JEDI cancellation offers multiple benefits for DOD, industry
The cancellation of the JEDI cloud contract was not fully unexpected but continuing delays and rapidly advancing technologies made a single cloud approach problematic.
The cancellation of the single-source $10B Joint Enterprise Defense Infrastructure (JEDI) project came as surprising, but perhaps not fully unexpected news. From its beginnings in 2017, the proposition of awarding such a massive program to a single vendor caused controversy. Protests and litigation led to significant programmatic delays that would likely have stretched on. So, after four long years, everybody lost – or did they?
Reality is, technology changes fast. While 2017 may not seem that long ago, in tech it’s almost a light year. Consequently, the cloud alternatives the DoD has today well exceed what JEDI proposed.
Many professionals tasked with moving our defense IT infrastructure forward have known all along their missions depend on leading-edge technical capabilities. Over the last several years, programs like the Air Force’s Cloud One and Platform One, the Defense Information Systems Agency’s milCloud, the CIA’s Commercial Cloud Enterprise (C2E), the Army’s cARMY and more, were stood up or updated because the mission simply couldn’t wait. Technology continued to move forward, as did the military’s need to move to an enterprise-level cloud architecture that could also be pushed to the tactical edge.
These programs began offering AWS and Microsoft Azure as part of their capabilities. They began to apply the same enterprise-level security and scalability that comes from tying into large cloud provider environments. That growth and movement will go on for years to come.
Security is another key consideration. Commercial best practice has long embraced the model of cloud diversity and redundancy. The risks of putting everything in one data center or at one location are simply too great. And, while a single cloud provider can offer redundancy, the risks of tying your fortunes to one vendor are also great. There should simply not be any given entity or geography that, if attacked, would greatly disrupt or even end your operations.
There is also a need to invest in commercial-grade security, where the security vendors have a vested interest ensuring their solutions are as strong as possible; any seen as vulnerable will fail. The Biden Administration has said as much in its May Executive Order on Improving the Nation’s Cybersecurity. The order is meant to accelerate civilian agencies’ move to the cloud, because the Administration recognizes it is inherently more secure.
I would suggest that, while the DoD had very legitimate reasons (i.e., vendor accountability, contract streamlining, consolidated support) to structure JEDI as it did, putting “all eggs in one basket” is not always the best idea. The announcement of the new Joint Warfighter Cloud Capability (JWCC) program right after the JEDI cancellation indicates DoD now embraces that position. JWCC will involve services from multiple vendors, allowing components the flexibility to adopt the platforms best suited to their purposes. While initially DoD says Microsoft Azure and AWS are the only two vendors truly capable of meeting their capability requirements, more platforms may join the qualified mix as technology keeps developing.
The DoD well understands that the battlefield today is as much cyberspace as physical space. Recent sophisticated attacks such as the Solar Winds and Colonial Pipeline incidents are coming from state-sponsored organizations. As a nation, we must be ready and able to compete in that theater.
When we are, the DoD will win hands down because it will be armed with multiple best of breed solutions. Advanced technology and commercial-grade security will prepare all our warfighters to meet whatever strategic and tactical needs they may have, wherever and whenever they arise.