Transcript

DOD Chief Information Officer Updates Reporters on Digital Modernization and the National Defense Strategy

July 30, 2020
Dana Deasy, Department of Defense Chief Information Officer

CIO DANA DEASY: Thank you, Russ. So thank you, everybody, for joining so early this morning. I'm going to give you probably a little bit longer-than-normal opening remarks. There's just been a lot happening in the digital modernization space since I think the last time I was on the record. I wanted to make sure you all had a fairly comprehensive view of what was going on.

So as you're aware, the efforts of the National Defense Strategy are all about getting modern, effective technologies into the hands of our warfighter. Our program at work covers cloud, AI (Artificial Intelligence), command and control communications -- or often referred to as C-3 -- cybersecurity, and then in our latest effort, data. I'd like to highlight a few of the recent accomplishments in each of these areas and show you how specifically they're addressing and advancing the National Defense Strategy priorities regarding lethality, building partnerships, and reforming the enterprise.

I have often talked about building the enterprise cloud as the foundation of the digital modernization. Cloud has always been much more than JEDI. Today, you're going to see that you're joining me on the platform we refer to as CVR (Commercial Virtual Remote Environment). This platform supporting nearly one million active DOD users with voice, video, and chat capabilities today. It is a cloud-based environment. It is rapidly-scaled, which is what we always wanted our clouds to be able to do to meet the needs and demands of the department, specifically during the COVID crisis.

We have a diverse workforce. Everyone has been affected in very different ways. Some have been affected by having to take care of aging family members, others having limited childcare and still others need to social distance because of personal health concerns. CVR has been extraordinary collaboration tools in enabling colleagues and partners around the globe, continuing DOD operations without interruption. CVR provide the flexibility to support a more inclusive workforce, make people more connected, and demonstrate the department's resiliency when challenged.

Normally, a program of this scale and complexity would take over a year to design, engineer, and deploy, but the extraordinary efforts by my fellow technologists across the department have led to the delivery of a CVR platform in under 60 days. While cloud capabilities are vitally important, more is required to ensure our servicemen and women are prepared for future threats.

The NDS describes the potential future conflict in which adversaries seek to contest us in every domain in which we operate. We need to be extraordinarily adaptable on the future battlefield, not just in our tactics and decision-making, but in terms of our technical capabilities. We need to be able to push new capability to the warfighter to be able to adapt to changing conditions and respond to moves our adversaries might make.

Our cloud strategy is a critical enabler of that vision, but it is not enough. DOD needs to address the full range of changes needed to support the rapid delivery of new capabilities into production systems. In software terms, this is what we like to refer to as DevSecOps, which is delivering new functionality directly to our weapon systems.

We have now moved into the next phase of the digital modernization implementation, which encompasses a more comprehensive program of software modernization. Our software modernization effort, which is being worked collaboratively -- collaboratively across many offices of the DOD, works backward from the goal of delivering new capabilities directly into the hands of the warfighter and addresses both the technical -- and I must emphasize -- as well as the non-technical obstacles to that vision. There is an enormous amount of work underway across the DOD on this front. I'll just share a couple of examples of progress.

My office recently designated one of the most mature DevSecOps platforms within the department, the Air Force Platform One, as an enterprise service which has the effect of making this capability broadly-available across the DOD. That designation also links directly into the Software Acquisition Policy released by A&S (Acquisition & Sustainment) that encourages both the uses of DevSecOps and adoption of existing enterprise services.

While we tend to focus on technology when we talk about software, it is important to acknowledge that progress is delivering -- in delivering capability more rapidly will depend as much on non-technical enablers such as changes to acquisition policy, cyber risk acceptance processes, as the technical capabilities.

Artificial intelligence remains a critical element of our Digital Modernization Strategy. The JAIC (Joint Artificial Intelligence Center) is capitalizing on lessons learned from early projects to develop and deliver scalable AI solutions. In the past few months, the JAIC has placed increased emphasis on joint warfighter operation mission initiatives, which is laser-focused on the priorities of the National Defense Strategy and its goal of preserving America's military and technological advantages over our strategic competitors.

In partnership with American technology industry, the JAIC is developing AI's capabilities that will generate a more cohesive framework for all domain operations while creating decision advantage in front-line communications that will be critical in an evolving operational environment where speed, precision, agility are paramount for success. For example, under the Joint All-Domain Command & Control concept, or JADC2, the JAIC is developing an operations cognitive assistant capability that enhances human-machine teaming to drive faster and more efficient decision-making through AI-enabled predictive analytics.

