vendor platforms. End-to-end architecture allows agencies to manage larger sets of infrastructure securely, effectively, and seamlessly, while increasing capabilities against potential threats.

An architectural security approach offers protection throughout the network attack continuum. There are three stages to the attack continuum: before, during, and after. Each phase has different tasks you will want to accomplish and different tools that will be used to accomplish these tasks. During the first stage, identify the composition of the network so you know what you are protecting and how to configure and deploy defenses. Once the network is under attack, you must detect the attack as soon as possible, ideally to block it. After the attack is over, “you go back to the before-the-attack technologies and work to plug the gaps in the network, patch

At the end of the day, network security is about a comprehensive framework that allows for visibility and control. “Security should operate transparently and seamlessly, and moving forward, agency employees need to be active defenders of the environment under their protection,” Roesch concluded.

DoD in Tra ns ition 13

THE CALL FOR COLLABORATION As the workforce and other resources shrink, DoD is turning to new partners and new partnership models to meet changing demands. By pulling technologies, ideas, and even personnel from the private sector, the department will beef up its defenses and become more innovative. A GovLoop Guid e 14

Technology Although DoD may have the leading edge in weaponry and other heavy technologies, officials are quickly recognizing that it doesn’t hold the same advantage in the digital realm. To ensure that DoD maintains the same strategic advantage off the battlefield, officials are turning to private sector leaders and internal innovators to help with building better digital services and cybersecurity.

spreadsheets,” according to one report. It also integrates with the current DoD cybersecurity infrastructure. Although that sort of collaboration isn’t as easily achievable when dealing with external entities, DoD is nevertheless applying digital technologies to enhance exposure with non-employees, too. For instance, the department established the online Defense Innovation Marketplace to communicate collaboration opportunities with traditional and non-traditional contractors. The portal promotes diverse business opportunities and hosts communities of interest for third parties interested in collaborating with DoD.

But enabling that collaboration is easier said than done, particularly given the sensitive information DoD IT systems house. Therefore, the first step to collaboration is creating technologies that can efficiently and securely facilitate sharing. Last year, DISA announced the latest iteration of its collaboration tool. Formerly known as Defense Connect Online, the new Defense Collaboration Services (DCS) will provide an open source, online portal for users departmentwide to access real-time information and one another. “It offers secure web conferencing and communications, including video, voice, instant messaging, room-based chat, and the ability to share documents, PowerPoint slides, photos and

Finally, DoD is hosting technological interchange meetings. These organized discussions bring together industry leaders and DoD technology and procurement professionals. The meetings are organized around discrete technology needs such as cybersecurity and sensors, and broader priorities like nuclear deterrence. The goal is to facilitate “a discourse on mutually beneficial research and development investment” between both groups and to foster an ongoing dialogue around collaborative technologies.

Workforce A key component of DoD’s focus on collaboration is making it easier for non-Defense personnel to work within the government innovation system. “Another way we’re investing in innovation is by building what I call on-ramps and off-ramps for technical talent to flow between DoD and the tech sector in both directions,” DoD Secretary Carter announced. “That way, more of America’s brightest minds can contribute to our mission of national defense.”

But those programs are used less often today. “The resource niche is bad for talent especially because as we draw down on manpower, every career field has to pull in more rank and get more stovepiped in how it thinks about people,” said Maj. Miriam Krieger, an Air Force fighter pilot and current doctoral student at Georgetown University. “They have key, critical billets they need to fill, which means that they’re not going to send people to these cross-cutting new opportunities and new experiences.”

This isn’t the department’s first attempt at creating a workforce honed in the private sector. The 1994 SecDef Corporate Fellows Program was established to allow select officers the chance to maintain their position while gaining a year’s experience at a company or corporation.

Carter’s Force of the Future program is attempting to reinstitute some of these practices and diversify skill sets. Specifically, the program expands sabbatical programs to allow more employees to take time away from the Pentagon and gain insights from the private sector.

“We still have a small number of people in uniform that are taking a year to go work in a private sector company and get those experiences and bring them back to DoD,” said Marcuse. “I don’t know that you would technically call that partnership, but it is certainly collaboration. The Secretary describes this as permeability and it’s one of the animating principles of his vision for human capital in the department. The ability to have more mixing between business and public service brings dynamism to both sectors.”

However, DoD is also increasing employees’ exposure to industry by bringing the brightest from the private sector into the department. The Defense Digital Service (DDS), for instance, will recruit talent from major companies such as Google and smaller startups to work side-by-side with Defense personnel for one- to two-year stints. The department is also creating new paths for people to enter or re-enter military service in the middle of their careers, after gaining knowledge from private enterprises.

DoD in Tra ns ition 15

Operations When people think of collaboration at DoD, they typically think of public-private partnerships (PPPs). “Public-private partnerships are really important, but I think when people hear that term, they don’t think of partner as an adjective. They think we are signing something like a treaty between the government and a company, and we’re calling it a partnership,” said Marcuse. “Of course, we do that. PPPs do exist and there are parts of DoD that are learning to specialize in how to make those arrangements…but part of the difficulty is that sometimes that sets a very high bar and it’s actually a barrier to collaboration. What we need a lot more of is public-private partnering.”

competitions via Challenge.gov, and hosting its own events and challenges to bring in private sector ideas. DoD is also exploring formal programs to attract informal partners. Marcuse pointed to the Defense Innovation Unit Experimental (DIUx) as a prime example of collaboration, rather than a strictly defined PPP. “There you see a concerted effort on behalf of DoD to reach out to startups, venture capitalists, and entrepreneurs to understand their needs and figure out how to refresh our approach to technology and acquisition, to incorporate the incredible entrepreneurship and solutions of the private sector,” he said.

“The difficulty with PPPs as they’re currently conceived is that sometimes they’re really important, but very hard to put in place,” he continued. “We need to be better at collaborating with industry in a way that’s more agile.”

However, the program is moving beyond the formal partnership model to hosting informal dialogues between partners. The recent Small Business Townhall and Networking Event is one example of how the initiative will bring industry members face-to-face with DoD cohorts to facilitate real-time conversations and collaboration.

To achieve these collaborative endeavors, the department is looking beyond the rigid PPPs of the past to more flexible arrangements. It’s participating in several official challenge

“

The difficulty with Public-Private Partnerships (PPPs) as they’re currently conceived is that sometimes they’re really important, but very hard to put in place. We need to be better at collaborating with industry in a way that’s more agile.” Joshua Marcuse, Senior Adviser for Policy Innovation, Department of Defense

Takeaway #1

Takeaway #2

To ensure a diversity of

DoD is moving away from strict

perspectives, the department

partnerships to more fluid

is seeking new ways to buffer

collaboration models to gain

its workforce with external

resources and insights from the

skill sets and personnel.

private sector more efficiently.

A GovLoop Guid e 16

Initiatives & Programs Hack the Pentagon Rather than waiting for system vulnerabilities to be exposed in breaches, DoD is taking a proactive approach to security by launching a bug bounty program. In that program, third-party hackers — called white hat hackers — will search for vulnerabilities in DoD’s information infrastructure and report them to the department for a fee. This isn’t a new concept. Private sector organizations such as Microsoft have long paid external cyber experts to identify and resolve vulnerabilities in their software before malicious hackers could exploit them. But DoD has been reticent to use this common cybersecurity tactic because of the potential exposure of sensitive information and systems to non-government employees. To address that concern while still benefitting from the expertise of non-government hackers, DoD is limiting access so that participants search only agency websites, rather than internal systems, for weaknesses. Additionally, potential bug bounty hunters must undergo background checks before participating in the program.

