Money flows for technology, cybersecurity in new Defense Department budget

This post first appeared on Federal News Network. Read the original article.

If at first you don’t succeed, try again would be one way of looking at Department of Defense’s effort to use a new mechanism for funding technology. The fiscal 2023 omnibus spending bill funds 10 programs for buying software that fall under the Software and Digital Technology Pilot Program.

Last year, the Pentagon requested money for the program, but Congress didn’t include it in the final budget. This year, the proposed budget fully funds the 10 programs in order to test the concept in a pilot.

At issue is how the DoD pays for software. The pilot program would give the department a bucket of money that is “colorless,” meaning it would be good for two years to spend on IT development. Traditionally, funding for software would have to follow a template designed for weapons procurement that has funding separated into research, development, test and evaluation (RDT&E), procurement, and operations and maintenance (O&M) appropriations along with cost-based triggers for each acquisition category. That process proved unwieldy for buying software that needed a quicker turn-around time.

Among those programs getting funding under the pilot are risk management information, space command and control, National Background Investigation Services, acquisition visibility and national industrial security systems.

After two years of DoD trying to get the program off the ground, Congress went ahead with it, but indicated they needed to see results before the program sees any expansion. The Joint Explanatory Statement for the omnibus bill described that qualified view of the pilot program.

“Reports received to date indicate that the department is still implementing methods to capture the appropriate data that would allow an objective analysis for how a single budget activity improves the performance of software pilot programs”, said the statement.

The statement warns DoD not to add new programs to the pilot until it has demonstrated effectiveness. If data from the initial pilot programs show a cost savings and quicker timeline, more projects could be funded under this system.

Lawmakers weighed in on another program that’s just about to get off the ground, but gave DoD more support. They provided funding for the Cybersecurity Maturity Model Certification (CMMC) in an effort to help small business owners trying to meet compliance standards  The Defense budget provides $6 million toward CMMC compliance for cybersecurity in manufacturing. Under Defense-wide procurement, another $20 million goes to increase small business and academia compliance with CMMC.

Government officials have long held concerns that complying with CMMC can prove difficult for small businesses already challenged by competing with their larger competitors for federal dollars.

DoD came out with an interim acquisition rule implementing CMMC in 2020 with a plan to eventually certify thousands of contractors throughout the defense industrial base. The CMMC Accreditation Body set up the first third party assessment organization (C3PAO) in 2021. However, contractors were concerned about the program which they say overly complicates the process and it is unclear how C3PAOs should prepare for an assessment and what the arrangement should be with the contractors who need their services.

Currently the Cyber Accreditation Body has a draft in the works to offer guidance on how the C3PAO program should work. The “CMMC Assessment Process” document still hasn’t reached its final form and isn’t expected to be finished until sometime next year.

Funding for the CMMC program comes with an overall increase for Defense-wide Science and Technology Manufacturing Program. The manufacturing program requested $256.1 million, it will get $747.4 million.

Expanding cybersecurity reached into numerous DoD programs and will allow for new commands and expansions of old ones.

Joint cyber mission forces would get a boost with $178 million in the new budget. The funding came after an announcement Dec. 19 that the Cyber National Mission Force officially stood up as a unified subordinate command in DoD.

CNMF will support Cyber Command on national priorities such as election security, ransomware, cyber espionage and other crisis and contingency operations.

The different service branches all have new allotments for cyber mission forces as they seek to increase their cybersecurity stances. The Army got the $178 million they asked for to fund their joint cyber mission forces. The Marine Corps got $94 million and the Air Force got $191.7 million after requesting 186.7 million for joint cyber mission force programs. Money also went to joint programs like CYBERCOM and cyber operations technology support.


Leave a Reply

Your email address will not be published. Required fields are marked *