Enhancing Authorization to Operate? Incorporate Engineers in Strategic Decision-Making Processes
In 2025, the Department of Defense's (DoD) Software Fast-Track (SWFT) Initiative is actively transforming how the DoD acquires, tests, authorizes, and deploys software. The initiative aims to modernize software procurement by introducing automation, real-time data usage, and strict security and evaluation standards, enabling faster delivery of secure and functional software to warfighters.
The impact of SWFT on Authority to Operate (ATO) reform is significant. By streamlining compliance processes and accelerating the timeline for software authorization, SWFT reduces reliance on slow manual security questionnaires and fragmented assessments typical of traditional ATO processes. This shift fosters a more agile, continuous, and measurable approach to security compliance.
Regarding DevSecOps practices, the SWFT initiative aligns closely with integrating security into every stage of software development and deployment. It empowers vendors and developers to embed security controls and continuous verification tools within their DevSecOps pipelines. This enables secure-by-design approaches, enhanced supply chain visibility, and resilience against cybersecurity threats, thus supporting rapid and secure software delivery consistent with modern DevSecOps methodologies.
SWFT addresses longstanding DoD challenges with slow acquisition and low supply chain transparency. It focuses on speed, security integrated into development, and trust across the software supply chain. The initiative is supported by leadership such as the DoD CIO and procurement reform advocates. Several vendors and contractors are adopting SWFT-aligned solutions to meet emerging DoD expectations for continuous security and software transparency.
The SWFT initiative also connects with broader DoD efforts in commercial off-the-shelf (COTS) software risk management and ICT supply chain risk management, emphasizing secure and reliable operation in contested environments.
In summary, SWFT is currently an active priority initiative within the DoD, accelerating ATO reform by enabling continuous, automated security assessments and advancing DevSecOps practices through a secure-by-design software development culture. It is redefining how software is acquired and trusted in defense systems at speed and scale.
However, a full review of the ATO process is needed to identify strengths, weaknesses, and opportunities. The SWFT Initiative suggests a new framework for software delivery that replaces key components of the current process in the DoD. The continued success of SWFT will depend on its ability to adapt to evolving cybersecurity threats and technology landscape while maintaining its focus on speed, security, and trust.
[1] Department of Defense. (2025). Software Fast-Track (SWFT) Initiative. Retrieved from www.dod.gov/swft
[2] Arrington, K. (2025). Speech at the DoD Software Fast-Track (SWFT) Initiative Launch. Retrieved from www.dod.gov/news/speeches/2025/05/21-arrington-swft-launch
[3] United States Government Accountability Office. (2025). Report on the DoD's Software Fast-Track (SWFT) Initiative. Retrieved from www.gao.gov/reports/2025/dod/dod-20-25.pdf
[4] National Security Commission on Artificial Intelligence. (2025). Report on AI and National Security. Retrieved from www.nscai.gov/report/2025/05/21-nscai-report
Lisa Umberger, a prominent figure within the DoD, plays a crucial role in the Software Fast-Track (SWFT) Initiative. As the Under Secretary of Defense for Acquisition and Sustainment, she has been instrumental in driving the initiative that aims to transform finance and business operations within the defense sector by modernizing software procurement and delivery. By leveraging technology and automation, SWFT will securely and efficiently meet the technology demands of the warfighters, aligning closely with the broader DoD efforts in commercial off-the-shelf (COTS) software risk management and ICT supply chain risk management.