Spectrum Collaboration Challenge Also known as SC2, this initiative headed by the Defense Advanced Research Projects Agency (DARPA) is the latest attempt to apply private sector innovations to a complex technical problem. To ensure that military and civilian DoD employees have necessary access to the radio spectrum, DARPA is turning to private sector innovators in the fields of machine learning and artificial intelligence. “The current practice of assigning fixed frequencies for various uses irrespective of actual, moment-to-moment demand is simply too inefficient to keep up with actual demand and threatens to undermine wireless reliability,” explained William Chappell, Director of DARPA’s Microsystems Technology Office. The program will follow other challenge competition models in awarding research contracts, but with one major difference. Unlike other challenges, which award the most competitive products, the winner of SC2 will be the company that can share information and practices most intelligently. This program’s emphasis is to rapidly apply a solution to the spectrum challenge, the program leader said.

DoD in Tra ns ition 17

Army Research Laboratory West The Army Research Laboratory (ARL) is seeking new voices to direct research and development efforts with its ARL West campus and road show. The program is described as “an effort to collocate Army research and development personnel and gain access to subject matter experts and technical centers and universities not well represented on the east coast.” In this collaboration effort, geography is everything. First, by collocating military, civilian, and academic personnel in a single space, the Army hopes to foster informal collaboration and thought sharing. Additionally, by placing this new campus on the West Coast, the branch is encouraging new insights from non-Eastern institutions, which it admits have largely directed Army research efforts in the past. ARL West is the newest development of a larger Army initiative called Open Campus. That program promotes idea-sharing among Army researchers and private citizens, academics, and scientists through collocation, cross-industry work details, and site visits.

Helping agencies transform the business of government. The only open source platform certified to the DoD 5015.02 Standard

Alfresco delivers the capability and functionality of Content Management, Process Management and DoD 5015 compliant Records Management on a single, open source platform capable of government scale. This eliminates the need to purchase and support discrete point solutions from multiple vendors, saving organizations tens of millions of dollars.

Our Customers Include:

With Alfresco, government can utilize the power of digitization, automation and cloud and open source technologies to improve efficiencies, lower costs, and meet program needs in key solution areas including: • Task & Workflow Management • Case Management

• FOIA Management • Correspondence Management

• Digital Asset Management

• Data & Information Management

Alfresco achieves benchmarking milestone by processing

1 billion documents with Amazon Aurora A GovLoop Guid e 18

Learn More on

alfresco.com

« Industry Spotlight «

Why You Should Consider a New Approach to Enterprise Task Management An interview with Keith Winderlich, Task Management Specialist, Alfresco The scope of effort and coordination it takes to run a government organization is difficult to grasp, especially when it comes to task management. Sometimes a single request involves dozens of people and hundreds of emails, documents, and records, and separate departments that have unique policies and systems to manage the process. Suddenly, mapping out what has already happened and what still needs to be done becomes more challenging and can result in mission-critical deadlines being missed. Additionally, security and compliance become problematic due to lack of transparency and oversight between disparate, ungoverned systems.

mand and approving back up requires complex tracking and oversight. And, in addition to hierarchical approval, DoD personnel often have to collaborate across the organization. To satisfy the requirements for a modern task management solution, “Alfresco offers a platform that integrates content, process, and records management into a single, cost-effective solution, enabling everyone in the organization to become a user without being locked into any proprietary technology,” said Winderlich. The unified solution platform is easy to integrate and allows DoD and other agencies to function more efficiently by creating transparency throughout the task management process, automating workflow, eliminating redundant content and records management, and securing information across the enterprise.

Many tasking technologies have been deployed to solve various aspects of the challenges mentioned above. Some have been short-term solutions that resulted in systems needing to be replaced a few years later as requirements changed. Others have been too cost-prohibitive to expand across the organization and often required additional investment in a vendor’s stack.

As an open source platform – the only one certified to the DoD 5015.02 standard – “Alfresco is able to meet DoD security and compliance standards and eliminate vendor and technology lock-in,” Winderlich explained. The flexibility and cost effectiveness of Alfresco as a tasking platform allows DoD and other government agencies to deploy solutions that fit their specific needs.

To change the game, agencies need to look at enterprise tasking solutions that can cost-effectively scale by automating processes, delivering multiple point solutions on a single platform and using scalable technologies such as open source and cloud.

One example of a task management solution using the Alfresco platform is the Department of the Navy Tasking, Records, and Consolidated Knowledge Enterprise Repository (DON TRACKER). It delivers a single enterprisewide system to the Navy and Marine Corps so users only need to train on one easy-to-use system with visibility and transparency for each tasker, and the content and records associated with it.

In order to better understand why enterprise tasking is important to the Department of Defense (DoD), as well as other federal agencies, GovLoop spoke with Keith Winderlich, Task Management Specialist at Alfresco. “Enterprise tasking can include tasker management, staff actions and other tasking related processes. It needs to include process management for the automation of tracking and assignment, content management for the tracking of requests and authoring of responses, and records management to ensure compliance,” Winderlich said. He explained that when departments within organizations are tasked with a project, they develop their own requirements and solutions. This is problematic because task management in isolated systems stovepipes the process and makes it less efficient and more expensive. “It creates redundancies, allows for classified information spillage, and makes compliance with records management mandates very difficult.”

Navy is retiring 20 different tasking and records management systems and replacing them with DON TRACKER. Retiring these disparate legacy systems will save tens of millions of dollars in storage costs alone and enable the Navy and Marine Corps to be more effective in their modernization efforts. Since its limited deployment in March, the Navy has already cited a 57 percent decrease of tasker time in process with plans to expand usage Navy-wide. The Joint Staff will also be deploying an enterprise tasking and records management solution using the Alfresco platform with an emphasis on configuring and automating various workflows. With the new solution, they will manage eight workflows including staff actions, correspondence and FOIA requests.

With enterprise tasking, an agency involves everyone in the organization, giving all personnel the ability to collaborate on the same easy-to-use system with appropriate security and policy limitation and insight into what’s happening as needed. This is particularly valuable, yet challenging for DoD, which must put everything through the chain of command and have extremely strict security standards. Assigning down the chain of com-

Ultimately, enterprise task management solutions offer collaboration and flexibility, accountability and transparency, and the ability to avoid missing deadlines. This gives senior leaders the visibility over simple and mission-critical tasks that they did not previously have, making task and records management much more efficient.

DoD in Tra ns ition 19

THE STATE OF OPERATIONS AT DoD DoD is one of the largest federal holders of real estate, with nearly 562,000 facilities on more than 4,800 sites worldwide, covering more than 24.9 million acres.

Defense has property in all 50 states, 7 U.S. territories with outlying areas and 42 foreign countries.

DoD occupies 276,770 buildings globally, valued at $585 billion and covering more than 2.2 billion square feet. The department has 178,000 structures, valued at more than $131 billion, and manages more than 107,000 linear structures (such as runways, roads, rail lines, fences or pavement) valued more than $163 billion.

As a share of total federal spending, Defense spending has dropped from 57% during the Korean War to 43.4% during the Vietnam War to 14.3% during fiscal 2016.

KOREAN WAR 57%

VIETNAM WAR 43.4%

Sources: DoD 2016 Budget | Politifact | Government Accountability Office

A GovLoop Guid e 20

FY 2016 14.3%

DoD obligates more than $300 billion per year on contracts for goods + services, including:

PHASES IN THE DEFENSE ACQUISITION PROCESS

1. Material Solution Analysis 2. Technology Maturation + Risk Reduction

MAJOR WEAPONS SYSTEMS

SUPPORT FOR MILITARY BASES

IT CONSULTING SERVICES

COMMERCIAL ITEMS

3. Engineering + Manufacturing Development 4. Production + Development 5. Operations + Support

In FY 2014, DoD obligated more money on federal contracts ($285 billion) than all other government agencies combined. DoDâ&#x20AC;&#x2122;s obligations were equal to 8% of federal spending. Those contract obligations included:

The most recent Obama budget proposed a 7.8% increase in the base DoD budget between 2015 and 2016. The spending bill enacted in fall 2015 puts the Defense budget on a path to start growing in fiscal year 2016, up about 6% from the previous year.

