The MITRE FAST Study found outdated security processes slow Department of War acquisitions and limit access to small and nontraditional contractors. It identifies key challenges and recommends actions to streamline security while accelerating delivery to the warfighter.
MITRE Fast-tracking Acquisition Security Transformation (FAST) Study Report
Download Publication
The Department of War (DOW) is executing once‑in‑a‑generation acquisition reforms that demand wartime speed and a larger, more diverse defense industrial base (DIB). In support of these reforms, the MITRE Fast‑tracking Acquisition Security Transformation (FAST) Study, funded by the Office of the Under Secretary of War for Intelligence and Security, analyzed how current security requirements, policies, and practices affect the DIB’s speed, cost, and schedule to effectively deliver on DOW acquisition.
The premise of the FAST Study is that the National Industrial Security Program (NISP), established in 1993, was designed for a vastly different era of DOW acquisition practices, systems, DIB composition, and threat environment, and that in the intervening 32 years little has changed in its overall framework. Today, classified and sensitive information is created, processed, and transmitted in dynamic, distributed digital systems, while many industrial security processes still operate as if information remains stationary, paper-based, and confined to fixed facilities.
DOW is preparing to implement major changes such as NDAA Section 847 and rely more heavily on small businesses and nontraditional defense contractors (NDCs) that cannot absorb long delays or opaque processes. At the same time, the threat environment has intensified, with adversaries actively targeting the DIB to steal technologies, exploit foreign ownership, control, or influence (FOCI), and disrupt supply chains.
The FAST Study was designed as a targeted, systematic, deep‑dive analysis of DOW security requirements, practices, and systems that impact the DIB’s ability to quickly, affordably, and successfully enable the warfighter mission. Between July and November 2025, MITRE’s behavioral sciences and security researchers collected quantitative and qualitative data representing 6,734 security industry leaders, practitioners, and innovators across 105 organizations. Data was gathered through semi‑structured interviews, online questionnaires, and focus groups, then analyzed using thematic analysis and descriptive statistics to identify persistent challenges, quantify burden in time, cost, and workforce hours, and distinguish anecdotes from systemic issues.
All identified acquisition security challenges and recommended government actions were cross‑referenced with publicly available laws, regulations, directives, manuals, and oversight reports to ensure alignment with current authorities and to prioritize options that reduce burden, expand access, and maintain or improve security outcomes.
The MITRE FAST Study identified 74 acquisition security challenges across five focus areas:
- Entity Eligibility and Access
- FOCI
- Safeguarding of Classified and Sensitive Information
- Cybersecurity
- Integration of Security into Acquisition Processes and Contracts
As DOW rapidly moves toward a wartime footing and dramatically accelerates the fielding of new technology and advanced capabilities to maintain US military superiority, these challenges will intensify. For each of the 74 challenges, the FAST Study has identified 155 practical recommended government actions to clarify, automate, modify, and streamline how the Department applies existing security requirements to accelerate mission delivery.