The US Air Force’s first ever chief software officer has quit the job after branding it “probably the most challenging and infuriating of my entire career” in a remarkably candid blog post. The Register reports: Nicolas Chaillan’s impressively blunt leaving note, which he posted to his LinkedIn profile, castigated USAF senior hierarchy for failing to prioritise basic IT issues, saying: “A lack of response and alignment is certainly a contributor to my accelerated exit.” Chaillan took on his chief software officer role in May 2019, having previously worked at the US Department of Defense rolling out DevSecOps practices to the American military. Before that he founded two companies.
In his missive, Chaillan also singled out a part of military culture that features in both the US and the UK: the practice of appointing mid-ranking generalist officers to run specialist projects. “Please,” he implored, “stop putting a Major or Lt Col (despite their devotion, exceptional attitude, and culture) in charge of ICAM, Zero Trust or Cloud for 1 to 4 million users when they have no previous experience in that field — we are setting up critical infrastructure to fail.” The former chief software officer continued: “We would not put a pilot in the cockpit without extensive flight training; why would we expect someone with no IT experience to be close to successful? They do not know what to execute on or what to prioritize which leads to endless risk reduction efforts and diluted focus. IT is a highly skilled and trained job; staff it as such.”
Chaillan went on to complain that while he had managed to roll out DevSecOps practices within his corner of US DoD, his ability to achieve larger scale projects was being hampered by institutional inertia. “I told my leadership that I could have fixed Enterprise IT in 6 months if empowered,” he wrote. Among the USAF’s sins-according-to-Chaillan? The service is still using “outdated water-agile-fall acquisition principles to procure services and talent”, while he lamented the failure of the Joint All-Domain Command and Control (JADC2) to secure its required $20m funding in the USAF’s FY22 budget. He was also quite scathing about the USAF’s adoption — or lack thereof — of DevSecOps, the trendy name for efforts to make developers include security-related decisions at the same time as product-related decisions when writing new software. It appears the service wasn’t quite as open-minded as its overseers in the wider DoD.
Read more of this story at Slashdot.