While we develop and enhance AI capabilities for the warfighter, we continue to cooperate and lead in AI innovation along our interagency and international partners. For example, JAIC Policy Team is bringing together thought leaders from across the department to the responsible AI subcommittee to develop and standardize procedures for implementing AI ethical principles.

Meanwhile, the JAIC's International Team is facilitating a robust and ongoing dialogue with allies and partners from NATO, the E.U.(European Union) and Indo-Pacific about how we can shape our security cooperation and defense partnership for the digital era.

AI is just one example of how the department is progressing -- how the -- excuse me -- AI is just one example of how the department is preserving its military and technological advantage, as outlined in NDS, as well as leveraging the innovation of America technology industry to deliver safe, responsible, and effective solutions to our warfighters.

Data is another critical element to the success of the Digital Modernization and National Defense Strategy. We recently announced the appointment of the department's new chief data officer, Dave Spirk. Dave's organization is focused on strengthening data governance, interoperability, and data protection across the department. This will be a major effort. In the coming months, you'll hear more about that as we release the DOD Data Strategy. The chief data officer is on a directed 90-day listening tour where he is talking to senior leaders in the Pentagon, warfighters and at the combatant commands, industry, and academia to assess the overall department's progress. At the conclusion of the 90-day tour, Dave will provide a written assessment with a plan of action.

It has become clear that data policies and data standards alone cannot strengthen data management or improve data quality. User engagement and prioritization of opportunities to accelerate are critical, and we have organized our initial focus on three specific areas: one, Joint All-Domain Operations; two, decision leadership -- decision -- senior leader decision support; and three, business analytics. Our efforts will continuously evolve with the expanded data officer counsel and the combatant command participation, which will allow us to place particular emphasis on the operational community and warfighter needs.

Next, our C3 modernization effort has been aggressively working spectrum issues, especially mid-band, to include support for accelerated 5G development. The Spectrum Team has taken a whole-of-nation approach with strong support and effective collaboration across governments, industry, academia, allies, and partners to solve for spectrum sharing. DOD's committed to making the U.S. the world leader in the innovative spectrum-sharing technologies.

As many of you know, the department has also initiated a number of prototyping and experimentation pilots at military sites to demonstrate the use of 5G and networks for military applications. As I previously mentioned, DOD is pursuing an approach of partnering with industry to utilize, protect, influence 5G technology and systems.

Leading on behalf of the department, R&E (Research and Engineering) has received proposals from industries for five 5G sites to accelerate military application of 5G technologies. The selection of the first four bases is in the final phase, with an expectation of three dozen contracts worth in excess of $180 million to be awarded and initiated by the end of this fiscal year. We announced the next set of military prototyping sites and 5G experimentations, including seven bases, in June. Some key technologies of interest include virtualization and 5G cloud architectures. We expect to be sending out a request for solicitation before the end of the fiscal year.

A key focus on NDS is building partnerships. Today's missions and those in the foreseeable future will greatly depend on warfighters' ability to fully integrate with our mission partners to fight in new ways, while exercising appropriate cybersecurity practices. Mission partners must operate, integrate, and collaboratively and seamlessly as though they are physically co-located with each other, to effectively execute joint operations.

To meet this requirement, the DOD's CIO, with the U.S. Air Force as the executive agent for the mission partner environment, is designing, implementing, and fielding the mission partner environment. When fully deployed in fiscal year 2028, it will provide information sharing, command and control, intelligence collaborative capabilities, supporting the full range of military operations.

To date, we have established the mission partner environment, senior-level governance structure, and associated working groups, expanded the All Partner Access, or APAN, for unclassified information sharing with mission partners. There's over 400,000 users across the globe today utilizing it. The enhanced -- and we are also enhancing the initial three global nodes with modern software and identified acceptable security frameworks for information domains.

Lastly, each of you no doubt have a clear understanding that cybersecurity at DOD is always and will be a 24-by-7 mission that plays a critical role in the implementation of the National Defense Strategy.

In furtherance of this strategy, we have aggressively moved out on a concerted effort to improve cybersecurity across the DOD landscape. I will not be able to go into specifics of our plans or successes in this forum, but our efforts include improvements, everything from our traditional networks to weapons systems to encryption to the defense industrial base.

During the current COVID-19 pandemic and prior to that time, we placed cybersecurity at the forefront of everything we do, whether our personnel are working from the Pentagon, a military base or their home, cyber-hygiene remains a top priority.

We are also working to drive further accountability for decisions related to cybersecurity to ensure our capabilities will remain available to deter and, if necessary, prevail against a near-peer adversary.

All this encompasses an extensive program of work, which we will continue with pace and urgency.

You have seen we have a robust interconnected digital modernization program, focused on delivering the advanced warfighter capabilities called for in the National Defense Strategy. Each element of that program builds upon the next element. We face a future battlefield environment across all domains that will be more complex, more lethal and more dynamic than ever before.

We also know our competitors including China and Russia are pursuing many of the same technology advances that we are. To maintain our edge, we have to adapt into this future in a way that is faster, smarter and more flexible than our adversaries.

I am confident we will rise to the challenge by leveraging our innovative ecosystem, our diverse talent, and our global networks of partners. We understand the warfighter and the American public are counting on us.

Thank you again for taking the time to be here today, and I look forward to the questions.

Russ, back over to you.

STAFF: Roger, sir, thank you. And thank you for those remarks.

Okay, media, I'll call on you and you'll get your opportunity. Ask one question and then a follow-up, and then we'll move onto the next so we have time to get through the entire group.

Let's start off with Travis?

Q: Hi, sir, thanks for doing this. Can you hear me okay?

MR. DEASY: Can hear you perfectly well. Good morning, sir.

Q: Good morning. I wanted to ask you about the -- the future of telework. You know, we've -- we're starting to hear from Congress, talk about how the federal government could save money on office space by employing telework permanently. The Navy recently said that it could use telework to save money on office space, and shift that funding into higher priorities like ports.

You know, I understand that those types of decisions are going to be made by lots of other folks. But I'm just wondering if you have started to have those types of conversations in the Pentagon, about being able to save money on office space with telework and using it for other high priorities? Thanks.

MR. DEASY: So, Travis, the simple answer is yes, those conversations are taking place.

However, I would say the conversations I find myself in, though we have ones about how teleworking can help us with office space and saving money, I'm spending much more time on how we're actually starting to discover -- it's really interesting, every week, I put out an e-mail to the secretary, describing what we've learned in the last week about CVR and teleworking.

And so the conversation I find myself more involved with is how it's changing our way to bring people together quickly for meetings, readiness conversations, training exercises. But to your very specific question, yes, there is an active conversation about what does a sustained teleworking environment look like?

We've now built this amazing, robust infrastructure, and so there's no doubt that we will be able to leverage that in the event that the future requires us to. But I believe personally that we'll be leveraging that to the very points that you're making around cost savings as well.

Q: Great. And if I could just follow up, you mentioned enormous amounts of effort, I think in software. And you guys have used, I think it was $324 million -- if I remember correctly -- from the CARES Act on remote work, upgrades. And I was just wondering if you see a need for additional funding, potentially in, you know, another piece of stimulus legislation from Congress? Thank you.

MR. DEASY: I can tell you the environment we've created to date is meeting the needs of the Department of Defense, not only from the warfighting and readiness standpoint, but from the teleworking standpoint as well.

Now, you know, the future's unpredictable in terms of what might happen, but I can tell you the money we've received today has adequately allowed us to build out the necessary teleworking environment.

STAFF: Thank you, Travis.

Let's go next to Lauren Williams?

Q: Good morning, sir, thank you for doing this.

MR. DEASY: Sure.

Q: I wanted to ask you about how this telework situation has -- has given insight to the cybersecurity posture. I know at the start of the pandemic, Ms. Miller had indicated that there was an increase in cyber-attacks because there are so many people working from home. So how -- since CVR has come online, how have you -- how has that situation changed at all?

MR. DEASY: So you know, it's interesting, we've always known that when you move to cloud technology such as the one, Lauren, that we're using here today, that you know, the adversary's going to pivot and try to exploit and find ways to take advantage of our moves in teleworking.

So one of the things that teleworking has done, it's really accelerated the work between my office, the NSA folks, the U.S. Cyber Command folks, JFHQ-DODIN (DOD Information Networks) and DISA (Defense Information Systems Agency) to work in a lot more expeditious way with industry on how to protect ourselves in this environment.

We've always known that the cloud raised questions in terms of, you know, how viable of a solution could it be from a cyber-defense strategy. And I can tell you, the nice thing about having to deploy CVR, it gets very real very quickly in terms of the tactics and the techniques you have to deploy.

So, yes, is the adversary out there trying to compromise us? Absolutely, they try every day to compromise us in all new techniques that we are constantly deploying.

But I can say with a lot of confidence that the work that we've all collectively done, along with our industry partners in this space, is just revalidating for us that we can live in a cloud world successfully even though we know that the adversary is going to continue to work very hard to compromise us in this space.

Q: And to follow up on that, how is the CIO more broadly implementing cyber-hygiene practices? I know that that's been a subject of concern in --

MR. DEASY: Yeah.

Q: -- in oversight reports.

MR. DEASY: You know, it's -- it's interesting. I look back to when the term "cyber-hygienes" was first created many years ago, and I look back at my own career and think about what that meant years ago, and the fundamentals haven't changed. You know, today it's still about smart use of computing assets: how you log on, how you secure your password and ID, what you click on, what you shouldn't click on, what you should share or you shouldn't share.

Honestly, the teleworking has just added another dimension to cyber-hygienes in that now, you've got the element of people working from their home environment, which obviously sits outside of our direct network domain. So we've had to expand an already-well-known list of things that we ask people to do when working from home in terms of securing their device, ensuring that they're doing the work from a safe location, ask them to make sure they're not connecting to the network and using the assets in an inappropriate way for personal use and putting strain into our environment.

But I would say the fundamentals, Lauren, of cyber-hygienes that have been in play for a number of years are the same conversations we are holding today with the added element of it just being from someone's home now.

STAFF: Thank you, Lauren. Let's go next to Jason Miller.

Q: Thanks, Russ, and thanks, Mr. Deasy, for doing this. I'm going to go ahead and rip the Band-Aid off, I guess, there, and -- and ask about the -- the -- the four-letter word JEDI that we all are probably a little bit interested in. But let me take it a little broader, because I understand that, you know, there's only so much you can say about it. So two things that -- that I want to start with -- well, one thing, but -- but two kind of related things. What's the time schedule, timing for, if you will, fixing, re-releasing the -- the JEDI solicitation? Any -- any details on changes you can tell us, or you plan on making to the solicitation?

MR. DEASY: So as you know -- and -- and it's been very public -- the judge put a -- a stay; asked us to go back and specifically look at a section of the RFP (request for proposal) solicitation. We committed to turn that around and have that out, allow each of the two respondents then to respond back. Our goal is to finish the evaluation of those responses in August, which was always our plan. And so we are still on schedule to, I guess you could say, do a re-announcement of our intentions to award probably sometimes towards the very end of August, barring any last-minute unforeseen additional issues that are raised.

Q: Thank you. I appreciate that. And then more broadly when it comes to cloud, I -- I think the Air Force is an example that you brought up regarding software, but also Platform One. What does that mean more broadly to the saying that Platform One is an enterprise service now? How -- but how does that kind of fit into this broader cloud strategy?

MR. DEASY: Actually, it helps to reinforce what I've been trying to get out into the public domain now for the last year and a half, and that is the Department of Defense was never going to be about a single enterprise cloud; it was going to be about a multi-cloud, multi-vendor environment. Our report that released to Congress at the end of last year articulated very clearly that the DOD CIO Office over time would start to appoint more clouds as certified clouds across the Department of Defense, and so that's what we've done.

Now, it's really interesting about -- and what we did with the Air Force. Here again, while people become fixated on the -- the -- the cloud aspect of this, if you really dig under the covers, what was really important in that announcement was Air Force truly has matured this vision that I have been an advocate for for a long, long time around DevSecOps. They've done a lot of work in the entire software development process and various tools and techniques that we are advocating as part of our agile workforce.

And so when we announced Air Force One, so I think people picked up on the word "the cloud". What the big message there was, we asked you for the first time, had designated a cloud across DOD that could be used for a common way of doing DevSecOps.

STAFF: Okay, thank you for that, Jason.

(CROSSTALK)

STAFF: Thank you, Jason. Let's move to Carla Babb, please.

Q: Hi, yes. Thanks for doing this. I wanted to ask a little bit about 5G. You said that the selection of the first four bases was in the final phase, with the contracts going to be awarded by the end of the year. Can you just kind of update us on what that means? Because it was my understanding that the four -- the first four bases were actually announced and selected in October of last year, so --

MR. DEASY: Yeah.

Q: -- kind of talk -- talk it through. What's happened since October, and where exactly are we are now -- now, and what's left to be done? 

MR. DEASY: Yeah. I -- I really appreciate the question, and I -- I think I can help probably clear up maybe some of the -- the confusion there.

So what was announced last October was the fact that the DOD was committed to embracing 5G and doing that through a series of experiments. Step one of that was -- well, we always said that our approach was based on three things: How do we accelerate using 5G, how we operate through using 5G, and how do we innovate? We realized that the most effective way to do that was to select some bases.

So the announcement last October was all about announcing the bases we were going to work with. That then subsequently led to then announcing what type of work were we going to do on those bases. So just to give you an example here, I've written down a few notes: At Hill Air Force Base we said we were going to work on dynamic spectrum sharing. At Joint Base Lewis-McChord we said we were going to work on augmented reality. Naval Base San Diego, California, we said we were going to work on smart warehousing. That's what that was all about.

The next phase after we designated the bases and after we designated what was the work was going to occur at those bases was then to put requests out to industry for them to come back and share with us how they would go about supporting us with the technology, solutions, software services they have. We are now at the point where we're ready to make the awards to specific companies to help us work on those bases on those specific 5G projects. Hopefully that clears it up.

Q: Okay. Yes, thank you. That is helpful.

And if I can follow up real quickly on Travis' question about the teleworking situation, Admiral Mills from the Navy had told us last month that he has identified some positions in his office that could be permanent teleworking positions, created a list. Is that -- when you say that there are talks going -- conversations taking place, have you actually formulated a list of specific positions in the Pentagon or within DOD that could be permanent teleworking positions, that people wouldn't have to move to Virginia?

MR. DEASY: Yeah, I -- I specifically have not been involved in developing a list. The conversations that I find myself in are more of, "If we are to use this tool and capability going forward, what additional capabilities can you, the CIO, help us with? How do we ensure the robustness, the security, the availability, the resiliency of the teleworking environment?"

So I don't find myself going to meetings so much, sitting down and helping identify a list, I find myself more explaining how the technology can be used and how we're going to keep it robust, safe, and resilient.

STAFF: Thank you, Carla. Mariam, do you have a question?

Q: I do. Thank you, good morning, sir.

I was wondering, so -- about the DevSecOps initiatives, Enterprise initiative, their mission is to train 100,000 people within the year. It sounds somewhat unbelievable. Can you explain a little bit about how -- what the plan is for accomplishing that?

MR. DEASY: I probably won't speak specifically to the 100,000. I can speak more broadly about what are the elements of success. One of them is obviously getting people trained to know how to use the environment, but there are some prerequisites to that, that I know the Air Force has been working on as well as Pete Ranks, who heads up our cloud program office, are working on.

And, for example, these include things like, "If we say we're going to have a large number of people trained, that means they have to be trained against some sort of a DevSec reference architecture."

So last year, there was a lot of work done to create what we are calling the "design playbook." Second of all was, in designating platform one, there was work you then had to do to go through and start conversations up.

Remember, it's not like training our own folks, but it's working with the defense-industrial base on how they could take advantage of this environment. So there's been a significant amount of work going into working with A&S for example on how do you set up the DevSecOps environment, for example, in the Air Force that the defense-industrial base can use?

Then there's these things called "code blueprints." In my prior life, we used to refer to them as design templates. The power of DevSecOps, the real power, is getting developers out of the world of creating everything as original code, but taking the most common reused code elements, putting them into what we're calling these code blueprints, and then allowing them for reuse.

So when you think about -- when we say we're training 100,000 people or whatever, what we're really doing is just saying, "Hey, we've got to get them a reference architecture, we've got to figure out how to bring in the defense-industrial base into this, and we've got to then have these predefined blueprints available for them."

And then the last thing we're working on is, if you can create all that, we also want to try to solve once and for all this idea of ongoing global directory, or the identity that you carry when you sign in and use an application.

