Under Secretary of Defense Pete Hegseth, the Pentagon has adopted a wartime posture toward innovation. Red tape is out. Urgency is doctrine. Software is no longer a support function, it’s now a strategic asset. The message is clear: scale wins wars, and the Department must move at the speed of relevance.
But as the Defense Department pivots hard into acquisition agility, autonomous systems, and AI-driven decision-making, it risks leaving something critical behind: oversight that evolves with the systems it governs.
The instinct to bypass bureaucracy is valid. But the reflex to eliminate oversight entirely is dangerous. Smart governance isn’t a relic of slow government, it’s what separates urgency from recklessness.
Governance ≠ Bureaucratic Drag
The criticism of DoD acquisition processes is well-earned. Traditional models like JCIDS (Joint Capabilities Integration and Development System) and the 5000-series acquisition framework were built for Cold War weapons programs, not cloud-native software and algorithmic capability delivery.
In that context, the Software Acquisition Pathway (SWP), launched in 2020, was a major step forward. It removed the burden of rigid milestone reviews and allowed programs to iterate, test, and deploy faster. But SWP didn’t eliminate oversight, it refactored it. Decision authorities remained in place, tailored metrics were introduced, and accountability for cost, schedule, and performance persisted.
This is the model we need: governance as a lightweight, adaptive scaffold, not a concrete wall. Without it, we risk recreating the very failures of the past, only this time, at machine speed. Consider the Defense Travel System (DTS) debacle: a multi-billion-dollar platform bloated by outdated requirements, vendor capture, and weak accountability. Now imagine scaling that logic into autonomous weapons policy.
Katie Arrington Saw It Coming
Katie Arrington’s work as CISO for Acquisition & Sustainment was not about burdening small businesses, it was about creating a trust framework for a software-defined battlefield. Her championing of the Cybersecurity Maturity Model Certification (CMMC) came after repeated wake-up calls: the 2018 Chinese theft of F-35 technical data, the 2020 SolarWinds compromise, and countless instances of adversaries exploiting gaps in defense industrial cybersecurity. CMMC was Arrington’s response to a system where compliance checklists had replaced enforceable standards. Her approach, “accredit once, use many" was designed to reduce audit duplication while increasing integrity across the supply chain.
Critically, Arrington understood the difference between manual oversight that slows and intelligent oversight that scales. She advocated for automation, but only after aligning systems to security, governance, and mission relevance. Her efforts were dismissed by some as bureaucratic overreach. But in hindsight, her warnings now feel prescient: without foundational rules, agility becomes fragility.
AI Agents Don’t Replace Judgment… They Eliminate It
The rise of AI agents in federal workflows is already underway. From predictive maintenance to acquisition document drafting, these tools promise cost savings, error reduction, and operational speed. But AI is not a neutral actor. It operates within the parameters it’s given. When those parameters are built on legacy policy, conflicting incentives, or poor data hygiene, AI doesn’t solve the problem, it executes it with unflinching precision.
The historical analogy here is chilling: in 2003, the Joint Strike Fighter program failed to address unresolved design flaws early because milestones were driven more by reporting optics than engineering reality. Today, AI agents can surface issues faster, but only if they're trained on transparent, mission-aligned metrics. Without judgment in the loop, we risk automating the same blind spots that sank past programs.
Worse, when decision logic becomes embedded in black-box algorithms, accountability becomes opaque. If an AI-enabled system greenlights a faulty contractor, rejects a compliant bid, or miscalculates operational risk, who is responsible? The engineer? The contracting officer? The agent itself? Smart governance isn’t just a speed bump. It’s the mechanism through which accountability remains human.
What Smarter Oversight Looks Like
Oversight needs a refactor, not a funeral. The tools exist. What’s missing is the design intent. The Department should embrace:
Zero-based reviews of every workflow proposed for automation. Don’t digitize dysfunction.
Named system stewards for every AI-enabled or autonomous program, with both budget and authority.
Sunset clauses on oversight policy that force renewal or retirement every five years.
Insight-driven audits, focused on surfacing system-level patterns, not checking boxes.
Historical precedent supports this: the Goldwater-Nichols Act of 1986 successfully restructured defense operations by clarifying roles, collapsing stovepipes, and enforcing accountability. It didn’t erase oversight. It made it coherent. In the same spirit, 2020’s Adaptive Acquisition Framework (AAF) gave program managers the tools to move faster, but kept mission alignment and execution risk squarely in view. We need a similar mindset for AI and automation: lean governance that preserves flexibility without sacrificing transparency or trust.
Final Word
Oversight isn’t the enemy of innovation. Done right, it’s the only thing that makes innovation sustainable, secure, and strategically aligned. In the Hegseth era, speed will define our posture. But judgment must define our systems. If we scale capability without scaling accountability, we’re not modernizing, we’re just accelerating institutional entropy.
The goal is not to resurrect the same compliance layers that paralyzed past programs. Nor is it to surrender to techno-utopianism that believes agents and automation can solve institutional decay. The goal is smarter design: governance that is light but firm, flexible but deliberate.
Every AI-driven workflow, autonomous system, or rapid acquisition tool must be treated not just as a technical asset, but as a policy decision with cascading consequences. If we remove all oversight in the name of speed, we risk operationalizing fragility at scale. True innovation in national defense isn’t just about building the fastest system. It’s about building the most trusted one. Don’t abandon governance. Rebuild it for the velocity and complexity of the world we’re in now.*