Original broadcast 6/8/25
Presented by Synack
This week on Fed Gov Today with Francis Rose, three federal and industry leaders spotlight sweeping changes shaping the government’s approach to acquisition, cybersecurity, and supply chain resilience. Karla Smith Jackson of NASA explains how the FAR Council is streamlining the Federal Acquisition Regulation for the first time in over four decades. Katie Bowen from Synack outlines the dual impact of AI and workforce shifts on DoD cybersecurity strategy. And Stacy Bostjanick from the Department of Defense confirms that CMMC is not just here to stay—but gaining momentum—while previewing the new SWFT program to accelerate trusted software adoption.
Streamlining Federal Acquisition: FAR Overhaul Underway
Karla Smith Jackson, Assistant Administrator for Procurement at NASA and a key member of the FAR Council, shares details on the comprehensive rewrite of the Federal Acquisition Regulation. Her team is removing outdated or non-statutory content, aiming to reduce the FAR by two-thirds in size. Jackson explains how the work is divided among NASA, GSA, OFPP, and DoD, and how plain language and AI tools are aiding clarity and usability. New buyer's guides will accompany the FAR revisions, incorporating best practices across government and evolving with input from stakeholders. She emphasizes the goal of better acquisition outcomes and highlights a transformation effort that hasn’t happened in over 40 years.
Key Takeaways
-
NASA is working to streamline and modernize the FAR using AI and plain language, targeting completion by September 30.
-
Companion buyer's guides will serve as dynamic, interactive tools updated with best practices.
-
Initial success metrics include size reduction, improved cycle time, and workforce efficiency.
AI and Shrinking Workforces: New Realities in Cybersecurity
Katie Bowen, Senior Vice President of Global Revenue at Synack, discusses how the Department of Defense’s shrinking cyber workforce and emerging AI technologies are reshaping cybersecurity practices. She raises concerns about reduced testing and evaluation capacity and the importance of modern, dynamic testing environments over traditional methods. Bowen underscores the necessity of integrated security testing fabrics and bug bounty programs, especially as agentic AI accelerates both threat and defense capabilities. The balance between automation and oversight is crucial, and she stresses the importance of tracking the real cost and outcomes of cybersecurity initiatives across DoD in the coming years.
Key Takeaways
-
Shrinking DISA cyber teams may drive increased reliance on commercial and automated solutions.
-
Agentic AI will change cybersecurity dynamics, reducing time-to-exploit and increasing urgency for proactive testing.
-
Cybersecurity success must be measured by efficacy and outcomes, not just compliance checkboxes.
CMMC and SWFT: Defending the Defense Industrial Base
Stacy Bostjanick, Chief for Defense Industrial Base Cybersecurity at the DoD, provides a comprehensive update on the Cybersecurity Maturity Model Certification (CMMC) and introduces the Software Fast Track (SWFT) program. She explains the delays due to regulatory requirements and past compliance failures, stressing that CMMC is now moving forward with rulemaking expected to conclude this year. Bostjanick underscores the urgent national security stakes behind the program, pointing to past IP thefts and the need for reliable cybersecurity among contractors. SWFT will enable faster, AI-assisted vetting of software packages before adoption, aiming to halve the approval timeline and improve the trustworthiness of the supply chain.
Key Takeaways
-
CMMC implementation is progressing, with final rulemaking targeted for late summer.
-
Past failures in contractor compliance drove the creation of CMMC to enforce real security.
-
SWFT will expedite software adoption via AI-assisted evaluations and third-party assessments.
Please fill out the requested information below