The most recent strikes on Iran’s nuclear facilities relied on more than 30 Tomahawk missiles fired from an attack submarine. Early last year, more than 80 Tomahawks struck targets in Yemen to kick off a month-long American and British campaign against Iran’s Houthi proxies. However, more Navy cruise missiles were expended in these two brief operations, against militarily unsophisticated adversaries, than the Pentagon requested and Congress funded over the same period.

America’s anemic production rates of these and other crucial munitions loom large in deterring aggression in the Indo-Pacific. Here, the vulnerability of U.S. bases and aircraft carriers would require the U.S. military to have the ability to hit an enormous number of Chinese targets well beyond the range of most of its land- or carrier-based combat aircraft. A series of think tank wargames concluded that a conflict in the Taiwan Strait would consume multiple thousands of long-range strike munitions that would exhaust available U.S. inventories within three weeks.

“God forbid, if we were in a short-term conflict, it would be short-term because we don’t have enough munitions to sustain a long-term fight,” Rep. Tom Cole (R-OK), chairman of the House Appropriations Committee, warned during a recent hearing.

The potential gap between our military needs and industrial throughput is jarring. It calls not only for expanding the numbers and variety of munitions suppliers, but also for deploying the most innovative software in the Defense Department to proactively and assertively oversee them for outcomes. 

America’s traditional defense industry — working through the traditional defense acquisitions system — continues to make the world’s advanced weapons with often spectacular results, as we saw with the B-2s and bunker busters in Iran. But the process is akin to the artisanal production in medieval guilds. Each advanced munition — from long-range strike missiles to missile-defense interceptors — costs millions of dollars to produce and several years to build.  

In recent months, the Defense Department has provided seed funding under the Defense Production Act for more suppliers of solid rocket motors and energetics, stood up a “Munitions War Room,” and engaged the prime contractors directly and pointedly to boost production rates.

Congress has done its part by, after years of DOD requests, authorizing the use of multi-year procurement for long-range anti-ship and air-to-ground missiles (LRASM, JAASM) and missile interceptors (PAC-3 “Patriot”).

The Pentagon should take advantage of non-traditional technology companies — hardware and software makers alike — to furnish a constant flow of actionable options, alternatives, and expanded output. That also involves the DOD articulating a “good enough” set of specs for cruise and interceptor missiles that meet minimum requirements for range, payload, speed, precision, electronic warfare shielding, and compatibility with existing U.S. air and naval launch platforms.

“We need to look at other vendors,” Acting Chief of Naval Operations Adm. James Kilby told the House Appropriations Committee. “They may not be able to produce the same exact specifications, but they might be able to produce a missile that’s effective, which is more effective than no missile.”

New industry entrants are stepping forward with alternative offerings. Others are taking advantage of 3D printing and modular design to produce cheaper missiles that can still get the job done. The question is whether they will get orders from DOD and, equally important, whether they can deliver at scale and on time. The same goes for traditional contractors who are willing to introduce lower-cost alternatives to their profitable incumbent munitions programs.

The usual market solution — increasing orders (and thus demand) for needed munitions — is necessary but insufficient. The underlying structural challenge is capacity and supply — an American industrial base that is not big enough to generate enough materials, metals, chemicals, batteries, sensors, and micro-electronics to surge long-range munitions while also supplying other military weapons systems and commercial products.

For example, after a series of corporate consolidations there are now only two qualified providers — down from six in the 1990s — of military solid rocket motors, a leading cause of munitions production delays. Other rocket motor vendors — Anduril, X-Bow, and Ursa Major, for instance — are coming online with DOD support, while still years away from commencing new production.

The problem is systemic across multiple advanced munitions systems that share and compete for the same scarce components.

Yet, defense supply chains are still mostly tracked and managed as individual programs, often in manual spreadsheets, without the relevant puts and takes on the broader industrial base. For crucial components information, DOD depends way too heavily on the willingness of prime contractors to divulge their own data. Defense leaders lack the modern data capability to hold the primes accountable, and the primes’ own ability to harness the industrial base is more mid-20th century than early 21st. What defense planners need is the AI capability to track and prioritize scarce items across the broader munitions supply chain enterprise, and enable action. The good news is: that AI exists today, out-of-the-box.

Modern data science and analytics make the difference by providing a comprehensive view of supply chains from final assembly at the prime level, down multiple tiers of sub-components, and further down to the smallest washers and widgets. AI-enabled software integrates both internal program data and publicly available information (on competing demand, alternative parts, shipping routes, company financial health, foreign ownership, etc.) to identify vulnerabilities and gaps while generating alternative solutions. For example, identifying a commercial part with 95% commonality to the item holding up military production. 

Reversing the post-Cold War consolidation and withering of America’s defense industrial base — for munitions and everything else — might be the work of years, decades even. But, harnessing the industrial base we have exponentially better than we currently do is within our power now, with defense acquisition software to increase yield. 

By opening the door to new partners, better utilizing our existing industrial bases, and enabling speed and affordability, America can regain its strategic edge and ensure its forces are never left wanting for the munitions they need to win.

Jeffrey Jeb Nadaner is a senior vice president at Govini, the defense acquisition software company. He served as the deputy assistant secretary of defense for industrial policy in the first Trump administration.

The post Fixing munitions shortages demands better hardware and new software appeared first on DefenseScoop.

At a congressional hearing in May, senior defense officials publicly acknowledged that CYBERCOM 2.0 — an initiative launched by U.S Cyber Command (CYBERCOM) to overhaul how it builds and manages cyber forces — fell short of the Pentagon’s expectations. The effort was loosely modeled on Special Operations Command, but even under this model, CYBERCOM still lacks the authority to enforce common standards for the services, tailor recruitment to the unique dynamics of cyberspace operations, or control initial training. “We think it needs even more work,” said Laurie Buckhout, the acting assistant secretary of defense for cyber policy.

There have been attempts to address structural shortfalls in the past. Most recently, Congress granted CYBERCOM enhanced budgetary control in fiscal year 2024, giving the command oversight of roughly $2 billion in acquisitions for cyber tools, systems, and training. But the services still control the vast majority of cyber acquisition funds.

More than two decades after declaring cyberspace a warfighting domain, the U.S. military relies on an inefficient and ineffective solution to generate the capabilities needed to defend it. CYBERCOM holds the primary responsibility for operating in and through cyberspace, but it relies on personnel drawn from five different military services to do so. There are no common standards for recruiting, initial training, or career progression across the services, and none treats cyberspace as a core mission. The result is chronic readiness gaps, inconsistent quality, and top talent regularly lost to the private sector.

The solution is not more reform around the margins. Instead, a dedicated U.S. Cyber Force is long overdue. A U.S. Cyber Force would unify the responsibility for recruiting, training, and promoting cyber talent under one roof. It would foster a cyber-native culture, prioritize cultivating mastery within the cyber domain, and allow for a more flexible, mission-driven force structure. This construct is consistent with how the military organizes itself to man, train, and equip forces across all the warfighting domains. And it is structurally and fiscally viable.