RESEARCH + DEVELOPMENT 10% GOODS 45%

SERVICES 45%

THE DOD ACQUISITION REVIEW PROCESS INCLUDES

agencies at eight different levels

AND CAN ACCOUNT FOR

1/2

BUT ONLY INCREASES VALUE BY

the time needed to complete information requirements

DoD in Tra ns ition 21

10%

according to most program managers

IT Management & Monitoring For Government That’s Powerful, Aﬀordable & Easy-to-Use SolarWinds® products are designed to solve the problems IT professionals face every day. With a continuously expanding product line, that can scale to meet your needs across your enterprise, we make the most cost eﬀective, easy-to-use IT management software available, revolutionizing the way DoD and federal IT manage their operations. SolarWinds eliminates complexity from every IT process imaginable, including: • Network Management • System Management • Security Information & Event Management • Database Performance Our products are easy to buy, install, use, scale, and maintain, yet still provide the power to resolve any IT management problem. No matter what your IT challenge is, we have a product that can quickly deliver results, whether it is network operations, cyber security, data center consolidation, continuous monitoring, scaling to the enterprise, or compliance, so you can do more with less.

IT Management & Monitoring Solutions for Government

Go to

SOLARWINDS.COM/FEDERAL

to Download Fully-Functional FREE Trials

Network • Application & Server • Log & Security • Virtualization • Storage Help Desk • File Transfer • Database Management 877.946.3751 • federalsales@solarwinds.com • solarwinds@dlt.com A GovLoop Guid e SolarWinds Government 22

« Industry Spotlight «

Achieving Better Network Visibility and Management An interview with Joel Dolisy, Chief Information Officer, SolarWinds

With any large organization, achieving effective visibility and management is a challenge. At an agency like the Department of Defense (DoD) with several complex networks spread across commands and terrains, achieving strong visibility and management can seem nearly impossible.

Using tools to help build stronger visibility in log and event, patch and configuration management can help address many of those issues. “It’s helpful to ensure that your log and event and patch management tools have the flexibility to detect when your system is being exploited,” said Dolisy. Similarly, a strong configuration management process lets agencies understand who can make changes where, making it possible to identify when a change is valid or when it is the product of hacking.

To learn more about DoD’s challenges and the current cyber landscape, GovLoop spoke with Joel Dolisy, Chief Information Officer at SolarWinds, an enterprise IT management software company. He shared how federal agencies can better take advantage of IT management and monitoring tools and processes to successfully carry out mission critical tasks.

These tools are constantly evolving, allowing for greater flexibility and adaptability to different mission needs. They help provide agencies with greater operational visibility of IT networks and any potential issues that may arise. One example of how DoD is taking advantage of network management tools is the Army’s Warfighter Information Network-Tactical’s (WIN-T) partnership with SolarWinds.

To shed light on these challenges, SolarWinds recently sponsored a survey of 200 federal government IT leaders. Almost half of survey respondents were from DoD, and 45 percent of them said that IT consolidation and modernization had increased security challenges, primarily due to incomplete transitions to newer platforms and difficulty supporting everything.

WIN-T provides support for the Army’s tactical network by enabling soldiers operating in remote or challenging terrain to maintain voice, video and data communications while on the move.” In order to effectively manage this program, WIN-T employs a variety of SolarWinds network management, monitoring, and troubleshooting tools.

“One of the biggest problems of incomplete transitions is that you get the worst of both worlds, because you don’t get the full benefits of the new platforms yet… and you still have to deal with the problems associated with the old platforms,” Dolisy noted. Though agencies aim to improve the user end experience with these transitions, adding new technologies creates more complexity behind the scenes.

These tools are deployed at regional hubs across the globe at several different levels, promoting communication throughout the network. In addition, SolarWinds worked with WIN-T to develop and test a new tool for aggregating relevant information. This solution works with existing technologies to increase efficiencies and reduce costs for the Army.

The problem is especially significant at DoD because of its size and the complex interactions between groups and systems in the agency. Complex environments can inhibit visibility and management of IT networks. Dolisy explained why that’s a problem: “If you don’t have the right visibility in addition to a complex environment, you’re basically running blind. Transitions can create a lot of pressure if you’re not prepared to manage the old and new systems, because now you have to monitor two fronts, instead of just one.”

When choosing what tools to use, WIN-T considered the technical capabilities, affordability, ease-of-use, and interoperability of their options. WIN-T needed a solution that allowed users to easily detect and address network issues, as well as a product that could be integrated with new tools in the future. Understanding the visibility and network needs of their system helped them choose the tools that were best suited for their mission.

Dolisy said the worst thing an agency can do is deploy a new IT plan and then expect to figure out the details later. Instead, agencies have to figure out how they’re going to address the issues of visibility, vulnerabilities, security management, and configuration management as a part of their rollout plan.

Visibility and network management are key for successful missions, and this is especially true at DoD. WIN-T’s partnership with SolarWinds highlights the ways federal agencies can benefit from network visibility and management tools.

According to the SolarWinds survey, defense respondents said the top steps for reducing vulnerabilities include improving application security, standardizing network configurations, and increasing configuration change management.

DoD in Tra ns ition 23

THE NEED FOR INNOVATION Threats to our nation no longer come only from air, land, or sea. New threats come from cyberspace, too. Yet DoDâ&#x20AC;&#x2122;s technology, workforce, and operations continue to be honed for traditional concepts of war and security. To address rapidly changing internal and external vulnerabilities, the department must innovate.

A GovLoop Guid e 24

Technology When people think of DoD technology, they often think of the cutting-edge weapons designed in DARPA’s secret confines. And although those tools may be leading the battlefield, other technologies aren’t being created or deployed as quickly at DoD. “There is a need to improve organizational innovation, though not necessarily the battlefield innovation,” said Marine Corps Capt. Chris Wood.

However, not everyone agrees that DIUx has been a success. The mixed results led Carter to announce a revamp and expansion of the program in May 2016. The program, called DIUx 2.0, will build on the accomplishments of the first program but also “throw out what doesn’t work,” he said. By establishing a second office in Boston, the Pentagon hopes to expand the program’s focus beyond Silicon Valley and attract more partners.

But just how will the department engender and leverage the next generation of technologies? DIUx, announced in August 2015, is the flagship program to take the best from private industry and quickly deploy it within DoD. It brings together contractors, small businesses, and other corporations to discuss DoD’s pressing technological needs in real time.

In addition to this external partnership initiative, the department is creating internal programs to spur innovation. DoD created DDS last year to incubate and promote digital innovation departmentwide, while smaller shops such as the Air Force Office of Transformational Innovation and the Navy’s Innovation Cell are tackling branch-specific agility needs.

According to the latest update from the department, the initiative has resulted in 22 pilot programs with industry partners. Those programs tackle an array of innovation ideas including dynamic network mapping and lean startup methodologies, in addition to discrete technology needs such as endpoint protection through micro-virtualization and automated textual analysis and content curation.

The investment in these internal programs signifies a change in mindset for DoD. Although the department has always heavily invested in traditional research and development projects, leaders are recognizing that truly innovative technology cannot be created without first addressing deeper structural and cultural barriers to innovation.

Workforce Wood explained the importance of workforce to innovation: “I began to research what innovation really looks like, particularly from a corporate perspective and from a Silicon Valley perspective,” he said. “In doing that, you find out that it really is all about the people. It’s not about the technology or even the ideas. It’s about having the right person to drive that change — to be the change agent, to be passionate and to be persistent.”

incremental improvements that are designed to make the department more effective at recruiting the millennial generation and the post-millennial generation,” Marcuse said. “They will bring the department up to speed on the way the strategic environment is shifting, but also the way the workforce is shifting.” The most noted improvements lately have centered on work-life balance for military parents. For example, Secretary Carter announced a 12-week maternity leave policy in January 2016. The department also promised to extend childcare hours and decrease waitlist times for employees with children.

