Army Cyber Command is using a limited acquisition authority granted in 2017 to get capability into the hands of operators faster.
This authority, delegated by the Army Acquisition Executive, grants the deputy to the commander of ARCYBER the ability to expend resources to develop, modify and acquire non-program of record, cyber operations-peculiar equipment and capabilities, an ARCYBER spokesman wrote to Fifth Domain.
“I have the ability to authorize projects up to $500,000 [in research, development, test and evaluation funds], and $2 million for procurement to do acquisition for an operational command,” Ronald Pontius, deputy to the commander, said during a speech in early March at an AFCEA-hosted conference.
Leaders have often discussed the need to procure rapidly, given how fast things can change in the cyber domain.
“As we talk about the way ahead, the Army also recognized ... that Army Cyber Command needed the ability to do what I call operational development,” Pontius said. “Smaller prototyping is actually delegated directed to me as the deputy to the commanding general.”
The Air Force, similarly, has devised a nontraditional, and some might say controversial, mechanism for rapid cyber procurement for operators. The Air Force, under a construct termed Real Time Operations and Innovation (ROTI), uses operations and maintenance funds for rapid cyber capability development (a funding source ARCYBER’s authority does not include).
The Air Force has employed a model to do rapid cyber capability development faster than the traditional model and other services.
The military has certain buckets of funds, colloquially known as the “color of money,” allocated for specifically defined things. Typically, the services have used research, development, test and evaluation funds in this space. Many might be hesitant to get creative when it comes to fiscal law and think outside the box, because using funds other than what they were intended for can be cause for imprisonment.
Within the ROTI, the Air Force has established a three-pronged criteria for such rapid cyber capability development:
- Total anticipated investment is less than $2 million;
- The “project enhances or is linked to an existing operational system, platform or capability;” and
- “The project’s end product or capability can achieve Capability Release for Operational Use in less than 180 days.”