Some critics argue that a U.S. Cyber Force would be too costly and duplicative. But the initial budget would be largely budget-neutral by consolidating existing cyber funding. The fact is that the Department of Defense is already paying for this force, but scattered across five services, with a cyberspace activities budget of nearly $15 billion.

If a new service were created, CYBERCOM would remain as a unified combatant command and serve as the primary force employer — just as U.S. Space Command does for the U.S. Space Force.

The U.S. Cyber Force should focus on generating capabilities for three core missions. First, it should be responsible for generating forces for national-level defensive cyber missions, such as defending against active and ongoing threats facing the Defense Department or supporting defense of critical national infrastructure. Second, it should organize, train, and equip for offensive cyber missions to project power in and through cyberspace, both as an independent capability and as an enabler of joint force missions and objectives. And third, it should generate capabilities to support cyber-related military intelligence — especially foundational intelligence relevant for the cyber domain.

Scoping the remit of the U.S. Cyber Force will be critical to ensure its effectiveness, and some functions must remain outside its purview. For example, the U.S. Cyber Force should not take over the Defense Department’s day-to-day IT operations — it cannot and should not be the cybersecurity service provider for the department. Its role should also be carefully scoped when it comes to related but not core functions, such as information warfare or artificial intelligence.

In short, the U.S. Cyber Force must focus squarely on warfighting readiness in cyberspace — building elite forces to defend national interests, deter adversaries, and, if necessary, fight and win in the cyber domain.

In designing the new service, the architects should focus on five core design principles. First, the service should prioritize quality over quantity, recruiting and retaining the right people to perform the mission. Second, the U.S. Cyber Force should establish a model where career progression follows from demonstrated expertise, rather than time in service. Third, in light of the dynamic nature of the cyber domain, the force should be structured to enable flexibility and adaptation over time, as missions, technology, the threat environment, and other factors evolve.

Fourth, standing up the service should involve a phased transition, taking due care to minimize impact to ongoing cyber operations. And finally — and most importantly — the service must focus on organizational leadership and culture. The U.S. Cyber Force can succeed to the extent that it fosters an organizational culture conducive to the cyber domain.

Every year the Pentagon delays creating a U.S. Cyber Force, the military remains underprepared for modern conflict. Establishing a dedicated cyber service is not a moonshot. It is the logical next step to build a purposeful military for a domain the United States can no longer afford to neglect.

Erica Lonergan is an assistant professor at Columbia University’s School of International and Public Affairs and an adjunct fellow at the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation. She previously served as a senior director on the bipartisan Cyberspace Solarium Commission.

Jiwon Ma is the senior policy analyst at the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, where she contributes to the work of CSC 2.0 and authors its annual assessments.

The post The Pentagon knows its cyber force model is broken. Here’s how to fix it appeared first on DefenseScoop.

This bombshell revelation came just as the Department of Defense floated a “soft” deadline of 2035 to achieve Zero Trust (ZT) cyber protections for the same operational technology in weapons systems. The Pentagon’s Zero Trust portfolio director, Randy Resnick, described the DOD’s challenge in alarming terms: “We are far away. I’m suggesting fiscal [year 20]35 and beyond. That might actually be a 10-year effort or more.” This admission is not deterrence, but an open invitation for adversaries to ignore the Geneva Conventions and coerce Americans with existential threats. We are in a hot cyber war today, not in 2035. Our adversaries are attacking our water and power systems now. So why is the Pentagon telling our adversaries they have 10 years to penetrate our OT, disrupt mission-critical assets, and prevent weapons from launching and hitting their targets?

The secretary of defense and combatant commanders are prioritizing urgent lethality to immediately deter an adversary. We don’t have the luxury of time where “soft” deadlines introduce more risk to our global missions, weakening the deterrent credibility of the entire U.S. military. With global strife raging, we need this leadership in all programs, including the cyber protection of OT. However, when Pentagon leaders assess “no easy feat” with estimated capabilities “far away,” the message to adversaries is clear: We’re unprepared and unwilling to act quickly to counter this specific cyber threat… and that must change.

Zero trust means zero excuses.

The CIO must ensure that the next Zero Trust Strategy for Operational Technologies provides clear implementation guidance and mandatory compliance requirements. This means all stakeholders, along with deadlines and measurable cyber-related Key Performance Indicators (KPIs) tied to readiness and warfighter capability. Moreover, command leadership must be held accountable for these outcomes. Our adversaries are planning to utilize cyberattack vectors to compel national capitulation by disabling weapon systems, denying critical defense assets, and jamming communication pipelines. We need a sense of urgency and accountability to mitigate this risk to Golden Dome (once it comes online) and our forward-deployed forces.

The new CIO must work with all levels of command to alter the calculus in adversary cyber decision-making. No more “soft” goals and “far-off” timelines. We need a wartime footing inside the Pentagon’s cyber leadership, which means an operational sprint in which:

• COCOMS must demand defensive cyber capabilities for their OT assets from U.S. Cyber Command.
• Military cyber defenses must be extended to defend critical infrastructure.
• OT vulnerabilities must be accounted for in the department’s Information Assurance Enterprise Vulnerability Management Program (VMP).
• DOD’s Cyber Operational Readiness Assessment (CORA) criteria must include OT.
• A program of record must be established with effects-based goals and substantial funding for the rapid deployment of proven security tools already in use by private industry.
• OT protections must be prioritized in acquisition and sustainment programs.
• OT cyber protections must be integrated directly into operational availability metrics.

Zero trust isn’t a compliance exercise, it’s a warfighting necessity.

It’s time to stop admiring the challenge of implementing ZT for OT and get serious about cyber protections and resilience required to project power globally. When the CCP embeds malware in weapons systems, telecom networks, fuel systems and ammunition plants, as well as port cranes, rail systems and other critical assets, it is preparing for conflict with sabotaging activities. The Chinese have confirmed their intent and don’t care about strategies, data calls, or fan charts. If we accept a decade-long timeline, they will hurt our ability to deploy and fight effectively. The Defense Department must respond with urgency now with near-term risk mitigations, or our warfighters will be switched off just when our country needs them the most.

Lucian Niemeyer is an Air Force veteran, former professional staff member on the U.S. Senate Armed Services Committee, and former assistant secretary of defense who also served in the White House Office of Management and Budget. He currently leads the non-profit organization, BuildingCyberSecurity.org.

Tatyana Bolton is the executive director of the Operational Technology Cybersecurity Coalition, a principal at Monument Advocacy, and former policy director of the Cyberspace Solarium Commission. She has also served at the Department of Defense (DoD), the Cybersecurity and Infrastructure Security Agency (CISA), and Google. She currently serves on the Advisory Board of Berkeley’s CLTC and the Cybersafe Foundation, and as a senior advisor to CSC 2.0.