To recruit and retain those change-makers, DoD must revamp the way it hires and incentivizes its employees. Specifically, it needs to make benefits compelling enough to recruit those innovators who might otherwise choose better-paying jobs in the private sector. But as Lt. Gen. David Barno, retired Senior Commander of U.S. and coalition forces in Afghanistan from 2003 to 2005, noted, “The current system doesn’t understand the concept of a war for talent.”

Beyond work-life balance initiatives, DoD is looking at other ways to make government work more congruent to private sector roles. “We are creating more fellowship opportunities for rotations, particularly training with business and industry,” said Marcuse. “Ultimately, we are changing the culture of the department to better understand the best practices from business.”

“We’re dealing with an Industrial Age personnel system that’s institutionalized in statute with the Defense Office of Personnel Management Act,” he continued. “It is not designed to focus on the individual. It’s designed to meet the needs of the institution, and it really hasn’t been brought up-to-date with any of the modern ways of thinking about how to manage talent.”

Finally, DoD is seeking new ways to expand recruitment opportunities while diminishing recruitment timelines. “We’re really trying to find ways to create a pipeline for the best and brightest young Americans to serve as civilians,” he said.

Thankfully, reforms coming from the Force of the Future initiative are starting to change personnel practices. “These are

DoD in Tra ns ition 25

Operations To support that constant evolution of innovation, DoD’s project management strategies must become more adaptive. This isn’t a new realization. In fact, the 2010 Defense Authorization Act called for an agile IT acquisition process that included “early and continual involvement of the user; multiple, rapidly executed increments or releases of capability; early, successive prototyping to support an evolutionary approach; and a modular, open-systems approach.”

authority” (OTA) capability — to procure a more diverse array of tools, more quickly. “We have a lot of authorities that we just don’t use. We have a lot of flexibility that we don’t actually take advantage of,” said Camron Gorguinpour, Director of Air Force Transformational Innovation. Second, many internal departments are trying to empower lower-level staff to make innovation and procurement decisions. “Bureaucratizing innovation is possible,” Maj. Krieger explained. It simply requires allowing more staff to make quicker decisions using more agile procurement methods.

But despite that call, progress on operationalizing innovation has been minimal, according to some. “We have no problem with DIUx, but we have a serious, serious problem with the contracting officers and with the purchasing process and the acquisition process,” John DeSantis, Chief Executive Officer of security software company HyTrust, said in a statement regarding innovation initiatives at DoD.

Wood said he is a prime example of this idea in action. “I make decisions that are far above my pay grade, but that’s only because I have the right leadership that enables me to do that,” he said. “And it’s beautiful. I can get so much done so quickly because of that.”

Procurement procedures continue to be the biggest impediment to innovation at DoD. Even the Air Force’s Office of Transformational Innovation can boast only an incremental procurement cycle of six months — far longer than private sector goals of one to two weeks. Moving forward, department leaders are hoping to correct this issue in two ways. The first is by leveraging existing flexible contracting vehicles — particularly the “other transaction

Nevertheless, many departments still struggle to engrain innovation goals into their procurement procedures. We can expect to see an even more concerted effort in the future, particularly from the House and Senate Armed Services committees, to overcome this obstacle with operational and legislative reform.

Takeaway #1

Takeaway #2

The department is taking a

Operational inefficiencies,

dual approach to innovation,

particularly in acquisition

partnering with industry lead-

processes, continue to be the

ers to accrue the best ideas

biggest barrier to successful

and practices of the private

innovation at DoD. Procure-

sector, while also engendering

ment reform will be a nec-

more agile practices and skills

essary focus in the coming

among its own employees.

years, regardless of the administration that takes office.

A GovLoop Guid e 26

Initiatives & Programs Defense Digital Service Launched in November 2015, DDS is one of DoD’s latest moves to follow other federal agencies’ innovation examples. Interestingly, DoD was exempted from President Obama’s 2016 budget request to have 25 federal agencies and departments set up in-house digital teams. Nevertheless, Secretary Carter decided to allocate DoD resources to building its own team. Modeled after the U.S. Digital Service (USDS), the internal service “will bring in talent from America’s technology community to work for a specific period of time, or for a specific project, to apply a more innovative and agile approach to solving DoD’s complex IT problems,” said Carter. Technology entrepreneur and former USDS employee Chris Lynch leads the team. One of DDS’ first initiatives is to strategically transfer records from DoD to the Veterans Affairs Department. However, DoD expects to broaden the team’s responsibilities to multiple digital innovation projects by the end of year, including the deployment of a commercial cloud platform.

Defense Innovation Advisory Board

Army Cyber Innovation Challenge

Recognizing the value of nongovernment perspectives to innovative processes, the department established in early 2016 an advisory committee of privatesector leaders to help steer future innovation efforts.

Capitalizing on the momentum of the DIUx launch in Silicon Valley, the Army started its own initiative to collaborate with the private sector in March 2016. The Army Cyber Innovation Challenge “targets small and micro companies by working through a consortium of nontraditional innovators and allows awards to nontraditional businesses for prototype equipment on a commercial timeline.”

Eric Schmidt, Chairman of the Google holding company Alphabet, will chair the advisory board. In a press release, Assistant to the Secretary of Defense for Public Affairs and Pentagon Press Secretary Peter Cook explained that choice: “Schmidt has a unique perspective on the latest practices in harnessing and encouraging innovation, and the importance of technology in driving organizational behavior and business operations.” The Defense Innovation Advisory Board will closely resemble the setup of the Defense Business Board established in 2001, but this program will have a more specific focus on enhancing culture and technology processes for the sake of innovation. The department identified “rapid prototyping, iterative product development, complex data analysis in business decision making, the use of mobile and cloud applications, and organizational information sharing” as main priorities on which the board will provide advice.

DoD in Tra ns ition 27

The challenge will make use of the OTA contracting vehicle in order to partner with nontraditional DoD contractors and micro businesses. “The OTA mechanism provides cost-sharing, shortens the capability-development cycle and speeds the transition of prototypes to the government,” according to the Army. In March, the Army explained the vehicle, and its needs for micro-cloud management, to an audience of 120 private sector partners. In an uncharacteristically open move for DoD, the Army posted video recordings and slides from the launch event so that non-attendees could gain insight and participate in the new program.

BIG DATA ANALYTICS

CLOUD COMPUTING

CYBER SECURITY

DATA CENTER MODERNIZATION

MOBILITY & END USER COMPUTING

NETWORK MODERNIZATION

STREAMLINED IT, SO DOD AGENCIES CAN SUCCEED Government Acquisitions, Inc. (GAI), a solutions provider with 25+ years of experience, is proud to be an Army ITES-3H contract holder.

Dedicated DNA. Mission Mindset.

The Information Technology Enterprise Solutions-3 Hardware (ITES-3H) contract in coordination with

Learn More about GAIâ&#x20AC;&#x2122;s ITES 3-H Contract:

the United States Army Contracting Command, is a

http://gov-acq.com/contracts/army-ites-3h/ Contract Number: #W52P1J-16-D-0019 Contractor Status: Small Business (SB)

multiple firm-fixed, indefinite-delivery/indefinitequantity contract with a ceiling of $5 billion, open to Army and other authorized buyers. The ITES-3H contract vehicle enables organizations to provide agencies with commercial IT equipment, including

For information and quote requests: Email ITES-3H@gov-acq.com or call (513) 721-8700

servers, workstations, PCs, networking equipment, storage environments, and other IT products. Modernize. Optimize. Deliver.

A GovLoop Guid e 28

« Industry Spotlight «

Securing DoD with Integrated Machine Learning Technologies An interview with Prem Jadhwani, Chief Technology Officer, Government Acquisitions

When you think of wars the Department of Defense faces, you may think of battles taking place in on land, sea, or in the air. However, Chief Technology Officer Prem Jadhwani of Government Acquisitions, a leading technology solutions provider for federal government, explained that one of the most pressing challenges for DoD is actually occurring in cyberspace.

