Department of the Navy DevSecOps Task Force
Joint DON Memo - Publish Date: 01/15/21
This memo details the implementation of Development, Security, and Operations (DevSecOps/DSO) in pursuit of modern software development and delivery, which is critical to accelerating capability to the fleet and improving the security of our information.
Subj: Department of the Navy DevSecOps Task Force
Ref: (a) DON Information Superiority Vision
Per ref (a), implementation of Development, Security, and Operations (DevSecOps/DSO) in our pursuit of modern software development and delivery is critical to accelerating capability to the fleet and improving the security of our information. The challenge before us is to determine the most effective and efficient implementation across our diverse landscape of operating environments that optimizes limited resources and minimizes impact to innovation and agility. Institutionalizing DSO across the DON requires the adoption of industry best practices, standards, and processes enterprise-wide.
To accelerate DON movement to DSO in an expeditious manner we are establishing a DevSecOps Task Force (TF) to identify the key actions that we must take to make DSO foundational and economical to our way of securely delivering software. Within sixty days of signature of this memo, the DSO TF will produce a set of prioritized recommendations to the Information Superiority Executive Steering Group. Once approved, the recommendations will result in the establishment of an authoritative roadmap for DSO enterprise implementation. DSO TF efforts shall consider changes to policy, standards, process, organization, training, workforce, and technology. The DSO TF recommendations should include:
- Framework for common and differentiated DSO infrastructure.
- Identification of obstacles/gaps inhibiting the scaling and maturation of DSO and recommended mitigations.
- Courses of action for affordable sustainment of DSO execution (funding models, enterprise contracting, workforce, etc.).
- Governance and management of the DSO enterprise.
- Process and criteria for streamlined technical/cyber assessment of DSO infrastructure.
The DSO TF shall leverage industry best practices and the work of successful DOD/Naval DSO efforts underway. DSO TF recommendations shall span the diverse ecosystem of DON computing environments and conditions.
The DON lead for this effort is Ms. Jane Rathbun, DASN IWAR/DON CIO CTO, (703) 697-1054, email@example.com, who will oversee DSO TF activities and deliverables. Regular updates will be provided to key stakeholders through the Information Superiority Advisory Board.
Aaron D. Weis
Department of the Navy
Chief Information Officer
The Honorable James F. Geurts
Assistant Secretary of the Navy
(Research, Development, and Acquisition)