The post The Pentagon’s cyber malaise: Zero trust deadlines translate to zero urgency appeared first on DefenseScoop.

Talented, mission-driven professionals — some who left lucrative private-sector careers, others tracking lifelong roads of public service to serve — are now being pushed out of the very institutions they fought to improve. These weren’t side projects or token hires. They were seasoned professionals, some with decades of experience, brought in to modernize critical systems, close digital equity gaps, and help rebuild trust in institutions that have too often failed the people they serve. When we lay them off, it sends a clear message: Innovation is expendable. And people feel it.

This isn’t a story about loss. It’s about what it takes to say yes to service — and why the door into government needs to stay open, especially for those who’ve had to work twice as hard just to reach it.

A long road to “yes”

I came to this country as a Cambodian refugee. I didn’t grow up with a roadmap to public service. My family didn’t have connections in Washington, and we didn’t understand the unspoken codes of federal hiring. But we believed in this country — and I believed that government should be open to anyone willing to do the work. 

So I showed up. I waited months for onboarding. I filled out background checks that asked me to recall details from places I barely escaped. If you’re an immigrant or refugee, the clearance process isn’t just paperwork — it’s a trial of faith. You’re asked for documents you may never have had. You’re scrutinized for family ties to regions you fled. You’re questioned about timelines you barely survived. And all the while, you carry the quiet weight of knowing your origin story, not your ability, might be the reason you’re screened out.

And yet, we persist. 

Because we believed in the opportunity to serve. We know that this country doesn’t just need the most polished resumes. It needs lived experience, grit, and people who understand government — not just as insiders but as everyday users of its services. 

Because we believe that our experiences — our differences — are part of what makes this country stronger. We believe in the mission. And we’re willing to endure the gauntlet not for prestige or power, but for the chance to give back to the very system that gave us a second chance.

Because we believe this system doesn’t account for people like us — but it requires people like us. People with resilience, range, and a deep sense of mission.

And that’s why, even after all the waiting, the uncertainty, the second-guessing — I still said yes.

Not because it was easy. But because I believe the opportunity to serve — to shape the system from the inside — was too meaningful to walk away from. I knew that if I could make it through the door, I could help open it for others.

Why we still choose to serve

And I was fortunate because people believed in me. I had the opportunity to serve first at the Defense Digital Service (DDS), the Department of Defense’s “SWAT team of nerds,” where I worked on mission-critical programs like Project Rabbit in support of Operation Allies Refuge. Later, I returned to the department as the first-ever Customer Experience Officer and helped transform how our nation’s largest employer delivers digital services to those in uniform and those who support them.

The path wasn’t easy. But it was worth it.

What kept me going was the people: brilliant, mission-driven civil servants and digital leaders who believed that technology should serve the public, not the other way around. I was proud to stand beside them, bringing not just my experience from the tech world, but my lived experience as someone who knows what it means to build a life from nothing and still give back.

And now — even fewer seats at the table

As if the hiring process weren’t challenging enough, we’re now watching the table itself shrink.

Across government, layoffs, restructuring, and budget constraints are forcing talented, mission-driven professionals out of the very institutions they worked so hard to get into. Some of the most impactful programs, created precisely to bring in fresh perspectives and accelerate innovation, are being scaled back, defunded, or sunsetted altogether.

What’s worse is the ripple effect. Talented early-career professionals now see instability. Refugees and immigrants wonder if they were ever really welcome. Private-sector experts question whether the sacrifice is worth it.

This is more than just organizational reshuffling. It’s a loss of momentum and, for many, a loss of faith. We’re not just losing people; we’re losing trust, and that’s harder to rebuild.

The bar should be high — but the door should be open

I still believe in a high bar. These roles shape policy, security, and lives. They should demand excellence. But excellence and exclusivity aren’t the same.

Too often, our hiring systems reward familiarity over capability. They favor the polished, not the prepared. They assume that if you don’t speak the language of USAJobs or clearance investigations, you must not belong. That’s not merit — that’s legacy.

We can do better. We can build systems that uphold rigor and recognize resilience. That treats unconventional paths as assets, not risks. That makes space for the startup founder, the refugee, the self-taught technologist — the person who didn’t grow up imagining they’d work in government, but showed up anyway.

Final thoughts

Public service isn’t perfect. But it’s one of the few places where your work can outlive you.

I didn’t come from the system, but I was trusted to help improve it. I built things that mattered. I brought urgency where there was inertia. I advocated for the user when no one else was in the room. And I did it all with the perspective of someone who never expected to be let in and never took the opportunity for granted.

Keep the bar high. But keep the door open.

We can’t afford to lose them.

And we can’t afford to lose what they still have to offer.

This piece isn’t a eulogy. It’s a message to leadership: Don’t confuse short-term disruption with long-term disqualification. The people who were laid off aren’t gone — they’re watching. They’re weighing whether government will still make space for builders, reformers, and outsiders. If we let this moment pass without intention, we risk shrinking the very table we worked so hard to expand.

The post We came in believing. We left in silence. appeared first on DefenseScoop.

Today, America’s federal cyber establishment faces a similar crisis of fragmentation. Born of disjointed legislation, overlapping executive orders, and competing congressional mandates, our cyber defense infrastructure has evolved into a convoluted maze where organizational boundaries matter more than mission success.

A fragmented cyber battlefield

The U.S. cyber domain’s evolution has occurred with little strategic coordination, creating unclear jurisdictions and mission overlap. The Department of Defense (DOD) and U.S. Cyber Command (USCYBERCOM) oversee military cyber operations, yet their efforts often compete with the National Security Agency’s (NSA) intelligence-driven priorities. The Cybersecurity and Infrastructure Security Agency (CISA) defends civilian networks but lacks sufficient authorities to compel action across the private sector. The Federal Bureau of Investigation (FBI) handles cybercrime investigations, while the Office of the National Cyber Director (ONCD) attempts to provide strategic oversight — all while adversaries exploit the strategic, operational, and jurisdictional seams between these various civilian and military organizations governed by different statutes.

This disjointed approach has led to catastrophic security failures. During the 2020 SolarWinds breach, Russian intelligence services infiltrated government and private networks while exploiting the gaps between our defensive organizations. The sophisticated cyber-espionage operation went undetected for months, with agencies like CISA, NSA, and FBI struggling to coordinate responses within their respective lanes. When the breach was finally discovered, our fragmented cyber ecosystem couldn’t assemble a complete picture of the attack, with each agency holding only pieces of the puzzle.

The 2021 Colonial Pipeline ransomware attack paralyzed fuel distribution across the East Coast, exposing critical weaknesses in public-private cyber collaboration. As federal agencies debated jurisdictional boundaries and response authorities, Americans faced gas shortages and price spikes. The FBI, CISA, Department of Energy, and multiple other agencies worked parallel tracks with limited coordination, demonstrating how our fractured response system fails during crises that cross public-private boundaries.

