The Department of Defense recently embarked on an ambitious Digital Modernization Strategy, aiming to maintain a competitive advantage in the modern battlespace. A core component of this vision is the DoD Cloud Strategy, which will help enable the new plans, support the National Defense Strategy (NDS) and other war-fighting imperatives.
Cloud technology is now central to the NDS, but until recently it has largely functioned as an enterprise cloud. A critical moment has been reached in the modernization of the DoD, and a cloud that effectively supports war-fighting capabilities will be critical in maintaining a competitive advantage.
The DoD has developed its enterprise cloud over the past decade with some unique characteristics. To date, the enterprise cloud has been built primarily on enterprise and business use cases, including Office 365 Government and SAP on Cloud. Second, design principles of physical isolation, unique and differentiated builds have been enabled in order to maintain department compliance and security guidance.
The mindset surrounding the technology has now shifted toward establishing cloud as a foundation for war-fighting capabilities, driven by a set of key priorities. The first of these priorities is to enable exponential growth, followed by the need to build AI at scale and to address cyber challenges. Because of this, the initiative has moved from one of business, to a strategic war-fighting imperative. But how can we effect this change and evolve?
Five factors enabling the war-fighting cloud
The following five shifts will influence the enablement of the war-fighting cloud:
- Next generation security models: Ecosystems like AWS GovCloud and Microsoft Azure Government are the result of the initial government-compliant cloud model. While the isolated enclaves and dedicated infrastructure of that generation were ground-breaking, there are new opportunities for innovation. The “digital fortress” model with its justified security siloes must continue to evolve with cloud-native architecture, combined with next-generation security models like zero trust.
- Edge delivery and processing: The DoD is working to bring data and compute power closer to the war fighter, changing the way data is stored, processed and delivered from the tactical core. This summarizes the concept of “trading network for compute,” which highlights the benefits of conducting processing at the sensor. These benefits include reduced latency and enhanced AI decision-making, but an increased focus on security is required when operating at the edge.
- Agile acquisition: A strong cloud foundation plays a crucial role in rapidly developing capabilities, in terms of both buying and building in an agile way. Acquisition is evolving with guidance from the Operation of the Software Pathway, developed for the DoD to acquire custom software. Secondly, several service branches are now building cloud-native software factories, geared toward accelerating product development and engineering. Navy Black Pearl serves as a prime example.
- Automated accreditation: Guidelines from the Federal Risk and Authorization Management Program, or FedRAMP, and the authority to operate (ATO) process have provided early mechanisms for authorization and accreditation of government systems. DevSecOps builds upon the foundations of agile acquisition by inserting security practices and controls at every phase of the software development lifecycle, and into every layer of the technology stack. This reduces friction by helping to automate controls and compliance.
- All-domain operations: There are a number of imperatives that are key to all-domain operations. For instance, the focus on sea, land and air operations must expand to include new domains such as space, cyber and electromagnetic. With the stand up of Space Force, offerings like Azure Space and AWS Ground Station have emerged. All-domain operations also warrant certain enterprise-wide services and platforms to be deployed at scale, with a common data and service fabric. AI is a critical use case in this category.
Three key actions
To implement these guiding principles, the DoD needs to do three things more tactically to rapidly take action on this vision.
Action 1: Evaluate current capability maturity
The department should seek to re-evaluate the mission critical core and enterprise services, maximizing capabilities that establish a common environment and foundation for partners to build war-fighting capabilities upon. Key characteristics:
- Nondifferentiating, digital and cloud-native capabilities.
- Utility-based consumption; unit-based cost models with chargeback enabled.
- “Out-of-the-box” commercial or government off-the-shelf (COTS/GOTS).
- Enterprise IT shared service candidates.
This enables mission partners to build differentiated capabilities that are:
- Truly differentiating and directly supporting war-fighting capabilities.
- Custom developed or vendor and government customized.
- Utilizing bespoke cost models that are mission embedded.
- Agency integrated IT capabilities residing in justified security siloes.
- Striking the perfect balance between commoditized and differentiated cloud capabilities will maximize the effectiveness of differentiation in the competitive battlespace.
Action 2: Take a data and digital platform approach
To deliver data to the edge and the war fighter, the concept of data and digital platform (DDP) is strongly recommended. A DDP is a coherent set of capabilities, data and technologies enabling the rapid delivery of use cases at scale with the ambition to:
- Liberate and exploit the data for informed decision-making by decoupling data from the core.
- Rapidly build composable enterprise, intelligence and war-fighting support functions.
- Incrementally modernize the core from legacy to cloud native.
- The DDP reference architecture carries 20+ cloud-native solution patterns, a number of which help deliver data to the point of need.
Action 3: Enable war-fighting capabilities and build toward the North Star
It is crucial to take a use case-driven approach to war-fighting capability development, leveraging the cloud foundation and modern enablers. It is time to adjust priorities based on cost and value to the war fighter. This means focusing spending on near-term mission outcomes and digital capabilities.
To do this efficiently, a small committee that maintains a laser focus on mission value and pressing topics, such as near-term war-fighting capability requirements and remote access for operators, should be able to complete the portfolio triage in two sprints of two to three weeks each.
Matthew Leybold is an associate director with Boston Consulting Group in New York and leads the cloud and IT Infrastructure topic.