For the past five or six years, Congress has led the fight to reform the Pentagon’s slow, risk averse and costly acquisition system. Led by visionaries such as Senator John McCain and Representative Mac Thornberry, both the Senate and House Armed Services Committees (SASC and HASC) have restructured the acquisition bureaucracy, lightened the regulatory and contracting burdens on programs, expanded access to alternative contracting mechanisms, encouraged experimentation and prototyping and supported greater reliance by the Department of Defense (DoD) on commercial products and processes.
So it is puzzling, at the very least, that on one of the most important technology issues confronting the DoD today – the migration to the cloud – Congress seems to be reverting to its old meddlesome ways. The result could be a significant delay in the U.S. military’s ability to access cutting-edge commercial information technology (IT) and cyber security capabilities.
The subject that has given impetus to Congress’ atavistic impulses for micromanagement instead of oversight is a single proposed contract for cloud computing services. The Joint Enterprise Defense Infrastructure (JEDI) cloud procurement is neither the largest nor the longest duration procurement of its kind currently active or under consideration by the Pentagon.
JEDI is significant insofar as it is the first major step forward by DoD to leverage what cloud computing can offer in the way of enhanced network security, improved integration of capabilities across the Department, access to both advanced commercial and purpose-build applications, better data management and the use of advanced analytics.
DoD envisions the JEDI procurement as a full and open competition resulting in a single award. The Pentagon has rejected the arguments from some quarters that JEDI should be changed to allow for multiple awards. According to a report to Congress delivered on May 7, a multiple award contract requiring the issuance of numerous competitively awarded task orders would so slow the pace of cloud migration that it would “prevent DoD from rapidly delivering new capabilities and improved effectiveness to the warfighter that enterprise-level cloud computing can enable.”
The report goes on to warn that DoD’s efforts to secure its networks from cyber attack would be impacted and that “inconsistent and non-standardized infrastructures across classification levels complicates development and distribution of software applications, potentially adding delays and costs” and possibly inhibiting the use of advanced technologies like artificial intelligence (AI) and machine learning.
Despite the clarity and unassailability of DoD’s position, provisions in both the House and Senate versions of the fiscal year (FY) 2019 National Defense Authorization Act (NDAA) with respect to the JEDI procurement threaten to undermine the Pentagon’s efforts to move with speed to the cloud and would place U.S. warfighters at unnecessary risk. The language in the House bill is by far the more onerous. It prohibits the DoD from using 50% of the funds authorized for the JEDI cloud initiative until the Secretary of Defense provides Congress with information sufficient to conduct oversight of the acquisition.
This creates a loophole big enough to drive a truck through since Congress can withhold the remaining funds forever, demanding that the DoD provide greater detail on cloud activities, evermore elaborate strategies and endless reports. The “fencing” of half the resources for JEDI could also discourage potential users from accessing the contract for fear that if the remaining funds are not released, they would be left high and dry.
This is the same HASC which in its report on the FY2018 NDAA urged the DoD to be less risk averse in adopting cloud computing. The report went onto assert that the Department of Defense could examine the use of cloud computing to support continuity of operations planning or to support resilient operations in the face of a degraded cyber environment.
The SASC version of the NDAA is less burdensome. Nevertheless, it directs the DoD’s Cloud Executive Steering Group to “develop an approach to rapidly acquire advanced commercial network capabilities, including software-defined networking, on-demand bandwidth, and aggregated cloud access gateways, through commercial service providers…” This implies that the DoD should go slow with respect to cloud migration until everything that could impact the process is fully understood and defined. Of course this is an impossible task in the fast changing world of commercial IT and cloud technology.
Congress needs to realize that a major reason to release the JEDI procurement as soon as possible and to leave it as a single contractor award is to allow the DoD to learn how to employ the cutting-edge capabilities it will offer. For the DoD, and particularly the military services, this is all relatively new. This is no different than placing a new piece of hardware into the warfighters’ hands so they can learn how to use it and provide critical feedback to the developer to make it more effective.
House and Senate conferees must, at a minimum, eliminate the fence placed around half the JEDI funding. Almost as important, both Houses need to rediscover their reformist tendencies and encourage the DoD to take the risk of migrating to the cloud, to experiment with different cloud configurations and to take advantage of the enhanced security features of advanced cloud technology.
The move to the cloud will provide enormous benefits in its own right. More significantly it could determine whether or not the U.S. can reacquire military dominance vis-a-vis the great power competition with Russia and China. Dr. Eric Schmidt, former chairman of Google and a member of the Defense Innovation Board, made this point clearly in testimony before HASC on April 17, 2018:
“Any military that fails to pursue enterprise wide cloud computing isn’t serious about winning future conflicts. AI is not achievable without modern commercial cloud computing that can store and secure the data DoD regularly collects. This volume of data will only increase in the years to come as the use of sensors proliferates and DoD’s ability to collect data expands – while its ability to process it deteriorates due to a reliance on outdated data centers with limited data storage and transport capacity. This urgent need to address DoD’s lack of compute and storage was the focus of one of the Board’s official recommendations announced in October 2016.”
Find Archived Articles: