WASHINGTON — The U.S. Navy will soon have a plan for how to implement the accelerated DevSecOps software development process across the service, the chief information officer announced Thursday.
A new internal task force will deliver recommendations for how the Navy can improve its use of DevSecOps to make the practice “foundational and economical to our way of securely delivering software,” according to a memo dated Jan. 15 from Navy CIO Aaron Weis and James Geurts, then-assistant secretary of the Navy for research, development and acquisition. Geurts, a political appointee, resigned his position after the inauguration of President Joe Biden.
“The challenge before us is to determine the most effective and efficient implementation across our diverse landscape of operating environments that optimizes limited resources and minimizes impact to innovation and agility,” the memo stated. “Institutionalizing DSO across the DON requires the adoption of industry best practices, standards and processes enterprise-wide.”
The task force will present its recommendations to the Navy Information Superiority Executive Steering Group, and the plan will serve as an “authoritative roadmap” for enterprise implementation of DevSecOps. The task force has 60 days from Jan. 15 to deliver its recommendations.
The memo directs the task force to identify recommendations including a framework for DevSecOps infrastructure, potential obstacles to scaling the process, and methods to keep the execution plan affordable.
The task force leader is Jane Rathbun, Navy chief technology officer and deputy assistant secretary of the Navy for information warfare and enterprise services.
“The DSO TF shall leverage industry best practices and the work of successful DOD/Naval DSO efforts underway. DSO TF recommendations shall span the diverse ecosystem of DON computing environments and conditions,” the memo states.
The Navy CIO’s office released several memos in recent months, including one in December that updated a policy aimed at accelerating cloud adoption across the service. The Navy also announced a review of its $4 billion IT portfolio to gain a better understanding of its IT portfolio and where its resources are being spent.
The memos align with the Navy’s information superiority vision, released last February, that outlined the Navy’s plans to modernize and secure its networks. The COVID-19 pandemic further accelerated the Navy’s IT plans, including a Microsoft Office 365 roll out. Weis doesn’t want the Navy to lose that momentum when work from home end, he told C4ISRNET.
“Now that we know that we can fly, you know, we don’t settle for ground travel,” Weis said in December.
Andrew Eversden is a federal IT and cybersecurity reporter for the Federal Times and Fifth Domain. He previously worked as a congressional reporting fellow for the Texas Tribune and Washington intern for the Durango Herald. Andrew is a graduate of American University.