In June of 1993, the Army released a background brief called Digitization and the Modern Battlefield. In it, the Army discussed the role of digital communications and the need to have fully integrated operations in theater.

More than 30 years later, the technology and definitions have changed quite a bit, but this topic of secure digitization remains front and center.

The Defense Department continues to lean into secure cloud services as part of accelerating its digital transformation.

DoD chief information officer John Sherman said in December that the military services and defense agencies continue to test secure cloud capabilities. A pilot called Joint Operational Edge that connects U.S. based networks with the tactical edge in areas like the Pacific Ocean launched recently.

This type of pilot is part of a broader effort across DoD to take advantage of secure cloud services, drive better decisions, and ensure resiliency, and all in a user-friendly way.

The Air Force, for example, has initially focused on developing the right infrastructure to modernize capabilities. But today is seeking to take the next step.

Jay Bonci, the chief technology officer for the Department of the Air Force, said currently the service has about 100 business and enterprise systems in its Cloud One instance.

“When we talk about really blending in software-as-a-service, there is going to be a balance between cost, ease of ownership and resilience that we are trying to get more specific on our guidance to mission systems that haven’t quite chosen the final home for them in their digital transformation journey,” Bonci said on the discussion Beyond metrics: Defining success in cloud migration and AI integration. “We’re looking to make more SaaS providers available. We want to make it easier to adopt SaaS platforms because we do think that many of the advanced capabilities are going to be launched into the SaaS space in the future. It’s going to be key for us to continue down that path to adopt strong commercially supported services for our department, especially in the business systems area.”

Bonci said to accelerate the move to secure cloud services, the Air Force is defining the guardrails to help mission owners make risk-based decisions.

“When we look at the cloud journey, or the value stream, that individual systems or applications are going to undertake, we want to make sure that it is tailored to the uptime tolerance of an application, because in cloud, you directly pay for more nines. If you want to pay for five nines versus four nines versus six nines, there’s a real cost difference between that,” Bonci said. “Can your application be down for a minute a day? We, in the military, do not like losing, and so people often equate their app being down as losing. But in many systems, there is a fair amount of tolerance in reality, especially in some business systems, to have a little bit of downtime or to be able to take 10 to 5 seconds if the system blips or if the network can’t connect to it. So to get people to really think about what the actual requirements are is a part of that digital transformation journey.”

Better value proposition

The Department of the Navy’s digital transformation journey also has seen some success with programs like FlankSpeed, its unclassified Office 365 implementation, and it’s seeking to accelerate mission systems that need modernization.

Louis Koplin, the executive director for PEO Digital and Enterprise Services at the Department of the Navy, said one way the DoN is starting to take more advantage of cloud services is through its Neptune Cloud Management Office.

“From a SaaS perspective, that requires some transformation. We also have this interesting dynamic where we would prefer SaaS because, in most cases, it offers a better value proposition. There’s no inherent value in us to have to configure it, and sticking applications in servers. We are better off with someone else doing it,” Koplin said. “We’re also in the zero trust journey, and so we need to think about not these monolithic application blocks, but decomposing them, getting at data and identity as a highly granular, very fine-tuned and dynamic control plane. The infrastructure has to enable integration of SaaS into that zero trust framework. It is still rudimentary and evolving.”

Koplin added the DoN still has a lot of work to do to make SaaS adoption faster and easier.

“We buy good technology all the time. And sometimes it works. Sometimes it doesn’t. And usually, it’s not because of the technology. It’s usually because of us and our processes and our engineering mindsets,” he said. “So of course, some people, they think that cloud is unproven, and they say that it might be okay for little use cases, but not for things at scale. Well, Netflix, AWS and Microsoft would beg to differ there. Other people want to go buy SaaS, and they have found that they start with a solution and then try and work their way back into it. How am I going to buy it? What problem is it going to solve for me? Sometimes, they’re not coming in from the right perspective. That’s one of the things we want to do with the Neptune Cloud Management Office, is really focus on education, concierge services and helping people on that journey.”

Managing risks of the cloud

Understanding the secure cloud uses cases, including who and how the mission areas will be using it is a common best practice, said Mark Matzke, the vice president for Department of Defense at ServiceNow.

“You have to establish a go/no-go criteria for moving to the cloud. Not everything has to go to the cloud. And in some cases, it’s better to leave it somewhere else,” Matzke said. “You can gain some efficiencies and some agility by moving to the cloud; it gets back to the people piece. The one item that sometimes gets looked over is that persistent risk management and having a true integrated risk management capability. It’s not about looking at it from an audit perspective, but looking at it as an enabler of information to give you confidence to know when you want to do speed versus security, especially on the tactical or operational battlefield where speed versus security is always a tradeoff.”

That tradeoff becomes even more important as DoD moves out into artificial intelligence.

Matzke said part of that assessment is ensuring the AI tools, large language models and the like are self-contained so the data remains secure.

“One of the ways that you get there and build confidence is knowing that you don’t have siloed areas of data, so that when you’re making a decision, you know that you’re making decision based on the full picture. Then you’re able to focus in on the area that matters,” he said. “It helps to know that the policies and the rules are in place so that the way that you’re consuming that data and then able to make a decision is within the parameters and the guidance of the end state and the intent of what your leadership is trying to achieve. The generative piece of it is that modeling and simulating a very large data set, and then having a very high confidence rate in what it’s putting out so that it can then feed you options that you can then make decisions on, that maybe you weren’t aware of second or third order effects that would that would happen based on a certain decision you would have made without that data picture.”

Learning objectives:

• Where are agencies in the cloud today?
• Moving mission workloads to the cloud
• AI and cloud