IT pain points, including provisioning new services with fewer resources and more efficiently managing higher scale workloads, while helping DoD agencies become far more streamlined and agile. Additionally, these automated technologies help defense organizations meet regulatory challenges. “With the rise of cyberattacks, agencies are faced with increasingly complex industry and federal compliance requirements,” said Jadhwani. “As if the challenges associated with these compliance requirements weren’t enough – challenges like finding the time, staff, and resources necessary to maintain these standards – DoD agencies still need to uphold an impeccable security posture while working with less budget.”

“Within the current threat environment of DoD, there are two important cybersecurity concerns to highlight,” Jadhwani said. “First, the amount of security incidents being detected is growing astronomically. Second, the types of attacks are completely changing from traditional attacks like password breaches to more advanced persistent threats.” As a result of these dual challenges, what used to work in the past is no longer effective. “Many agencies are finding that their current practice of one-off patching is not sustainable; it strains the resources of both the vendor developing the patch and the end user deploying the patch,” Jadhwani explained

Machine learning and artificial intelligence solutions can automatically update and adapt to maintain the latest security requirements without requiring labor-intensive or costly maintenance from IT staff.

Additionally, many current tools are not effective in detecting and preventing advanced persistent threats and targeted attacks. To counter this, agencies are beginning to deploy solutions that take advantage of advances in machine learning, artificial intelligence and natural language processing. These technologies automatically detect and repair system vulnerabilities at speeds impossible to match by traditional IT solutions.

But in order to reap the benefits of these advanced technologies, Jadhwani explained that most agencies will need a strategic partner to help create a holistic IT infrastructure. “Agencies need to seek help from solution providers that can bring state of the art solutions to modernize the IT infrastructure from two important aspects – increasing both raw performance and efficiency through automation – while ensuring everything remains highly secure,” he said.

“For instance, we have one solution that uses artificial intelligence, machine learning, and natural language processing to scan almost 500,000 endpoints in 15 seconds,” Jadhwani said. “Then, it tells you that out of those endpoints, one hundred thousand endpoints do not have the patch; here is where they’re located; and here’s what you need to do to repair them. That process used to take several weeks, because people used to store that information manually, on a spreadsheet.”

As the number of potential solutions increases and diversifies, it becomes difficult for IT administrators to create an integrated network that can monitor all endpoints and share security information across the enterprise. To mitigate this concern, some third party organizations are creating and integrating modern technology suites. For instance, Government Acquisitions’ Hyper Converged Analytics Platform (HyperCAP) integrates technologies from multiple vendors including Dell, Palo Alto Networks, and Splunk to create an end-to-end data analytics solution for agencies’ IT and security operations. Rather than requiring an agency to piece together disparate solutions, this platform provides a holistic solution that makes the most of modern technologies to monitor an entire enterprise.

In addition to creating efficiencies in cybersecurity, these solutions also solve two other common challenges facing DoD. First, they replace legacy systems that inhibit organizations from keeping pace with technological changes. Obsolete software and hardware are expensive, inefficient and time-consuming to maintain. According to one GAO report, more than 75 percent of the government’s IT budget is spent solely on maintaining legacy IT systems. Additionally, most legacy technology doesn’t grant the agility necessary for agencies to keep pace in a changing threat landscape.

“To overcome these challenges, organizations should not confront these obstacles alone, and instead seek partners who have already helped other federal agencies overcome them,” Jadhwani urged. “Learn from these partners about the integrated solutions and best practices to make headway on your own projects.”

In contrast, a modern and optimized network can assist DoD in its efforts toward data center consolidation and a unified network through its ambitious Joint Information Environment (JIE) initiative. Modernization can also alleviate many federal

DoD in Tra ns ition 29

THE STATE OF WORKFORCE AT DoD the department has

1.3 MILLION

men + women on active duty The DoD active duty force has 4.6 enlisted personnel for every one officer

SOLDIERS 1,015,000

AIR FORCE - 1 officer for every 4 enlisted personnel

ARMY - 1 officer for every 4.2 enlisted personnel

DODâ&#x20AC;&#x2122;S ACQUISITION WORKFORCE GREW FROM ABOUT 125,000 IN 2008 TO MORE THAN 150,000 IN 2014.

NAVY - 1 officer for every 4.9 enlisted personnel

MARINES - 1 officer for every 8 enlisted personnel

AIRMEN SAILORS 387,000

492,000 MARINES 224,000

ACTIVE DUTY MINORITIES* 31.2%

ACTIVE DUTY WOMEN 15.1%

EXPECTED FY2017 RETIRED

* Self-identified as black or African American, Asian, American Indian or Alaska Native, Native Hawaiian or Other Pacific Islander, Multi-racial, or Other/Unknown

2,000,000+

RESERVES

801,200

Although the active duty population is located worldwide, the three primary areas in which active duty members are assigned are the United States and its territories (87.1%), East Asia (6.7%), and Europe (5.1%).

CIVILIANS 742,000

NATIONAL GUARD + RESERVES 826,000

ACTIVE DUTY

1,281,900

Defense National Security Solutions Transforming digital experiences for mission success. Your Partner for Mission Success Adobe provides the U.S. Department of Defense with best-in-breed technology, products, and solutions. Rapidly create stunning digital content. Securely manage digital assets. Enable collaborative workflows. Provide mobile delivery of

Adobe Company facts

digital experiences across a multiplatform environment. And measure end-user

} Over 32 years of revolutionizing digital content.

engagement and consumption of digital content with robust, industry-leading web

} More than 12,000 employees worldwide.

analytics.

} Adobe Systems Federal HQ in McLean, Virginia.

DoD JIE

} Improve DoD-wide interoperability and information sharing through JIE standardization* } Leverage and deploy enterprise software investments

} Over 25 years of solution partnership with U.S. defense agencies. } Adobe Advanced Technology Labs develops innovative technologies with a mission to change the world through stunning digital experiences. } Digital Government Collaboration Program provides pre-release access to advanced Adobe technologies.

Cloud

} Accelerate access to digital content from any location or device } Enable mission assurance and information interoperability

} Over 90% of the world’s creative professionals use Photoshop. } Adobe has shipped over 1,000 new and enhanced features to Creative Cloud members since CS6.

Defense National Security Solutions Open Standards

Adobe solution facts

} Keep pace with ever-changing mission requirements utilizing agile open standards solutions } Deliver open and collaborative defense development solutions

Transforming digital experiences for mission success.

} Adobe Analytics measures nearly 7 trillion server calls each year. } Mobile apps powered by Adobe have delivered over 223 million digital content publications since 2010. } In 2014, Adobe Marketing Cloud processed over 30.5 trillion transactions, including 2.5 trillion mobile transactions.

Adobe is the global leader in digital content solutions. The U.S.ofDepartment of Defense } Easily enable multichannel deployment digital content Mobile } Streamline mobile application development and administration Industry leverages Adobe tools and services to create ground-breaking digital content, deploy it recognition } 14 years on Fortune magazine’s “100 Best Companies to Work For.” across media and devices, measure and optimize it over time, and achieve greater mission } #2 greenest company out of 500 publicly traded companies in America. } Secure content collaboration in a joint environment Security are} aContinuously } 5 years on Ethisphere’s “World’s Most Ethical Companies” list. success. Defense solutions from Adobe Joint monitor Information Environment (JIE) standard* digital content consumption Adobe Advantage Research Voice of the Customer Award. to make, manage, mobilize, secure, and measure mission-critical digital content. } 2011 Forrester The } Manage exploding social content and activities across U.S. defense agencies achieve greater success and with Adobe. social networks, profile pages,efficiency and blogs Social mission } More than two-thirds of Fortune 50 companies use Adobe Marketing Cloud.

} Listen, react, and respond to social media conversations in real time

} Rapidly analyze continuously-monitored data

Adobe is the global leader in digital content solutions. U.S. Department of Defense leverages Adobe Analytics The } Collect and analyze openly available information * Not all standards apply to all Adobe products. tools and services to create ground-breaking digital content, deploy it across media and devices, measure

and optimize it over time, and achieve greater mission success. Defense solutions from Adobe are a Joint Adobe, the Adobe logo, Creative Cloud, and Photoshop are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners.

