The Department of Defense (DoD) is set to launch a new program on May 1 that aims to streamline its software acquisition process. The Software Fast Track (SWIFT) program will use artificial intelligence to replace the current lengthy and bureaucratic authority to operate (ATO) and Risk Management Framework (RMF) processes. We need to change our thought process, because having software in an ATO that is a static environment doesn’t help the warfighter,” said Katie Arrington, the acting Pentagon Chief Information Officer, during a keynote at the UiPath on Tour Public Sector event.
What changes every single day is the network, the software [and] the environment. Why are we so structured to stay in a static position when our adversaries are always dynamic?
Under SWIFT, the Pentagon will conduct a third-party assessment of companies’ cybersecurity postures based on 12 risk characteristics. Vendors will also be required to provide a software bill of materials (SBOM) “from production and sandbox” that is certified by a third party.
I have AI on the backside — large language modeling — that will determine if there are any anomalies, if there’s something in your source code that’s bad. If not, you get a provisional ATO,” Arrington explained.
Swift streamlines software acquisitions
The new program aims to move away from the current RMF, which has guided the Pentagon’s acquisition process for all of its systems for more than a decade. “I’m blowing up the RMF. The RMF is archaic, it’s a bunch of paperwork,” Arrington said, adding that she hopes ATOs are “something I never hear about again” in the next year.
SWIFT comes as Secretary of Defense Pete Hegseth pushes the entire department to speed up procurement and delivery of digital and software-based capabilities. “We need more innovation. The [secretary of defense] has told us, bring software, bring commercial-off-the-shelf into the building faster, at a more rapid rate,” Arrington said.
“And our job is to ensure that we are doing the best to ensure that we have lethality, that we’re ready and that we’re efficient.”
When the program launches, Arrington plans to bring together all of the department’s CIOs, chief information security officers, the acquisition and sustainment directorate, and other stakeholders at the Pentagon. The department also plans to release a request for information (RFI) to gather industry input in the near future.
Image Credits: Photo by Elijah Mears on Unsplash
Rashan is a seasoned technology journalist and visionary leader serving as the Editor-in-Chief of DevX.com, a leading online publication focused on software development, programming languages, and emerging technologies. With his deep expertise in the tech industry and her passion for empowering developers, Rashan has transformed DevX.com into a vibrant hub of knowledge and innovation. Reach out to Rashan at [email protected]