More recently, China’s SALT TYPHOON and VOLT TYPHOON campaigns methodically targeted our telecommunications infrastructure, maritime ports, and power grid systems. These persistent, sophisticated intrusions established footholds in critical infrastructure while our agencies struggled to share information effectively. Intelligence agencies detected the threats but faced bureaucratic hurdles in disseminating actionable information to defensive agencies and private sector targets.

In each case, multiple agencies responded with competing priorities: some focused on intelligence collection, others on attribution, and still others on defensive measures — often without real-time coordination or information sharing. Our adversaries deliberately target these organizational seams, knowing that our fragmented response system will delay effective countermeasures.

Geopolitical adversaries exploit our fragmentation

America’s cyber vulnerabilities are not hypothetical — they are actively and daily exploited by our adversaries. China’s persistent cyber-espionage campaigns target U.S. defense contractors and critical infrastructure through operations like VOLT TYPHOON. Russian state-backed hackers conduct disinformation and cyber disruption operations, seeking to undermine public trust. North Korean hackers fund their regime through cryptocurrency theft, while Iran grows increasingly aggressive in targeting American executives and government officials.

These nation-states deliberately exploit the seams between our agencies’ jurisdictions. When an attack crosses from intelligence gathering to destructive effects, from foreign to domestic networks, or from government to private infrastructure, our response fractures along organizational boundaries. Each agency follows its own playbook, often with limited visibility into parallel efforts.

Moreover, in the age of artificial intelligence, the scale and sophistication of cyber attacks will increase dramatically, with potential for unprecedented physical damage and even loss of life beyond purely digital impacts. Our adversaries have already unified their cyber operations under centralized command structures that blend military, intelligence, and criminal capabilities, while we remain divided.

The Cyber Council of Nicaea: A unifying solution

A Cyber Council of Nicaea would serve as a permanent, high-level forum backed by executive order and congressional authorization for resolving cyber policy disputes, coordinating national strategy, and setting enforceable standards. Unlike current ad-hoc coordination mechanisms that lack decisive authority, the Council would have the mandate to make and enforce binding decisions. Its core objectives would be:

Doctrinal unity — Establish a national cyber doctrine clearly defining roles, responsibilities, authorities, and response protocols.

Operational deconfliction — Synchronize military, intelligence, law enforcement, and civilian cyber operations.

Information sharing — Establish efficient and secure pathways for information sharing across agencies and with private sector partners.

Crisis response coordination — Develop binding frameworks for responding to attacks on critical infrastructure, including specific playbooks for common scenarios.

Public-private integration — Foster structured engagement with industry leaders through meaningful incentives and mutual benefit arrangements.

Readiness exercise planning — Develop and execute regular cross-sector cyber exercises modeled after nuclear response readiness drills.

Geopolitical cyber strategy — Align cyber operations with broader national security goals.

The Council’s structure would mirror successful national security decision-making bodies while avoiding excessive bureaucracy:

Chair: National Cyber Director with enhanced authorities via executive order, ensuring overarching strategic coherence and direct presidential reporting.

Core members: Leaders from DOD (to include National Guard), Coast Guard, NSA, CISA, FBI, USCYBERCOM, NSC, and the Office of the Director of National Intelligence (ODNI).

Advisory panel: Private sector cybersecurity executives and critical infrastructure representatives with defined incentives for participation, including enhanced threat intelligence access and priority incident response support.

Standing working groups: Composed of subject-matter experts from member agencies and private sector, focused on doctrine development, interagency coordination, and international cyber norms.

Unlike existing coordinating bodies, the Council would have the authority to make binding decisions about roles, responsibilities, authorities, and resources during both steady-state operations and crisis response. Reporting directly to both the Executive Branch and relevant congressional committees would ensure accountability and oversight. The Council would convene regularly for strategic planning and activate immediately during cyber emergencies, with clear lines of authority established in advance.

Learning from successful models

The Goldwater-Nichols Act of 1986 revolutionized the U.S. military by mandating joint operations and forcing inter-service cooperation after failures in Grenada and elsewhere demonstrated the costs of fragmentation. While imperfect, it fundamentally transformed military effectiveness by compelling unity across service boundaries. Nuclear response and readiness provides another successful model, with comprehensive exercises that coordinate military and government agencies, private sector partners, and even international allies.

A Cyber Council of Nicaea could achieve similar transformative effects for the cyber domain, compelling unity where fragmentation currently reigns, while avoiding the pitfalls of excessive centralization that could stifle innovation or create new bureaucratic obstacles.

Addressing the counterarguments

Skeptics may argue that adding another layer of coordination risks bureaucratic inefficiency. However, the status quo — where cyber responsibilities are split across multiple agencies without a unifying authority — has already proven inefficient and dangerous. The Council would not add bureaucracy but rather streamline existing processes by establishing clear decision paths and eliminating duplicative efforts. Recent examples like SolarWinds and Colonial Pipeline demonstrate how our current approach costs precious time during crises when every minute counts.

Concerns over interagency rivalry are valid but not insurmountable. By establishing clear lines of authority for specific scenarios in advance and building regular coordination exercises into agency operations, the Council would reduce friction during crises. The current nominated ONCD leadership may lack the gravitas of the original Council of Nicaea’s Emperor, but enhanced authority through executive order and congressional mandate would provide the necessary power to drive meaningful coordination.

Regarding private sector involvement, the Council would ensure that response measures balance national security with business continuity and civil liberties through meaningful industry participation. Rather than imposing one-way requirements, this approach would provide tangible benefits to participating companies through enhanced intelligence sharing, technical assistance, and coordinated incident response support.

The alternative — allowing China, Russia, and other adversaries to continue exploiting our divisions — is simply unacceptable.

A call to action

Cyberspace is unquestionably the battlefield of the 21st century, yet we continue to defend it with organizational structures designed for the industrial age. The National Security Council and Congress should immediately authorize and convene the first Cyber Council of Nicaea, bringing together key stakeholders to define America’s cyber future.

Implementation will require amendments to existing authorities and potentially new legislation, but the fundamental architecture already exists in the form of existing coordination bodies. What’s missing is decisive leadership with real authority and accountability — gaps the Council would fill.

The recent Executive Order shifting resilience responsibilities to states makes this Council even more critical, as it must establish the frameworks and standards that will guide state-level cyber defense efforts, preventing further fragmentation at the state and local levels.

Without decisive action, we risk continued fragmentation, persistent vulnerabilities, and a strategic disadvantage against adversaries who operate with singular focus. The Cyber Council of Nicaea isn’t just an administrative reform, it’s an urgent national security imperative that must be established before the next major attack forces reactive, chaotic policymaking in its aftermath.

The choice is clear: unify now or remain divided until disaster forces our hand.

Authors’ note: Brad Levine; John Dobrydney, DSc; Hala Nelson, Ph.D., and Ken Kurz were kind enough to lend their knowledge, expertise, and constructive feedback in the development of this Op-Ed.

Daniel Van Wagenen is a retired Army combat infantryman and defensive cyber operator. He is also the co-founder of the Association of the U.S. Cyber Forces (AUSCF), the first dedicated nonprofit to being a voice for the cyber warfighter, and co-founder and COO of Minerva Cyber Technologies, a full-spectrum cyber operations services and products firm.

Kim Irving is a senior cyber executive focused on supporting the warfighter and the national security mission. Co-founder and CEO of Minerva Cyber Technologies, she has 20+ years of experience serving on executive leadership teams and boards. Her experience includes full-spectrum cyber services and capability development for U.S. Cyber Command, Army Cyber Command, Air Force Cyber Command, Navy Fleet Cyber Command, and Marine Corps Forces Cyberspace Command.

The post The Cyber Council of Nicaea: Unifying America’s fragmented digital defense appeared first on DefenseScoop.

Once the poster child of a newly data-centric and audit-oriented Department of Defense, Advana has since become yet another exemplar of a DOD software development project that lost its way. Now it rightly finds itself under the DOGE microscope.

The moniker comes from a mash-up of “Advancing Analytics,” and while that may be clever branding, the generic terms also hint at the problem. The original vision for Advana as a data management solution to create auditable data for the Defense Department ballooned over the past five years to become the defense software solution to rule them all. By DOD’s own admission, Advana offers “something for everyone.”

The problem is that this is a terrible way to build software.

As Advana expanded, the intuition was that it would serve as a core data infrastructure across DOD and thereby solve the department’s historic siloed data issues. Instead, the expansion was driven by a single vendor, building a bespoke vertically integrated solution that created a rigid architecture and a set of applications that were applied generically to every problem set.

Great software is purpose-built for specific user personas (i.e., the opposite of “everyone”) and solves defined, distinct problems. That said, a natural challenge of any successful product organization is to identify opportunities for growth without straying too far from what it does well.

Even the greatest technology companies don’t always thread this needle well. There is a reason Google Plus and Apple Ping never caught on, for example. The products weren’t differentiated; the user experience was poor; and the tech giants simply didn’t understand the social media user base. In these cases, however, the market provided swift and objective feedback that these products were off course. Metrics ranging from user adoption to revenue quickly reoriented Google and Apple product teams back to core offerings and onto other experiments.

The government has no self-correcting mechanism. This is how Advana, which gained early success as a system for organizing DOD’s financial statement data, ended up with a billion-dollar budget to build “something for everyone” and unfortunately, did it all poorly.

Origin Story

Advana started with a clear focus and purpose: audit readiness. Early on, DOD officials pointed to the department’s many disconnected audit software systems as a core reason for audit failures. Advana was therefore originally launched as the Universe of Transactions (UoT), designed to address and resolve the data relevant to financial statements and thereby position the department to achieve the long-sought-after and laudable goal of passing a financial audit.

At an industry event in 2019, the DOD Comptroller lead described the problem statement with a question that a DOD auditor had posed to him, “Can you tell me which data sources account for this line on this balance sheet?” Answering that question required tracing back to dozens of different systems with no navigable provenance.

It was clear this reality was unacceptable and by 2019, UoT had made significant progress on the data front, with more than 38 different financial management systems integrated and billions of linked financial transactions. Unfortunately, just as the program was getting traction with use cases related to Budget Analysis, Audit Workbooks, and Dormant Account Reviews, scope creep set in. UoT began expanding its focus beyond financial management and audit to medical readiness, safety, and workforce issues. The “something for everyone” ethos was born.

Two years later, in 2021, DOD awarded Booz Allen Hamilton a $647 million contract to continue expanding Advana’s remit. In 2022, the program migrated from the Comptroller’s office to the DOD’s Chief Digital and AI Office (CDAO), its governance mirroring its increasingly expansive focus. In 2024, CDAO paused the launch of new applications to focus on the back-end data management platform and explicitly de-linked the infrastructure and application layers.

Lack of Traction

Today, the estimated spend on Advana is $1.3 billion. In 2024, CDAO announced it would fund the program up to $15 billion for the next 10 years. Yet, as Advana has morphed into a catch-all data management system for DOD, its lack of focus on the platform’s core mission has slowed progress on audit readiness. Rather, unrelated use cases and mission areas expanded beyond medical readiness and workforce to include acquisition, supply chain, and more, partially fulfilling the “something for everyone” idea, but fully satisfying no one.

Part of the challenge associated with this breadth is the inability to be responsive to user needs and requests. Modern software companies deliver dozens of releases with new features, updates, and bug fixes every week. With Advana, users report being in the product roadmap queue for years with little transparency on the timelines. Offices are charged for development of new workflows, begging the question of what the billion-dollar investment actually gets DOD. Prioritizing these workflows as part of the consolidated product roadmap is opaque to stakeholders, further obfuscating time of delivery. 

These are the types of warning signals that would force the executives overseeing any billion-dollar software enterprise to an emergency management session in order to evaluate what has gone wrong and how to change course.

Getting Back on Track

In 2024, CDAO paused new applications to focus on Advana’s back-end data management, and de-linked the infrastructure and application layers. These were critical first steps in righting the program. The upgrades to the backend data infrastructure now provide a platform to layer on top best-in-class commercial applications specific to the day-to-day needs of users.

Today, Secretary Hegseth has an opening to get Advana back on track and in so doing, advance DOD’s prospects of achieving the original goal of a successful audit. Issuing a clear directive that Advana should focus on financial data management and be the technology solution to help DOD finally crest the audit summit would reorient Advana to its original purpose and set the Trump administration up for success where its predecessors have struggled.

To make this a reality, the Pentagon needs to clearly reposition Advana as the financial data and audit readiness platform for DOD, both internally to defense stakeholders and with industry. CDAO should realign Advana’s scope and resourcing with the DOD Comptroller’s audit and financial management priorities and implement governance structures that ensure Advana’s ongoing support and alignment with its core mission. Publicly, the follow-on contract for Advana should explicitly separate performance on the data infrastructure layers (data storage, compute, etc.) which may be broad from a more refined and limited set of task orders on financial management and audit use cases and thoroughly communicated to industry.

A Bright Future

DOD auditability is an essential step to achieving larger strategic goals, including modernizing the force to deter China. Advana has a bright future in a department that has a renewed vigor for fiscal responsibility and financial management. Getting there will require re-focusing the program on the fundamentals. While Advana has made great progress in organizing defense enterprise data, it has failed to be the software system that defense financial managers need to fully realize the Pentagon’s audit priorities. Abandoning the idea that it can be “something for everyone” and aligning to the “best chance to pass an audit” is a winning strategy that DOD has a unique moment in time to adopt and implement.

Tara Murphy Dougherty is CEO of Govini.

The post Make Advana Great Again appeared first on DefenseScoop.

The U.S. military maintains an extensive global footprint, with 800 installations spanning more than 70 countries and territories. Public and private utilities own and operate the power lines, water pipes, and fiber optic cables that supply these bases. Yet once those systems cross the fence line onto military facilities, the U.S. military is responsible for ensuring their safe and reliable operation and restoration during an attack.

