Defense

JIDO goes agile, but can DOD?

Shutterstock image (by alienant): An aerial view of the pentagon rendered as a vector. 

Five years ago, when the Joint Improvised-threat Defeat Organization defined its end state as getting capabilities out to warfighters more rapidly, it lacked the agile policies, contract structures and workforce to achieve that goal. But, that has all changed, according JIDO's chief technology officer.

JIDO reworked its contracts to create a better service-level partnership with industry, Leonel Garciga told FCW at the National Defense Industrial Association’s Agile in Government Summit.

Garciga said the organization then had to re-evaluate its workforce, which involved a mix of training and bringing in new people.

The hardest part though, was changing policy.

"[How do you] change your processes and your policy to be adaptable to actually push software out in an agile fashion?" Garciga posed. "I think that was probably the biggest piece, and that's just to get us to secure agile."

JIDO fought its way there, and over the last 12 months it has been working to automate its DevOps pipeline.

Garciga said that today the contracts support automated DevOps, but JIDO had to make some changes to both the government and contractor workforce. 

But, the policies and processes are not there yet to allow automated DevOps.

"And that's where we've spent quite a bit of time on not just deploying the base technology to really have this not just agile, but secure agile, in a DevOps environment looking and smelling like private industry on our network," he said. "To really do that it's been a lot of work on [reworking] the way we get from a to b, the way we take requirements in, the way we think about building software and deploying it."

He said the two changes on the policy side that allowed JIDO to implement its agile framework to date are the National Institute for Standards and Technology’s cybersecurity framework and the Department of Defense shifting to a risk management framework.

"I don't think we would have been able to do this without having the NIST cybersecurity framework come out," he added. That and DOD's RMF approach have provided "policy top cover to really go and do stuff like DevOps and do secure agile in a much more mature way where you can now get it from development all the way to production and still fall within cybersecurity rules."

On top of that, he said, JIDO has seen a 35 percent drop in development costs due to workforce reductions and getting capabilities out faster.

What JIDO has done can be easily replicated at any program executive officer level, he said, but scaling it to the DOD enterprise level requires addressing many of the same challenges the smaller entity did.

"Is your human capital ready to support this? Do they understand the technologies to support this? Do they do they understand the methodologies to support this? That's one piece," he said. "I think the next piece is if you have a contractor workforce. Are you writing contracts to support getting you there?

"And then I think the bigger thing is, do you have that end-to-end ... path to production between your operational arm … and your IT folks that are really all about getting mission capability out seamlessly together?" Garciga asked.

"That really is a harder challenge," he said.

About the Author

Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.


Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group