Amazon Web Services last week went live with a classified version of its commercial cloud marketplace for the intelligence community, allowing spy agencies – led by the CIA – to evaluate and buy common software, developer tools and other products that meet stringent security standards.
While the IC Marketplace is still in its infancy, a small group of initial vendors have had their solutions vetted with “a line of more who want to come,” according to Sally Holcomb, deputy chief information officer for the National Security Agency, which partnered with the CIA in developing the IC’s cloud computing efforts.
Speaking Tuesday at an event hosted by Defense One and the Intelligence and National Security Alliance, Holcomb said the new Marketplace will provide a new pipeline for innovation to the IC, allowing intelligence officials to explore new technologies to which they otherwise might not have had access.
“It’s a big deal and we’ve all been waiting,” Holcomb said. “It’s that continued renewal and ensuring, from a technology perspective, that it stays fresh.”
Many companies in Silicon Valley and elsewhere in the U.S. are now looking to get their analytics, big data and other product offerings before the eyes of IC officials. Tom Hall, technical director for the IC chief information officer, said the IC Marketplace helps bypass acquisition problems that have plagued government for decades.
Classic systems acquisition can take years, Hall said, by which time an acquired technology is already out of date. The federal government also has a dubious track record in software and other large-scale IT acquisitions, wasting $9.2 billion in the past decade, according to the Government Accountability Office.
“We were obsolete before we even started,” Hall said, adding that cloud computing is helping keep the IC close to the bleeding edge of innovation.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
In the IC Marketplace, AWS will vet offerings against CIA standards, ensuring a high threshold for both technical security and vendor credibility – foreign-owned companies, for example, can’t have service offerings on the IC Marketplace – and the possibility of rapid deployment.
“This is a departure from classic systems acquisition,” Hall added.
The new Marketplace also allows IC agencies to try vetted solutions before they buy them – a feature previously unavailable to the IC. Using the C2S cloud, intelligence officials and developers can play around with applications and offerings in a classified environment before they commit to spending money.
“It’s kind of like the door-to-door salesman,” Holcomb said. “They bring the product to my environment so I can test it. It’s try before you buy on the high (classified) side, and that just doesn’t happen.”
At least initially, intelligence agencies will take a deliberate approach to examining the capabilities of solutions on the Marketplace and providing feedback, said Thomas Husband, mission transformation task force chief for the Defense Intelligence Agency. Early feedback is likely to help shape a full-scale roll-out of the IC Marketplace in the coming months.
“The [early] focus is on the capabilities and not necessarily the product itself,” Husband said. “I anticipate they’ll be a great deal of development because of that feedback.”
There are some growing pains expected.
Holcomb said the vetting process has slowed the IC Marketplace launch. Buyers of services through the IC Marketplace will “still have the responsibility to do any accreditation issues or other vetting their agency wants them to do.” In other words, what works for the CIA may not work precisely for DIA or the FBI.
“There are some things we have to figure out,” Holcomb said. “But I think the CIA feels very comfortable that they have people ready.”
The CIA declined to comment for this story.