The problem is many of the professionals tasked with maintaining these critical systems might not recognize a cyberattack for what it is because they’ve received no specified training. They often see an operational disruption, assume it is just a system malfunction, and move quickly to restore systems, potentially wiping out the forensics data that cyber professionals need to discern how an attacker got in and disrupted the system.

Without a dedicated forensic investigation, engineers who respond to the symptoms of an attack may simply revert the system back to the same vulnerable state that the attacker exploited in the first place. Crucial intelligence clues about the attack’s provenance and intent will be lost.

At Fort Leonard Wood (FTLW), Missouri, the Army and the U.S. Army Corps of Engineers (USACE) provide world-class training for the professionals who maintain both our civilian and military critical infrastructure. However, in the vast majority of these programs, there is no basic cybersecurity curriculum.

This critical omission leaves America vulnerable and the professionals who respond ill-equipped to confront malicious state-backed actors who seek to compromise the operational integrity of control systems. This is not merely a cybersecurity problem but a national security problem. Today’s battlefield extends to the contested virtual domain. The advantages of two large oceans that have provided standoff and a defensible homeland do not prevent the battlefield from extending to our military bases. Our adversaries aim to deny or destroy the technological supremacy that underpins our military’s ability to project power. Our military engineers must be trained to respond to the advances of modern warfare.

Other federal agencies acknowledge the importance of cybersecurity training for their engineers. The Department of Energy released a national strategy on cyber-informed engineering three years ago, placing cybersecurity at the foundation of engineering for energy systems. Similarly, the Cybersecurity and Infrastructure Security Agency (CISA) has spent the last two years working with technology and device manufacturers and evangelizing the importance of building security into systems from the outset. Even the Department of Commerce’s National Institute of Standards and Technology has issued “cyber resilient engineering” guidelines for industrial control systems.

Despite these efforts, silos still exist between DOD cyber incident response and remediation teams and the engineers responsible for maintaining critical systems. The DOD has not trained military engineers to collaborate with network defenders to secure the industrial control systems against cyber threats.

As recent headlines have affirmed, military bases are high-value targets for nation-state hackers. Their power grids, HVAC and airfield lighting, access security, fuel systems, and water utilities were initially designed for reliability, not security. But these systems cannot be reliable if they are not secure, and America’s adversaries know that undermining system reliability degrades miliary readiness and our ability to project power.

The knowledge gap of our engineers — and the resulting dangerous national security risk — need not persist. FTLW houses the multi-service Maneuver Support Center of Excellence for engineering, military police, biological, chemical, radiological, and nuclear training. This training heritage positions its Prime Power School to expand its multi-service curriculum to include cybersecurity-driven engineering for all Army Combat Engineers and Navy Seabees. The Air Force’s Red Horse Units and public works personnel should also learn to identify and respond to cyber threats.

Prioritizing a comprehensive cybersecurity curriculum will prepare these engineers to maintain military readiness, respond to emerging threats, and win against all hazards, including cyber malfeasance. Once trained and deployed, these engineers will actively ensure the military’s critical assets necessary for executing military operations at home and abroad.

Establishing a joint-service schoolhouse, co-located with the USACE’s Prime Power School at FTLW, will create a hub of expertise and a pipeline for an organic DOD workforce. This initiative will amplify the resilience of home-based and forward-deployed forces, especially in the Indo-Pacific, where China is actively working to undermine our military’s ability to achieve national security objectives, which start here in the homeland.

From the Battle of Iwo Jima to today, engineers have played a critical role in protecting our forces and defeating enemy counterefforts. The U.S. military’s engineers don’t just build infrastructure; their expertise shapes the battlefield itself, ensuring victory through innovation. Now, as wars extend into the cyber domain, the same expertise must evolve. Establishing an all-service training curriculum at FTLW focused on detecting, responding to, attributing, analyzing, remediating, and sharing information about malicious cyber behavior would ensure their legacy of paving the way to victory continues in the digital age.

Alison King is vice president of government affairs at Forescout and a senior fellow at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. Before joining Forescout, Alison spent over a decade in the federal civil service, working for the Department of the Navy and the Cybersecurity Infrastructure Security Agency.

Annie Fixler is the director of the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies and facilitates the Department of Energy’s Operational Technology Defender Fellowship.

Rear Adm. (Ret.) Mark Montgomery is CCTI’s senior director and served as executive director of the congressionally mandated Cyberspace Solarium Commission. He served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017.

The post US must prioritize cybersecurity training for the military’s engineers appeared first on DefenseScoop.

Communist China is especially dangerous because, unlike other adversaries, it is able to compete with and potentially surpass the United States economically. Many of my colleagues in Congress have appropriately pointed out the urgency with which the United States needs to modernize our economy with the most state-of-the-art technology, a key component of which is building out a robust 5G telecommunications infrastructure. Information flow is increasingly central to our highly digitized economy, and the importance of a modern, optimized 5G telecommunications network is vital. I agree with my colleagues that we need to dominate next-generation wireless technologies to stay ahead of our adversaries and advance strong economic growth. Economic power is military power — just ask the totalitarian adversaries the United States has left on the dust heap of history.

You will find no disagreement in the halls of Congress on the importance of building out America’s 5G infrastructure. Many are frustrated with the slow pace at which the Federal Communications Commission and Congress have been moving to restore spectrum auction authority and open up more spectrum bands for commercial use. Unfortunately, when it comes to how to reach that goal, some are willing to sell Department of Defense (DOD) capabilities for short term economic gain. This would be just as disastrous to our national security in the long run as not developing our 5G networks. 

Many of our military’s most important radar systems operate on the 3.1-3.45 gigahertz (GHz) band of the spectrum, referred to as the lower-3 band. These radars are essential to homeland defense missions and protecting our troops overseas. Right now, Arleigh Burke-class destroyers are conducting missile defense missions off the coasts of the United States and protecting our deployed forces in the Red Sea against sophisticated Houthi missile and drone attacks. The Navy’s Aegis Combat System relies heavily on the lower-3 band, using radars to track threats and guide weapons to targets. Forcing the DOD to vacate or share those portions of the spectrum would cost taxpayers dearly — the Navy alone estimates that it would cost them $250 billion to migrate their systems to other bands of the spectrum, and that would take time we do not have with the looming threat of a belligerent Communist China.

Furthermore, on January 27, 2025, President Trump issued a potentially game changing Executive Order directing the DOD to develop and build an “Iron Dome Missile Defense Shield for America.” Before the Senate Armed Services Committee this month, General Guillot, the Commander of Northern Command charged with protecting our homeland, confirmed that NORTHCOM needs unfettered access to portions of the spectrum, and that any Iron Dome for America concept is dead on arrival if the DOD has to vacate the lower-3 band and other crucial portions of the spectrum. In short, the binary choice many in the telecommunications industry are lobbying Congress to make would kill President Trump’s Iron Dome for America and continue to leave the U.S. homeland exposed to an array of long-range strike threats ranging from intercontinental ballistic missiles to cruise missiles to hypersonic weapons. The American people should not accept this. I agree with President Trump’s vision, and therefore want to safeguard the DOD spectrum necessary for developing and deploying an Iron Dome for America, ranging from point defense up to a space-based layer.