Information Environment (JIE) standard* to make, manage, mobilize, secure, and measure mission-critical digital content. U.S. defense agencies achieve greater mission success and efficiency with Adobe.

BENEFITS

} U.S. Department of Defense Enterprise Standard } Joint Enterprise License Agreement (JELA) available } Best-in-breed and award-winning solutions } Extensive federal and commercial user adoption } Open standards-based solutions

DEFENSE SECURITY PROGRAMS Defense NATIONAL National Security Programs

} Interoperability between enterprise and tactical networks } Easy-to-use, simple-to-deploy

STANDARDS & CERTIFICATIONS*

Defense Imagery & Video Processing

Cybersecurity & Continuous Monitoring

Public Affairs & Engagement

Training & Simulation

} Section 508 Compliance, WCAG 2.0 } PDF ISO 32000 } PL3 Accreditation } FIPS 140-2 Crypto (AES 256) PKI, CAC, PIV } SCORM, AICC, and Tin Can compliance

Digital Recruiting & Human Resources

Mobile Applications & Mission Planning

Contracts & Procurement

Digital Publications

} XFA, XML, and S1000 XML compliance } Mobile accessibility/MACE } HTML5 } FISMA ISO 27001 SAS 70/II * Not all standards apply to all Adobe products.

www.adobe.com/government /AdobeGov

@AdobeGov

* Not all standards apply to all Adobe products. Adobe and the Adobe logo logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners. © 2015 Adobe Systems Incorporated. All rights reserved. Printed in the USA. 5/15

« Industry Spotlight «

Modernizing Government Digital Strategies: Let’s Get “Phygital” An interview with Greg Reeder, Director of DoD Technology Solutions, Adobe

Anyone who works for the government knows their internal systems don’t always match the ease of use and efficiency of private sector systems. Despite increases in innovation, government agencies often have a difficult time keeping up with technology trends. To help overcome the deficit, government organizations should consider reimagining the digital experiences within their organizations to keep up with real-time innovation.

In order to continue pushing innovative digital strategies like this in government, Adobe encourages organizations to implement a content velocity strategy. The idea behind content velocity is to keep pace with content demands by publishing, distributing and communicating faster, allowing you to focus on what people want or need to consume – down to the millisecond. Adobe helps organizations keep up with content demands by providing tools that reimagine government forms as transactions. Reeder explained that a majority of our government runs on forms. Through Adobe’s Experience Manager platform, organizations can rethink and convert forms into a series of transactions that are accessible across devices. This allows users to accomplish transactions, push out content or receive more accurate feedback; ultimately helping to increase content velocity. A correlation would be how a tax application turns IRS tax forms into a series of questions, rather than a laborious forms exercise each tax season.

In order to better understand the challenges agencies face when it comes to digital services and solutions available to them, GovLoop spoke with Greg Reeder, Director of the Department of Defense Technology Solutions at Adobe, a leader in digital experience and creative technology. Before joining Adobe, Reeder was Director of U.S. Marine Corps Digital Production. Reeder said that one of the biggest challenges that many organizations face, including the DoD, is keeping pace with rapidly changing technology while maintaining old infrastructure. Digital strategies change on a weekly basis, but it is difficult to adjust these to a system that has been in place for decades.

Additionally, using technology to enhance connected experiences allows the physical and digital (“phygital”) worlds to combine; offering a comprehensive connected experience, such as printing a boarding pass at an airport kiosk or ordering takeout from an app.

Moreover, updating digital strategy and legacy infrastructures is particularly challenging for organizations because almost everything they do is policy driven. “The problem with policy in the technology world is that most of the policy was written before the technology was even imagined,” Reeder explained. Consequently, when individuals try to apply policy to digital innovation, they meet roadblocks because they cannot go beyond what the policy says, even if the policy is outdated.

In the DoD, artificial intelligence or predictive analytics can help perform the digital component by bringing together massive amounts of data on events or collections like operations, sensor feeds, and force numbers, into a dataset that can be presented to analysts. This enables the analysts to visualize and interact with the content and data -- moving them physically and temporally in a way that aids leaders to make more efficient and better informed decisions. Adobe’s enterprise tools help marry the physical aspect of understanding to the analyzed data.

Adobe is working alongside agencies to help them navigate the reimagining of their digital strategies. For example, Adobe has a capability called smart tagging. This technology uses algorithms to recognize the content of an image or video based on the pixels it contains; then adds metadata labels (tags) to the content automatically. The DoD can use this from a content management or intelligence perspective to save thousands of man-hours processing content, drastically increase search accuracy, and ultimately use it to help track the enemy and improve operational capabilities.

While the federal government is working towards improving digital engagement, they still have a long way to go. “The Apollo Guidance Computer’ was built to send people to the moon. In the relatively short time since, new commercial systems have advanced to technology such as smart phones – which has a computing capability that is 120 million times faster than the AGC. Meanwhile, the federal government still relies on some of the same technology that was used for the Apollo mission,” Reeder said. “It’s time to rethink our legacy systems to adapt to today’s digital world, rather than requiring new solutions to fit old technology.

Imagine looking at a video feed from a drone and immediately knowing where the key frames are that point out specific landscape features, weapons, enemies, and other important data types. Utilizing artificial intelligence like helps eliminate the need to have an analyst looking at individual images or video feeds, frame by frame. “Through smart tagging DoD employees can focus on better and faster decision-making,” Reeder said.

The government must keep pace and organizations should reimagine what they are required to do in order to effectively continue to carry out their mission today and in the future.

DoD in Tra ns ition 33

THE REALITIES OF TOMORROW

During World War II, DoD had more than 8.3 million personnel. By the end of the decade, officials hope to halve that number. As the battlefield transforms, so too does the department. The technological, fiscal, and workforce challenges of tomorrow loom large, but the department is taking steps to ready itself to protect the homeland for years to come. A GovLoop Guid e 34

Technology Cybersecurity and the cloud are changing how the government operates. Currently, DoD spends tens of millions of dollars every year cleaning up after cyber breaches. Defensive lapses such as poor user behavior and failure to apply software cause more than 80 percent of those breaches.

ing the Armored Multi-Purpose Vehicle acquisition program. Through the audit process, the IG hopes to find recommendations for how to improve the speed and efficiency of acquisitions of new technologies such as the vehicles. Services acquisitions — things like cloud computing, research and development — are also a major source of reform. The Government Accountability Office found that DoD consistently obligated more on services than products – more than double the amount in the past five years. To better track and report the findings of how services contracts are doing, GAO recommended that DoD create a system to track the acquisitions in relation to the original budget request. DoD agreed and is setting up a system to help procurement offices better track services acquisitions.

To fix those gaps, DoD is investing in training. The DoD Cybersecurity Culture and Compliance Initiative (DC3I) is billed as an effort to “transform DoD cybersecurity culture.” In addition, those cyber resources will also go toward creating next-generation cyber defense resources such as the Enhanced Attribution program. The program will give DoD the ability to characterize a cyberattacker, share the attacker’s modus operandi with prospective victims and predict where they will strike next. In essence, the program will help DoD uncover the people behind cyber breaches.

Technologies have the power to radically transform the way DoD looks, but making sure the workforce knows how to buy these products and use them securely is a priority for the department.

As these technologies emerge, so too will the ways in which they are acquired. In March 2016, the Army’s Inspector General launched an audit to look at how the service is manag-

Workforce To take full advantage of all the capabilities these new technologies allow, DoD requires a workforce that is properly recruited, trained and used. To jumpstart the workforce changes, the Office of the Secretary of Defense under Carter and Brad Carson, former Senior Adviser to the Undersecretary of Defense for Personnel and Readiness, created the Force of the Future Initiative.

