A few years from now, the Department of Defense’s Joint Warfighter Cloud Capability will be in place and operational as the foundation for the department’s JADC2 initiative, according to John Sherman, chief information officer of DOD and a 2022 Wash100 Award winner.
The department’s cloud adoption efforts have been difficult and remain difficult, Sherman said during his keynote address at the Potomac Officers Club’s 3rd Annual CIO Summit. Over the last year, DOD has pivoted from its first single-source cloud program, the Joint Enterprise Defense Infrastructure contract, to its new multi-cloud, multi-award JWCC.
Although JWCC has seen delays, the potential $9 billion effort aims to award contracts by the end of 2022.
“Within a few years, not only will the contract be in place, we’re going to be running workloads top secret, secret and unclassified across multiple clouds all the way from CONUS out to the very tactical edge,” Sherman said.
Sherman also shared that the DOD’s Cybersecurity Maturity Model Certification program, which was recently rolled under his office, is expected to undergo further changes in the coming years to reduce the barriers for businesses to achieve compliance.
Join the 2022 CMMC Forum hosted by the Potomac Officers Club on May 18 to learn more about the future of the program and its implications on the public and private sectors. Register here.
Of the CMMC updates, Sherman said, “I’m going to expect you to see something that is understandable, that makes maybe a little more sense of where we started – looking at maybe three versus five levels – but very importantly, for small and medium sized businesses, that we have taken steps to make this 800-171 implementation a bit more palatable and doable.”
Sherman’s priority in amending the CMMC program expands beyond the nation’s capital and is driven by his own family’s history of small business ownership “We all live in the Beltway,” he said, addressing the in-person audience. “I’m thinking about the companies that are out in the Midwest, the West coast, the Northeast, the Southeastern United States, you name it – folks who aren’t near the 495 here and how CMMC and DIB security looks to them.”
Cybersecurity, and CMMC in particular, are areas in which we’re “going to have to move the needle” as adversarial threats continue to escalate, he said. “This is where the Chinese and the Russians and non-state actors are trying to lift our information.”
In regards to other focus areas, buying down the department’s technical debt, getting zero trust on good footing, electromagnetic spectrum operations, 5G and PNT – or position, navigation and timing – all still remain top priorities for the department in the near future, Sherman noted.