Advocates for restricting DOD’s use of the lower-3 band or portions of the 7 and 8 GHz band of spectrum argue that Communist China has been willing to build out some of their 5G infrastructure on those bands. However, the Chinese Communist Party (CCP) can arbitrarily turn off or blow out commercial use and infrastructure of any portion of the spectrum whenever they want with no recourse for civilian users, and provide their military primacy in spectrum use. Certainly, that is not a situation the U.S. telecommunications industry is interested in.

The telecommunications industry should abandon its quest to restrict the DOD’s use of the lower-3 band or require it to share all or a portion of the band — a course of action which would materially damage the national security of the United States. The DOD has developed exquisite radars on this portion of the spectrum precisely because of the unique physics there which enable them to function so effectively. There is a reason the CCP is actively advocating that other countries around the world build out their 5G infrastructure on the lower-3 band. It is to limit the capabilities of our most capable radars.

The twofold path forward must be (1) an aggressive pursuit of spectrum sharing technology for use throughout the spectrum (not just the critical lower-3 band), and (2) a thorough and candid assessment of what portion, if any, of the 7 and 8 GHz band of spectrum can be auctioned off to industry without harming national security. From there, Congress can give the spectrum auction authority necessary. This should happen quickly as 5G expansion remains a priority.  

As the United States engages in this competition with Communist China with a renewed vigor under the Trump administration, it is imperative that we not trade national security for economic prosperity. Now is not the time to degrade our military capabilities, especially those capabilities needed to defend our homeland from attack. We never want to send our troops into a fair fight. We want to give them every possible advantage to prevail with minimum losses. That includes crucial bands of the electromagnetic spectrum. I look forward to working with my colleagues to find a solution to the ever-increasing demand for spectrum usage, while acknowledging our need to restrict certain portions for national security.

Sen. Mike Rounds, R-S.D., is a member of the Senate Armed Services Committee, chair of the SASC Subcommittee on Cybersecurity, and also serves on the SASC Subcommittee on Emerging Threats and Capabilities and the SASC Subcommittee on Strategic Forces.

The post Protection of spectrum by Congress also protects Trump’s Iron Dome from shortsighted 5G policy appeared first on DefenseScoop.

The top-down requirements process Ukraine’s military inherited from Moscow in the 1990s kept headquarters analysts employed but left 87 percent of needs unfulfilled. Today, warfighters get the final say in what gets built. Drones that once relied on GPS and luck now use automated navigation and targeting algorithms to overcome operator error and Russian jamming, raising success rates from 20 percent to 70 percent. The newest generation uses fiber-optic cable for communication to eliminate the threat of electronic interference.

The Pentagon’s approach to weapon development looks more like the one used by Soviet apparatchiks. Requirements officers in the Joint Staff and military services try to guess capability gaps and potential solutions years in advance. By the time these analyses emerge from the Joint Capabilities Integration and Development System (JCIDS) two years later, the threat has changed, technology has marched on, and a different solution is likely needed.

By definition, predictive planning systems such as JCIDS cannot work in a dynamic environment. They define performance metrics before testing a single prototype because they assume cutting-edge defense systems can only arise from dedicated government-led research and development. That approach is now obsolete thanks to the rapid advance and broad availability of militarily-relevant commercial technology.

Ukraine’s successes show how the U.S. Department of Defense could unlock the potential of private-sector innovation through collaborative experimentation between engineers and operators. Instead of funneling their needs through a multi-year staffing process, Ukrainian commanders talk with local drone pilots and data scientists to identify problems and reach out to government offices that can pay for solutions.

Under Kyiv’s innovation model, a new uncrewed system concept can reach the battlefield in months, drawing on commercial AI to quickly adapt flight paths or identify targets in thousands of video streams. For example, a volunteer-driven missile team eschewed extensive predictive analysis and prototyped a new cruise missile in a year and a half — an unthinkable timeline under Ukraine’s previous Soviet-model bureaucracy.

Real-time operator feedback is essential to this approach. It defines what is “good enough” and helps program managers cut through the competing equities that often prevent a system from reaching the field. In less than a year, Ukraine’s military created Delta, a situational awareness system like the elusive Joint All-Domain Command and Control concept that the Pentagon has chased for nearly a decade. Coders started Delta with a single battlefield map and added new modules when soldiers asked for them. Now the system ties together thousands of drones, cameras, satellite feeds, and Western cannon and rocket artillery systems.

Instead of waiting for a glacial interagency process to dictate universal interoperability requirements, Delta’s developers iteratively add new elements and test them in the real fight. During NATO interoperability exercises in 2023, Delta proved the value of this bottom-up approach by sharing data via Link 16 with F-16 jets and integrating with Poland’s TOPAZ artillery fire control software. Delta reflects genuine cross-domain synergy, born out of emergent needs and continuous iteration, not years of staff approvals.

Ukraine’s success is not simply a fluke born out of existential desperation; it’s the logical consequence of removing unnecessary processes and letting warfighters shape the pipeline. While we in the United States prioritize box-checking staffing for documents that meet formatting guidelines and have all the right system views and appendices, Ukraine lets demand drive immediate action. This shift from central planning to distributed innovation has not only kept Ukraine in the fight but also opened the door to realizing advanced integrations like real-time targeting.

The Pentagon should take Ukraine’s combat lessons to heart and fund the work to find solutions for today’s problems. Requirements officers should stop trying to predict the future and begin collecting and refining operational challenges to drive experimentation. And acquisition executives should give innovative program managers and their industry partners the decision space to quickly develop systems that deliver relevant capability, use existing components, and can respond to future enemy countermeasures.

The DOD has experimented with new acquisition pathways and innovation initiatives that have these attributes. But “Band-Aid” solutions that speed up paperwork or create more prototypes don’t address the core problem: a requirements system that prioritizes predictive planning over operational results.

The Pentagon should retire centralized requirements processes such as JCIDS. In their place, the U.S. military services should fund focused campaigns of experimentation that test multiple solutions against clear operational problems, enable rapid learning from failure, and scale what actually works in realistic conditions. Until the DOD abandons its Soviet-style faith in headquarters apparatchiks and embraces structured experimentation driven by warfighters, it will continue to fall behind adversaries who are willing to adapt and learn.

Bryan Clark is a senior fellow and director of the Center for Defense Concepts and Technology at the Hudson Institute, and an expert in naval operations, electronic warfare, autonomous systems, military competitions and wargaming. Previously, he served as special assistant to the chief of naval operations and director of the CNO’s Commander’s Action Group, led studies on the Navy headquarters staff, and was an enlisted and officer submariner in the Navy.