To better align skills, the Force of the Future proposal would repeal the idea of “up or out.” Up or out is the notion that you either progress linearly through the promotion system or you leave the department. However, the idea has been met with resistance. “The idea of breaking our personnel system is incredibly frightening. And it’s frightening in particular because the people making the decisions were successful by following the personnel systems,” said Maj. Krieger. However, if DoD were able to remove up and out, it would allow for more flexibility for service members to leave the department to get private sector experience or schooling outside the war colleges.

“The Secretary’s been announcing these changes in waves and he has already made some significant improvements, but there’s going to be a lot of really good ideas that emerge during the Force of the Future implementation process that are going to fall to future Secretaries to tackle,” Marcuse said. Some of the changes that have been implemented include increasing paid maternity leave to 12 weeks, more than double the previously allotted time.

Carson described the initiative as “severing of the link between your age and your rank” and introducing “the notion that promotions should be based on competencies achieved rather than the time in grade.”

However, paid maternity leave is just the first step. The Force of the Future initiative aims to change the way that DoD promotes and trains employees. “Right now, you can be the best fighter pilot in the world and you’re not going do that for even a major part of your career,” Lt. Gen. Barno said. “You’re going to do four to five other jobs, some of which don’t have anything to do with what your skills and attributes are. The current structure doesn’t have permeability.”

However, he believes that these changes to the personnel system, while difficult, are the only way to achieve true force readiness in the future. Congress would need to approve the legislation to put it into effect.

DoD in Tra ns ition 35

Operations The Goldwater-Nichols Act ushered in a new era of defense in 1986, but 30 years later, Carter is calling for an upgrade. In April 2016, he called for clarifying the role and authority of the Chairman of the Joint Chiefs of Staff, adapting combatant commands to new functions, streamlining acquisition, and making changes to joint personnel management.

“The Third Offset is our effort to target potential adversary’s weaknesses,” Marcuse said. “We call it an offset, because it says we’re not going to go head–to-head against our direct competitors. We’re not going to try to build more of what they have, nor are they going to try to build more of what we have. It’s about using asymmetrical advantages to try to offset advantages, where they are numerical, geographic, or technological.”

While unveiling his proposal at a CSIS event, Carter explained why now is the time for change: “Instead of the Cold War and one clear threat, we face a security environment that’s dramatically different from the last quarter-century.” In some cases, he said, the “pendulum between service equities and jointness may have swung too far,” such as not involving the service chiefs enough in acquisition decision-making and accountability. “It’s time that we consider practical updates to this critical organizational framework, while still preserving its spirit and intent,” he said.

The strategy is focused in three key areas: 1. DoD will look for promising technologies through the Future Years Defense Program, generally about five years out. 2. DoD will think multi-strategy. Now that threats are numerous and widespread, the innovation strategy needs to reflect a more global outlook. 3. DoD will look to the private sector for innovative ideas and technologies and partner with companies for long-range projects.

In addition to changing the management structure, Carter is also working on innovation reforms he calls the Third U.S. Offset Strategy. The strategy is an ambitious departmentwide effort to identify and invest in innovative ways to sustain and advance America’s military dominance in the 21st century.

“

Preparing for the future, Carter is funding these innovative efforts now. In the FY 2017 budget, he allocated more than $45 billion in special funds to fuel innovation and his Third Offset Strategy.

The idea of breaking our personnel system is incredibly frightening. And it’s frightening in particular because the people making the decisions were successful by following the personnel systems.” Maj. Miriam Krieger, U.S. Air Force

Takeaway #1

Takeaway #2

To prepare for the Force of the

DoD is investing in the future

Future, officials are discussing

by focusing on innovation and

major management and struc-

a more nuanced approach to

tural changes to the various

defense. Instead of focusing on

services are being discussed

one region, the new Third

— namely removing the up and

Offset Strategy will take a

out requirements.

global focus.

A GovLoop Guid e 36

Initiatives & Programs DoD Cybersecurity Culture + Compliance initiative (DC3I)

Defense Acquisi- Updated tion Visibility Maternity Leave Environment Policies (DAVE)

DoD is spending millions of dollars to clean up after cyber breaches, but what if those breaches didn’t happen at all? Enter DC3I. The idea is to change the way DoD thinks about security from a cultural standpoint.

Data is driving better decision-making from Silicon Valley to the White House, but without powerful data analytics tools, data is just data. And building a strong future without data analytics seems like a waste of time. Enter DAVE. DAVE is an acquisition reporting system that emphasizes application programming interfaces, accessibility and easily customized analytics.

And DoD employees had better be ready because DC3I will include no-notice inspections, mandates for commanders to incorporate real-world cyber scenarios into all of their unit training and a yet-tobe-determined amount of spending to make military networks more defensible, based on the premise that every dollar spent on security up front saves $7 of costs in fixing a breach after the fact. The DC3I rollout started at the top, with senior leaders who were shown real-world scenarios of things that can go wrong when cyber policies aren’t followed. The program will also be tailored to specific services and subcomponents so that each individual truly understands the importance of considering cybersecurity implications.

“DAVE can reform acquisition in three areas: data stewardship in terms of agreement, accountability and authority; data access in terms of having a single intuitive interface for all data; and data analysis to provide perspective on data use,” said Mark Krzysko, DoD’s Deputy Director for Acquisition Resources and Analysis, Enterprise Information. Finding more efficient uses of acquisitions is especially critical since the FY 2017 budget cut acquisitions by more than $8.5 billion. DoD officials hope to roll out DAVE in FY 2017, and the budget does allow for more than $10 million to help the department achieve that goal.

DoD in Tra ns ition 37

As part of the Force of the Future rollout, Secretary Carter has emphasized individuals as a key to attract and retain the best force America has to offer. One part of that individual care is changing requirements around maternity leave and new mothers. For example, now across all services, DoD will offer 12 weeks of fully paid maternity leave for new mothers, up to two weeks of paid paternity leave for new fathers and new investments in subsidized childcare. DoD will now offer childcare access up to 14 hours a day across the workforce. And even when women return to work after maternity leave, DoD will be more accommodating by creating breastfeeding rooms and other similar initiatives. Carter said all of the new costs will be incorporated in the service budgets, which are separate from the war budget.

NEVER LEAVE YOUR WING MAN Cloud First Mission Success Depends on It Transforming legacy IT environments is daunting, especially with DoD-level requirements.

The good news is that you don’t have to do it alone. GTRI is an experienced global IT consulting services firm with a proven cloud migration methodology. Together we will explore your IT landscape and dependencies, developing a hybrid IT plan that will result in more agile, responsive IT services delivery.

Make GTRI your cloud wing man and ensure Cloud First mission success.

MOVING YOUR IT TO THE CLOUD? Download GTRI’s proven Cloud Migration Framework before you start GTRI.COM / CLOUDFRAMEWORK

OUR PARTNERS

877.603.1984 | sales@gtri.com | www.gtri.com

A GovLoop Guid e 38

« Industry Spotlight «

Helping DoD Make the Move to Cloud An interview with Jim Moore, DoD Lead Engineer, GTRI

Today, most federal agencies have accepted cloud computing as a must-have technology to push their missions forward. Yet as agencies transition to new solutions, many are finding that the journey to cloud is not an easy one. The Department of Defense (DoD) is no exception.

them together, and tries to elevate the customer to get them into a position where they’re cloud ready,” Moore said. “We work with cloud providers, the agency and the datacenters to make sure they can make that move in a way that both meets the needs of the IT organization and supports the agency mission. Bridging that gap is a main priority for GTRI.”

To learn how defense organizations can leverage third-party support to effectively migrate to cloud environments, we spoke with Jim Moore, DoD Lead Engineer at GTRI, an IT consulting services firm. He explained why commercial cloud models can both benefit and challenge federal agencies looking to modernize. “One of the biggest difficulties for the federal government is that the cloud can be very standard, but there’s really no one-size-fit-all process to migrate to the cloud,” he said.

