The CIA is ready to update its cloud technology, and multiple reports this week indicated that the agency has begun a multi-billion-dollar procurement process. A CIA spokesperson was tight-lipped when asked to confirm.
That could be because an agency used to working in secret, simply wants to avoid all the attention that the Pentagon’s JEDI cloud procurement process got, and quietly go about its business. As we’ve learned, when you’re dealing with large cloud vendors like Amazon, Microsoft, IBM and Oracle, and the contract involves billions, fireworks tend to follow.
What we do know is that the CIA’s plan is part of a process known as Commercial Cloud Enterprise (C2E). In a March 2019 presentation (pdf) by the Directorate of Digital Innovation, a division of the CIA, the department outlined its vision for C2E. It would be broad and include infrastructure, platform and software cloud services supporting a broad range of users with a variety of security clearances and a worldwide presence. The price tag: “tens of billions.”
The procurement process would be in two phases. In the first phase, they would pursue multiple vendors to provide “foundational cloud services.” In Phase 2, the department would layer on platform and software services on top of that Phase 1 foundation.
“The principal C2E Program objective is to acquire cloud computing services directly from commercial cloud service providers with established records for innovation and operational excellence in cloud service delivery for a large customer base,” the department stated in the presentation.
It’s worth noting that it’s been almost a year since this presentation and things have likely changed. In fact, Bloomberg Government reported this week that the RFP has dropped the platform and software services component. According to Nextgov, the draft RFP was released this week with a final request for proposals coming in the spring and a decision due in September.
The intelligence community also outlined its broader cloud strategy for the foreseeable future in a document (pdf) published by the Director of National Intelligence (DNI) last June called ‘The Strategic Plan to Advance Cloud Computing in the Intelligence Community.’ It outlines in broad strokes a plan for a US intelligence technology future centered on the cloud, and concludes that with the explosion of data, a future in the cloud is imperative to help deal with all of it:
Information is exploding in volume and velocity and challenging our ability to expeditiously collect, analyze, and draw conclusions from disparate data sets. Additional manpower will not close the resulting gap; we must leverage leading edge technology. The future IC cloud environment presented herein will effectively function as a force multiplier to enhance our effectiveness and address mission challenges.
The CIA was an early adherent of the cloud when it chose Amazon to build a $600 million private cloud in 2013. That was a big win at the time for Amazon and the broader cloud services transition, because it wasn’t as mainstream then as it is now. The Atlantic called it a “radical departure for the risk-averse intelligence community” in a 2014 article.
Cloud technology has certainly evolved in the seven years since the CIA last did this exercise, and it makes sense that it would want to update a system this old, which is really ancient history in technology terms. The CIA likely sees the same cloud value proposition as the private sector around flexibility, agility and resource elasticity, and wants the intelligence community to reap the same benefits of that approach. Certainly, it will help store, process and understand an ever-increasing amount of data, and put machine learning to bear on it as well.
By now, we know all about the Pentagon’s JEDI cloud contract procurement story. Over a two year period from the time the Pentagon chose the cutesy Star Wars-influenced name for the $10 billion, decade-long, winner-take-all project, the procurement has been a drama-filled free-for-all. Even now, months after Microsoft was declared the winner, Amazon is protesting the decision, putting that award in doubt.
This is not the way government technology procurement typically goes. It’s mostly out of the public spotlight, covered by the government trade press, but largely ignored by mainstream tech publications. Perhaps that explains why the CIA, in need of a cloud update, has decided to be a bit more discrete about its plans.