Dan Patt is a senior fellow with the Hudson Institute’s Center for Defense Concepts and Technology, where he focuses on the role of information and innovation in national security. Patt also supports strategy at national security technology company STR and supports Thomas H. Lee Partners’ automation and technology investment practice. Previously, he co-founded and was CEO of Vecna Robotics and served as deputy director for the Defense Advanced Research Projects Agency’s (DARPA) Strategic Technology Office.

The post The Pentagon should abandon Soviet-era centralized planning appeared first on DefenseScoop.

As our world becomes increasingly powered by generative AI, the most sought-after resource is no longer oil or gold — it’s data. Staying ahead in the AI race requires constant troves of new data to create better generative AI models.

However, we cannot treat AI as just another consumer good designed to make life or work easier, where we simply choose the cheapest or most convenient assistant. The AI technologies we use shape the knowledge we absorb, influence our beliefs, and could become geopolitical tools for misinformation — a national security concern that cannot be overlooked.

For example, the recent high-performing chatbot developed by Chinese company DeepSeek does not provide information about Tiananmen Square and purveys common Chinese Communist Party propaganda about Taiwan and other topics. And yet, days after DeepSeek launched, it became the most popularly downloaded free application in the U.S.

In response, U.S. legislators proposed a bipartisan bill to ban DeepSeek from government devices. The aim is to prevent users from sending heaps of information to DeepSeek and to Chinese state-owned entities. By interacting with DeepSeek over the internet, we are surrendering the single most important resource in maintaining leadership in AI: data.

However, there are three big problems with the data required to train generative AI. First, the world is running out of the high-quality, real-world data required to train models, with Epoch AI predicting we may run out by 2028.

The second problem is that real-world data is inherently flawed and biased because it’s simply a collection of society’s beliefs and actions. Therefore, AI is liable to perpetuate existing political, racist, sexist, and other biases. The current administration has underscored the importance of developing “AI systems that are free from ideological bias or engineered social agendas.”

Third, real-world data is often incomplete. Within the Department of Defense (DOD), intelligence, surveillance and reconnaissance (ISR) systems can face collection gaps, resulting in incomplete data sets (e.g. incomplete satellite image data). In addition, computer security needs — such as identifying network intrusions or malware — may be weakened by incomplete data sets.

The solution to these problems is synthetic data. Synthetic data can augment real-world data by filling in critical gaps, help provide the volume of data needed to train AI and mitigate intrinsic biases. Synthetic data is designed to resemble real-world data and is artificially engineered by computers using algorithms, simulations, or machine learning models. Gartner predicts that more than half of the data used to train AI will be synthetic by 2030.

The benefits of synthetic data generated by today’s “classical” computers are that it’s widely available, affordable, and ideal for small to mid-scale problems with well-structured data. The drawbacks are that classical synthetic data can be less complex and diverse than real-world data, can struggle to capture the high-dimensional patterns needed for training AI, and may face future challenges in scaling quickly to meet growing data demands.

Quantum computing is the solution to these challenges. Quantum computers will generate higher volumes of data and higher quality data than classical synthetic data.

“The future of generative AI training lies in combining real-world data with both classical and quantum synthetic data,” says Dr. Graham Enos, vice president of quantum solutions at Strangeworks and a former DOD mathematician. “As quantum computing advances, quantum synthetic data will increasingly dominate the synthetic data used to train AI. What’s exciting is that synthetic data generation is one of the most immediate and practical applications of quantum computers.”

The seemingly otherworldly properties of quantum computers make them ideal for the machine learning and simulation tasks that generate synthetic data. Unlike classical computers, which rely on bits that are either 0 or 1, quantum computers use qubits that can exist in a superposition of both states simultaneously, providing exponentially greater computing power. Entanglement is another critical property of quantum computing that allows qubits to represent more complex data distributions, enabling more complicated calculations than classical computers. By leveraging both superposition and entanglement, quantum computers can double their compute power simply by adding one qubit — in contrast, classical systems require doubling the number of transistors to double compute power.

Five years ago, the largest quantum computer was Google’s 53-qubit Sycamore chip that demonstrated “beyond classical” performance on a computational benchmark. The largest machines built today, from IBM and Atom Computing, boast upwards of 1,000 qubits. While quantum computers are not yet outperforming classical computers for practical applications, including generating meaningful quantum synthetic data for commercial AI training, they are quickly approaching that moment.

Recently, quantum computing company Quantinuum, a spinoff from Honeywell, announced that data from its H2 quantum computer can train AI systems using its Generative Quantum AI framework.

In the announcement, Dr. Thomas Ehmer from the healthcare business sector of Merck KGaA, Darmstadt is quoted as saying, “While some may suggest that a standalone quantum computer is still years away, the commercial opportunities from this breakthrough are here and now…the [Quantinuum] Helios system, launching later this year will hopefully enable AI to be used in unprecedented ways and unlocking transformative potential across industries.”

Similarly, in work partially funded by the U.S. government, Rigetti (RGTI) used a quantum neural network to generate synthetic data and fill gaps in global weather radar coverage, matching the performance of a classical baseline model. (These quantum machine learning methods from Rigetti are available on Strangeworks.)

This type of work is directly applicable to enhancing C4ISR capabilities by leveraging advanced computer vision techniques to analyze complex sensor data. For example, programs like Project Maven use synthetic data to train AI models that interpret full-motion video (FMV), synthetic aperture radar (SAR) imagery, and other intelligence sources.

The impacts of quantum computing go beyond improving AI models. Additional defense-related applications include cybersecurity threat detection, adversarial intent prediction, cryptanalysis, electromagnetic spectrum operations, and many more.

Yet, China is outspending the U.S. four to one in federal quantum technology investment and is steadily closing the technology gap. If the U.S. wants to continue to lead the quantum computing race and be the first to fully leverage the power of quantum synthetic data, we must bolster public and private investment in quantum technologies.

First, due to the time and effort needed to develop quantum workflows, government and private organizations should start working with experts today to identify use cases and build the hybrid infrastructure needed for rapid adoption of quantum data.

Second, the U.S. must reauthorize the National Quantum Initiative (NQI) Act, which accounts for about half of federal investment in quantum technologies. The initial NQI Act, which expired in 2023, was signed into law by President Donald Trump in 2018 and resulted in meaningful progress.

Lastly, Congress should increase funding to both DOD and the Department of Energy by passing the newly introduced bipartisan DOE Quantum Leadership Act as well as the Defense Quantum Acceleration Act. The latter was introduced by Rep. Elise Stefanik and Sen. Marsha Blackburn in April, and the legislation is intended to “supercharge the Department of Defense’s approach to quantum technology and advance U.S. national security.”

Without a recommitment to federal investment in quantum technologies, the U.S. risks another DeepSeek moment with both quantum and AI.

The post The international AI race needs quantum computing appeared first on DefenseScoop.