GTRI then considers the unique needs of the agency to craft a custom cloud migration plan. For instance, “One of the important things for DoD to remember when moving to the cloud is that they need a very resilient network,” Moore explained. “Many times this is achieved with a hybrid cloud. At DoD they will maintain some of their own infrastructure, but they’re also going to utilize cloud resources that allow disaster recovery. When their datacenters go down, resiliency enables the automatic move of workloads from their datacenters over into cloud protected datacenters to maintain a high level of serviceability.”

Moreover, Moore explained that DoD has a particular challenge when it comes to cloud adoption. Even in comparison to other agencies, DoD’s requirements are unique given its highly mobile distributed workforce and the high security required for its data. “But they still have to adopt cloud in a way that’s commercially viable, secure and agile enough to be able to support them,” he said.

In addition to resiliency, DoD requires a cloud environment that allows different internal departments to maintain regulated control over their data’s ownership and security. At DoD, cultural reticence to collocate or over-share sensitive data across programs is a major impediment to cloud migration. However, many technologies today can mitigate that risk with tools like data tagging and user credential authentication.

To navigate the transition to cloud, many defense agencies are turning to third-party providers like GTRI to create a tailored cloud transition plan. Before that plan is crafted, however, Moore explained that it’s crucial to execute a cloud readiness assessment. Current virtualization, security measures, application integrations and networking functionality should all be considered before moving to the cloud, in order to appropriately determine what work needs to be done before migration takes place.

When considering cloud solutions, it’s critical to map these individual needs to the offerings of providers. That’s easier said than done and, again, can often be better executed with the support of a more experienced third-party cloud migration specialist. “For a lot of these datacenters, this is kind of new for them,” Moore said. “They’re not used to working with cloud providers and seeing what the different cloud providers can do. Each cloud provider has a unique offering, so you want to make sure you find the best solution to match your unique requirements.”

But while many internal IT departments have a good understanding of their current technology infrastructure, Moore said many datacenter professionals don’t have the same understanding of how those aspects relate to cloud transition considerations.

GTRI can provide agencies with a roadmap to successfully migrate to the right provider and reap the full benefits of cloud. “GTRI has vast experience in implementing cloud solutions,” Moore said. “We can help DoD migrate to the cloud and get back to their core mission of national security. That’s our main priority. If we’re able to provide that support by transitioning departments’ information to the cloud, that frees defense personnel up to perform their job.”

That’s why it’s often necessary to pull in third-party providers who can map current IT functionality to future cloud needs, based on their experiences and knowledge from other cloud migrations. Called cloud readiness assessments, these evaluations consider existing capabilities as well as potential solutions that could increase their readiness for cloud. “Once we complete an assessment of the information technology environment, GTRI takes all these different pieces, puts

DoD in Tra ns ition 39

CONCLUSION The upcoming election creates a lot of uncertainty for DoD in many areas, including budget, wartime readiness and personnel. The new Commander in Chief will have the power to select a new Secretary of Defense, who will direct the budget, set department priorities and help craft the future of the armed forces. This means DoD’s future could be very different depending on who is elected. However, through this guide, we showed that no matter who takes office, DoD is looking to make some major changes in the next few years. There is no longer an option for business as usual at DoD — it’s time for reform. “So the big question for reform is if you’re going to do it, how you do it well and how do you make sure that the solutions that you perform right are actually going to get the desired outcome, and hopefully create more value than they break?” said CSIS’ Hicks. The actual reforms are still being discussed, but plans are under way to make small tweaks to make the department more efficient and effective. DoD’s look and feel will change dramatically in the next few years. Through force reductions, an emphasis on cybersecurity and digital services, and a quest to collaborate more with the private sector, the once insular DoD is changing its methods. “People think of DoD only as a militaristic and order-following organization. They perceive it as very rigid, but it’s not true,” Marcuse said. “We are more like a franchise or a holding company for many different subcultures and sub-organizations. When the Secretary gives an order, many, many, many people need to be involved in carrying it out. And because of that, the Secretary, even

A GovLoop Guid e 40

though he is in many ways one of the most powerful officials in the entire government, operates by consensus and needs to work effectively with people, who in their own right might manage organizations that have, in some cases, tens or even hundreds of thousands of employees within it.” “When it comes to command and control over our forces, the department is exquisitely and rapidly responsive, but when it comes to organizational changes, there will be many of the same forces of acceleration and resistance that you would see in any large organization, and we are the largest of them all,” he concluded.

The largest single workforce entity in the world, DoD is massive in size and scale. But it’s not monolithic. It has the power to change, evolve and grow. And through reforms, DoD is making progress toward being a truly collaborative and leading-edge department. It’s paving the way for other agencies to make major transformations, too, because if the largest government agency is willing to innovate, all agencies can.

DoD in Tra ns ition 41

ORGANIZATION OF THE

DEPARTMENT OF DEFENSE SECRETARY OF DEFENSE OFFICE OF THE SECRETARY OF DEFENSE

JOINT CHIEFS OF STAFF Chairman of the Joint Chiefs of Staff

Deputy Secretary of Defense, Under Secretaries of Defense, Assistant Secretaries of Defense and other specified officials

OFFICE OF THE INSPECTOR GENERAL OF DoD

DEPARTMENT OF THE ARMY

DEPARTMENT OF THE NAVY

Secretary of the Army Office of the Secretary of the Army

The Army Staff

THE ARMY

Office of the Chief of Naval Operations

THE NAVY

Defense Logistics Agency* Defense Security Cooperation Agency Defense Security Service Defense Threat Reduction Agency* Missile Defense Agency National Geospatial-Intelligence Agency* National Reconnaissance Office* National Security Agency/Central Security Service* Pentagon Force Protection Agency

Office of the Secretary of the Navy

THE JOINT STAFF

DEPARTMENT OF THE AIR FORCE

Secretary of the Navy

DEFENSE AGENCIES Defense Advanced Research Projects Agency Defense Commissary Agency Defense Contract Audit Agency Defense Contract Management Agency* Defense Finance and Accounting Service Defense Health Agency* Defense Information Systems Agency* Defense Intelligence Agency* Defense Legal Services Agency

The Joint Chiefs

Secretary of the Air Force

Headquarters Marine Corps

The Air Staff

THE MARINE CORPS

DOD FIELD ACTIVITIES Defense Media Activity Defense POW/Missing Personnel Office Defense Technical Information Center Defense Technology Security Administration DoD Education Activity DoD Human Resources Activity DoD Test Resource Management Center Office of Economic Adjustment Washington Headquarters Services

Office of the Secretary of the Air Force

THE AIR FORCE

COMBATANT COMMANDS Africa Command Central Command European Command Northern Command Pacific Command Southern Command Special Operations Command Strategic Command Transportation Command

* Identified as a Combat Support Agency DoD Component

Senior Leader

Military Service

ABOUT GOVLOOP GovLoop’s mission is to “connect government to improve government.” We aim to inspire public-sector professionals by serving as the knowledge network for government. GovLoop connects more than 250,000 members, fostering crossgovernment collaboration, solving common problems and advancing government careers. GovLoop is headquartered in Washington, D.C., with a team of dedicated professionals who share a commitment to connect and improve government. For more information about this report, please reach out to info@govloop.com. www.govloop.com | @GovLoop

DoD in Tra ns ition 43

ACKNOWLEDGMENTS THANK YOU Thank you to Adobe, Alfresco, Avnet, Cisco, DLT Solutions, GovAcquisitions, GTRI, HP, NetApp and SolarWinds for their support of this valuable resource for public-sector professionals.

AUTHORS Emily Jarvis, Senior Online + Events Editor Hannah Moss, Senior Editor + Project Manager

DESIGNER Kaitlyn Baker, Graphic Designer

PHOTO CREDIT All photos licensed for use under Creative Commons 2.0 U.S. Army, U.S. Department of Defense, Dvids

A GovLoop Guid e 44

DoD in Tra ns ition 45

1152 15th St. NW, Suite 800 Washington, DC 20005 Phone: (202) 407-7421 Fax: (202) 407-7501 www.govloop.com @govloop

A GovLoop Guid e 46