Developing the Joint Common Foundation

  • By: The JAIC
Developing the Joint Common Foundation

Denise Hodge Highlights the Challenges and Opportunities of Creating an Enterprise-Cloud Based Environment

Denise Hodge, Information Systems Security Manager, is leading efforts to develop the Joint Common Foundation and create a secure development ecosystem that enables AI adoption across the Department of Defense.

The Joint Common Foundation will play an integral role in accelerating and scaling AI solutions for the U.S. military. The enterprise cloud-based foundation will provide the development, test, and runtime environment and the collaboration, tools, reusable assets, and data that military services need to build, refine, test, and field AI applications.

Describe your role in managing the Joint Common Foundation

Denise Hodges
Denise Hodge, Information Systems Security Manager

I serve as the principal advisor for JAIC information systems. I manage the development and maintenance of the cybersecurity architecture, requirements, objectives and policies, and processes and procedures. I also ensure system changes are approved prior to implementation at the appropriate levels to comport with Federal, DoD and JAIC guidance. Part of this role includes indentifying and reporting security-related events, and unauthorized configuration modifications that impact the JCF and our information systems.

Why is the Joint Common Foundation critical to the U.S. Military to field AI?

We are designing the JCF to:

  • Reduce technical barriers to DoD-wide AI adoption.
  • Accelerate security assessments of AI products to support rapid authorization decisions and AI capability deployment.
  • Create standardized development, security, testing tools, and practices to support secure, scalable AI development.
  • Facilitate the concept of secure re-use of AI resources, software, tools, data, and lessons learned that capitalize on the progress made by each JCF AI project.
  • Encourage efficiencies by finding patterns in JCF customer needs and creating solutions that are repeatable to build core products that advance AI development
  • Mitigate risk by providing a common, standardized, and cyber-hardened infrastructure and platform for AI development, assessments, and rapid deployment promotion.

What are the top priorities for the Joint Common Foundation in 2020?

The Infrastructure and Platform division is building an enterprise cloud-enabled platform across multiple govCloud environments in preparation for the JEDI migration. Our development team is working closely with cybersecurity experts to ensure the JCF is a secure environment that promotes the development, testing, prototyping, assessment, and integration of AI/ML models and software. Data management is key to the success of the enterprise cloud environment. As such, we are designing the JCF to ingest data that is secure, normalized, categorized, and stored for maximum reuse and sharing. We are also pursuing strategic partnerships to capitalize on the great work that has already taken place across the U.S. military as well as the advances made by our industry and academic partners. Cybersecurity is the thread that binds the enterprise cloud together.

We are also working diligently to provide the JCF with its Authority-to-Operate, a near-term milestone that will enable JAIC mission projects to develop, test, and deliver scaled AI capabilities with speed. Cybersecurity is an important part of this initiative to provide a common, standardized, and hardened development platform that promotes a secure AI development ecosystem. We developed a strategy that incorporates four key security pillars to promote cyber engagement and governance:

  • Infrastructure security
  • Secure ingest
  • Ongoing authorization
  • Continuous monitoring

How has your defense civilian career prepared you for your current role?

I have spent much of my career supporting Chief Information Officers and Authorizing Officials in various IT ecosystems in the Department of Defense. I have seen how great ideas can grow into successful programs that flourished, or die, before they are fully realized. I learned there is a real balancing act to understanding where the line of accepting too much risk and not willing to accept enough reasonable risk is drawn to make the mission successful. We make decisions based on the overall risk represented in security assessments, which may include strategic, operational, technical, financial, reputational, and compliance-based risk assessments. I am responsible for reviewing, and in some cases, making the initial JCF infrastructure and platform assessments, as well as the AI products that we develop, test, and host.

You chose to stay at the JAIC after your original detail ended. Why?

I believe that my work at the JAIC is valued and I feel proud about being a foundational member of this organization. I am fortunate to work with some exceptional people that challenge me to not just be good at my job, but to improve every day. I thought I was good at working outside the box, while staying inside the policy safety zone; but at the JAIC I have learned to reinvent the box and the safety zones. In addition, I have learned so much about AI/ML development that it has opened the world. The vision Lt. Gen. Shanahan has for the JAIC is nothing short of revolutionary, and our mission is crucial to the freedoms that we take for granted in this country. Although I do not wear a uniform, I want to contribute to the security of this country for my children and my children’s children. So, I decided to stay at the JAIC in service to our military and our country.