So another foundational thing is how do we train people when they write new applications using blueprints, the reference architecture, that they're also using the new identify authentication service that will allow someone to only sign in once with the correct identity.

So for me, the way you get 100,000 people trained, there's a bunch of prerequisite things that have to be done up-front that make that training easier and more standardized.

Q: Gotcha, thank you.

And then forgive me, my follow-up question is a little bit novice like here, but you mentioned the mission partner environment with the Air Force launching by 2028, there's already structures in place. Is that to be seen as sort of an outgrowth from the -- the Platform One work? Will those be -- can you explain how those might be (inaudible), if so?

(CROSSTALK)

MR. DEASY: Yeah. No, I would -- I would say there's elements of the technology in Platform One that will apply to what we call MPE, or the mission partners environment.

But what this really is, is this is just the next-generation of how we communicate with our allied partners, in a world where we recognize that if we're going to show up on the day as a collective, singular force, that the current generation of network and communication and secure communication channels that we use, are going to need to be much more robust.

So I kind of refer to this as the next generation of how we fight with our -- and communicate with our -- allied partners. It may use elements of the technology from Platform One, but you should kind of hold that these are distinctively different programs of work.

Q: (inaudible) very much.

STAFF: Thank you, Mariam.

Let's go next to Aaron Gregg?

Q: Can you guys hear me?

MR. DEASY: Can hear you fine, Aaron, good morning.

Q: Yes. Good morning, Dana, thank you -- thank you so much for doing this. So my question, the DOD CARES Act spending plan submitted to Congress in early June mentioned that DOD would be, quote, "expanding ongoing commercial solutions that provide remmote access to NIPRNet (Non-classified Internet Protocol Router Network) and SIPRNet (Secret Internet Protocol Router Network)”. Could you elaborate on those efforts?

MR. DEASY: I think what we were referring to –I kind of have to go back and recall when we put that together -- at the time we did that, we were in the early days of what has now become CVR. And we knew that CVR had the potential to become a very large, robust environment.

You know, I remember when we first stood it up, we thought, "Boy, if we could get 100,000 people on this thing, this would be great." But then we stopped and said, "Well, what if this thing was to grow to be a lot bigger? Do we have the right funds to support a much larger, robust commercial solution?"

And so I think what we were referring to back then was the potential that if CVR took off -- which it did -- that we were going to need to make sure we had the right -- it's not only about the right money for the infrastructure and the licenses, but to maintain a CVR environment for collaborations, for chatrooms, for teams being stood up, there's a whole background infrastructure support that has to be stood up in that environment as well.

And so part of the funding was, how do you make sure this could be a robust ongoing solution across the department? Hopefully that helps to clarify.

Q: It does, thank you. So I guess as a follow-up, just -- just kind of broadening that, how has this current, I guess, remote work situation that we've all been thrust into, how does that change how your office is looking at certain restricted information being stored locally versus allowing more remote access? Has -- has that been opened up in any way, would you say?

MR. DEASY: That is an ongoing conversation. So if you asked me right now, “so Dana you guys have created this environment, you've got close to a million people using it in whole new ways. What is the big, you know, work that still lies ahead?”

You know, what we created is a, kind of an unclassified version of collaboration, but we've always recognized that where we really need to move this is from kind of what we call an IL2 (Impact Level) to an IL5 environment that has all the robust capabilities that you would expect, where you could do much more secured types of collaboration.

Now, the trick in doing that is you don't want to lose the goodness of how we've been able to allow people to work off-net, so to speak, from their home, from their own types of devices. But how do you now transition to an IL5 world which locks down things in a lot more restrictive way, and obviously, for very good reasons?

So there's a lot of pilots going on right now on how we pivot CVR from kind of an IL2 world to an IL5 world between now and, I'm going to stay, towards the end of this year? And so if you were to ask me, what is the big heavy lifting we're working on right now? Is, how do we actually do that pivot from an IL2 to an IL5 world?

Q: Okay, thank you.

STAFF: Thank you, Aaron. Let's move next to Lee Hudson.

Q: Hi. Thanks for doing this.

MR. DEASY: You’re welcome.

Q: You mentioned the JAIC and Platform One, and I was curious on how the JAIC is supporting JADC2 and the ABMS (Advanced Battle Management System) efforts.

