Abstract cloud computing technology concept

Digital background depicting innovative technologies, data protection Internet technologies. Cloud computing digital concept (Getty images)

AUSA 2022 — The Army this week rolled out a new plan for how it will leverage its cloud, and for the first time publicly released another plan to develop a data-centric service. Both strategies, which officials have discussed for the past several months, were unveiled Monday at the annual Association of the US Army conference.

Speaking at the conference, Army Chief Information Officer Raj Iyer said the cloud plan “builds on the capabilities that we built in the last 18 months and focus[es] on how we’re going to operationalize that capability for the warfighter.”

The cloud plan, for the first time, includes the implementation of zero trust architecture — a security framework in which it’s assumed a network is always at risk of being exposed to threats and requires all users to be authenticated and authorized.

The other plan, which lays out the service’s goals for a digitally infused Army, separated the service’s efforts into either short-term or long-term categories, and acknowledges that the service won’t overcome its many digital challenges all at once. Iyer said that the data plan, which has been classified for two years and is now publicly available, is another key component part of the Army’s “digital transformation.”

An Updated Cloud Plan That Includes Zero Trust

The Army has been talking about its forthcoming cloud plan since May, when Paul Puckett, the director of the service’s Enterprise Cloud Management Agency (ECMA) said he expected it to be released later this year. But until recently, the Army hadn’t included zero-trust as part of that plan. 

Now, however, the plan outlines three zero trust lines of effort: zero trust transport, cloud-native zero trust capabilities and zero trust control. The plan defines a zero trust architecture as a “security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.”

Under the zero trust transport line of effort, the Army wants to develop “transport paths for the global cloud ecosystem from the enterprise to the tactical edge to include commercial backbone and satellite communications,” among other tasks. The service also wants to add or modify solutions within the zero trust architecture to provide zero trust capabilities and establish a “configuration and change control board to oversee” the zero trust architecture, along with other objectives. 

The service’s push to zero trust is part of a broader effort within the Defense Department to implement the architecture across the entire department within the next five years. The Pentagon is developing its own zero trust strategy that will outline dozens of capabilities needed to bring the department to what it calls a “targeted” zero trust

The other strategic objectives in the Army’s 15-page plan, crafted by the Army Chief Information Officer Raj Iyer and Puckett, include expanding the cloud; enabling secure, rapid software development; accelerating data-driven decisions; enhancing cloud operations; developing the cloud workforce; and providing cost transparency and accountability. 

When it comes to enhancing cloud operations, the Army wants to develop an “enterprise cloud portal” that integrates all cloud initiatives across the Army to its mission partners, including DoD, industry and academia, according to the plan. The ECMA will also develop a cloud service management platform that will automate workflows and centralize customer service capabilities.

A Data Plan For A Digital Army

Meanwhile, the Army’s data plan places heavy emphasis on data and data analytics and includes four short-term objectives and seven long-term strategic objectives to achieve the “Army of 2030.”

With the near-term objectives, “the approach is not to attempt to solve all digital operations issues in the Army at the outset,” according to the plan. “Gaining feedback from actual Army operations is necessary to ensure a lasting and effective solution.”

The near-term objectives focus on exercises that involve a small number of operational units with the intention of incorporating feedback from the events “across the broader Army in a later phase leading up to the Army of 2030,” the plan continues. Those exercises are broken down into four “steps”: establishing an echelons above brigade operational framework, finalizing the prioritization of needs, prioritization of solutions and program objective memorandum 24 (POM24) implications. 

One of the long-term objectives defined in the plan includes delivering software and decision analytics quicker to outpace adversaries. But delivering software at a quicker speed is tricky — at least for DoD itself, which as of June was still struggling to deliver working software for its weapon systems in a timely manner.

“The Army needs the ability to innovate and react at speed to support operations faster than our adversary,” according to the plan. “Our Army requires the ability to provide new decision aids, such as data analytics or new software tools to meet mission requirements. The desired outcome is to improve ways to decrease the time for rapid data analytics and for identifying needs across the process from validated need through to initial fielded capability.”