DOD officials say IT acquisition rules still woefully outdated

Vice Adm Ted Branch. USN photo

Vice Adm. Ted Branch is the Navy's deputy chief of naval operations for information warfare.

Lawmakers and Pentagon bureaucrats have talked of acquisition reform as a gradual, iterative process, but those changes seem to be taking effect far too slowly for some Defense Department officials, particularly when it comes to IT.

"The way we buy things in the DOD is a problem from the standpoint of we buy IT much like we buy a ship or an airplane," said Vice Adm. Ted Branch, deputy chief of naval operations for information warfare.

Officials should be smart about how they work with existing requirements, "but I also think there's some [need to] change…those requirements, particularly in the IT/cybersecurity world so we can get things on contract quicker," Branch said June 15 at a conference hosted by AFCEA's D.C. chapter.

"It is absolutely broken," Dave Mihelcic, the Defense Information System Agency's CTO, said of the acquisition system. He described a drawn-out process wherein five to six years might pass from the time a company pitches a new cyber product until it is deployed by DOD.

Mihelcic's and Branch's lament has been made countless times by officials across the military services. Congress, meanwhile, has used the annual defense policy bill to iteratively address the monumental challenge.

The fiscal 2016 National Defense Authorization Act, which became law in November 2015, requires the Defense secretary to find acquisition methods that circumvent the traditional system. It also allows DOD to use rapid acquisition authority for tools urgently needed to respond to a cyberattack.

Mihelcic offered the Defense Innovation Unit Experimental -- the Pentagon's outreach office in Silicon Valley -- as a salve for the department's acquisition woes.

The Army has used DIUX to generate interest in new requirements for micro clouds, with the goal of awarding a contract within 90 days of an initial industry day. That turnaround would be unusual but it is not unheard of: Army officials point out that a similar cyber challenge initiated last year led to the award of more than $4 million in micro-cloud contracts.

Bug bounty program could expand

The Pentagon recently hosted a first-ever bug bounty program that allowed vetted hackers to probe public DOD websites for vulnerabilities, and officials are now looking to expand the program.

Richard Hale, DOD's deputy CIO for cybersecurity, will attend a June 15 meeting with the Defense Digital Service, which hosted the bug bounty, to discuss options for expanding the program to other DOD websites, he told FCW after the AFCEA D.C. event.

Officials are considering adding to the bounty program some websites "that may not be completely publicly open but that are visible to the internet," Hale said.

Mihelcic also said an update is coming in August to the big data platform on which DOD runs a set of widgets and analytics known as the Cyber Situational Awareness Analytic Cloud. The update to CSAAC's big data platform will allow users to essentially separate datasets from the cloud and run custom analytics on top of them, he said. 

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.