Future uptick in IT spending expected, acting DOD CIO says
Rising IT and cyber budgets may lay ahead as the Defense Department moves forward with implementing zero trust architecture and begins relying more on artificial intelligence.
Rising IT and cyber budgets may lay ahead as the Defense Department moves forward with implementing zero trust architecture and begins relying more on artificial intelligence.
Kelly Fletcher, who is currently performing the duties of DOD CIO, said that while there is room to be more efficient, the cyber domain may not be an area where flat budgets are the goal.
"I love finding inefficiency. And when I think about the cyber domain...it seems to me that cyber might be a place where we're not looking for a flat budget, that budget growth doesn't mean that we're failing to find efficiencies, but it actually just reflects the nature of the next fight," said Fletcher, who previously served as the special assistant to the deputy director in the Office of the Secretary of Defense's Cost Assessment and Program Evaluation office, during the Billington Cyber Summit Oct. 7.
Fletcher said having a resilient network that can handle AI capabilities will be a key focus of those increased investments, while adopting zero trust can help highlight redundancies at the same time.
"There are places [where] we can be more efficient," Fletcher said, and zero trust "isn't about just buying new tools. This is also about saying, where do we have things stood up that we don't need anymore....maybe we don't need to maintain a refresh [of] some of the tools we already have."
The Defense Department's IT spend has risen steadily in recent years, with an approximate 16% increase from just under $31 billion in fiscal 2016 to nearly $36 billion in fiscal 2021, according to the federal IT dashboard. Cyber spending also had a similar trajectory over that same time period, according to a Govini report. The IT investment budget for fiscal 2022 is projected to be $38.6 billion.
"What we're trying to do really is harvest savings from pivoting from our old architecture to our new architecture. And I think that's going to drive some trust throughout the department...[that] we aren't just spending more," Fletcher said. "The other thing I will say is that will make our networks work better, right, if we can stop larding them down."
The Defense Department has been planning to open a zero trust program office, which was originally slated to stand up in October.
Fletcher said the zero trust program office's stand up is in "interim steps" but is an important step that builds on existing work from the Defense Information Systems Agency's Thunderdome effort, the military service departments, the National Security Agency, and within the DOD CIO office, which will provide oversight and minimums across the enterprise.
Once up and running, that office will engage directly with industry partners for best practices while also looking to change cyber defender culture, Fletcher said.
"Something that we're really working on as we get to add practices, as well as technologies, is changing the culture around where [the adversary is]...that changes the culture around what should defenders be doing," Fletcher said.
"I want defenders to ferret out adversaries in my network. And success for them is finding them quickly, fighting through their presence in my network, and then removing them rapidly... instead of saying success is the adversary never coming in."
This article first appeared on FCW, a Defense Systems partner site.