MR. DEASY: Yeah, I've got some specific notes that I thought that question might come up today. So first of all, it's an important -- to remember that when I first started speaking about JAIC, gosh, I guess it's well over a year, a year and a half ago, Lee, the conversation back then was how do you -- how do you build a startup organization with all the goodness and innovation of what you would get if you were to go outside and see a new kind of young upstart occur.

And so back then it was all about, how do we go out and build an ecosystem of the academic world and private industry that we could work with, knowing we would have to leverage extensively that capability? That led to some of the early work, you might recall, in our disaster recovery, our predictive analytics. That set the foundation for one very important addition that we needed to put in place, and that was what was called the Joint Common Foundation, and that is the tools, the library of capabilities that need to be in place to then move to something that was a lot more complicated.

That has now allowed us, as we've matured, to say what we've always known we really need to be -- get JAIC focused on, is the Joint All-Domain space. And this is basically in a number of areas of JADC2: joint fires, electromatic – electromagnetic spectrum, and strategic mobility.

So the early one is if you think about the battlefield, there is a, just tons of information that are coming in to command-and-control sites. They're coming in from radio communications, text communications -- a variety of systems are feeding the information in. And you have people that are sitting there looking at these screens of data that are coming in, and they're having to pull out of all that information what they believe is the most relevant information they need to send on to a commander so a commander can then take real-time decisions.

So this cognitive assistant, for example, we're working on right now is, how do you use the power of AI to start going through all those feeds of information that are streaming in and be able to extract out using natural language processing and other technologies to help give the combat -- the commander better real-time information on the battlefields? So that's the current work we're doing.

But JADC2 is made up of a bunch of different areas, and like I said, including electromagnetic spectrum. How do we move forces? How do we target? But right now, it's all about, how do you take streams of information in and allow the machine and human to interact together to make better decisions? Does that help?

Q: Yes, that's really helpful. Thank you so much.

MR. DEASY: All right.

STAFF: Okay, it looks like we only have time for one more question. Let's go to Allen Millhiser.

Q: No questions at this time.

STAFF: Okay, let's go to Mary Walsh. We can't hear you, Mary. Okay, let's go to Kelsey Atherton.

Q: Hello. So I wanted to ask about -- with DevSecOps and with these rolling out code blueprints, is DOD working on its sort of own code repository on these handy plug-and-play solutions, or are you building from, like, publicly-available sources like GitHub?

MR. DEASY: Yeah, so the answer is yes and yes. Obviously, when you think about sources like GitHub, it's all about what we call, you know, the DOD version of it in terms of highly-secured. But you are absolutely right. At the end of the day, if you look across successful organizations that have really been able to get agile development going, one of the things that will be kind of a base to their stories, Kelsey, is this idea that they created a library, a easy way for people to access what was already developed by somebody else. How was it put out there? How easy was it to go find it? And then, how easy is it to integrate it into your work that you're doing? And these are a series of code repositories.

And so we're -- and the other thing we do know about technologists that develop great code is they love to share their code, and they want to make their code readily-available. So we're really focused on, how do you take things like APIs (Application Programming Interface), micro-services, which are kind of the building blocks of reuse, where we're trying to get coders out of the world of thinking that every time they need to make a call to something -- you know, a simple thing like someone's developing a repository to track troop movements and show the dots on a map.

Well, in the old days, you would have had the coder having to go out and actually write the code to put those dots on the map and create the map overlay. Today, you don't have to do that. Today, they can make calls to already well-defined technologies that do mapping solutions and identity onto those maps, so that's a really good example of the power of building these repositories.

And it's back to the earlier question about training. Part of the training is how to get people to know how to go in, put things into these repositories, how to tag them, label them, and then make them accessible for other people to use.

Hopefully that helps, Kelsey.

STAFF: Okay, thanks, Kelsey.

Andrew, Matt, and Vago, sorry we didn't have an opportunity to get to your questions, so please if you have something, send them in to me.

We appreciate your time. The 45 minutes flew by. Thank you very much.

Mr. Deasy, any closing comments?

MR. DEASY: No, other than it's great to get this group together. It's always valuable for me to hear that -- when I hear the sorts of questions I get from all of you, it lets me know what's on your mind, what's important to you. So thank you for your time today, and hopefully there was some good clarity in what we're doing on the digital modernization program, gave you a sense of the progress we're making. Thank you, everybody.