An Info-Centric Force Learns to Share
Cultural, security, Web 2.0 issues remain to be conquered.
A U.S. Navy officer stands surface watch coordinator watch in the combat information center of a guided missile destroyer during a large joint exercise. As network centricity grows and jointness dominates operations, stovepiped systems and cultural challenges stand in the way of true information sharing.
The U.S. Defense Department is developing an information sharing implementation plan based heavily on current need and impending reality. One foundational element of the department’s approach is that everyone agrees on the need to share information, but differences lie in how that goal is to be accomplished. The other factor is that new technologies and capabilities are changing the very nature of information access, and users ignore them at their own risk.
The issue facing the department—and government in general—is greater than data sharing, and the difference between data and information is more significant than in traditional networking terms. Instead of merely ensuring that the right users have access to the right data, effective information sharing entails a paradigm change in the way individuals and organizations operate. Operating elements such as military units and businesses already are undergoing a change from systems-oriented operations to service-oriented activities.
As always, cultural challenges pose more of an obstacle than technological ones. The advent of a Web 2.0 community is both empowering information sharing and complicating efforts by adding new factors to an already challenging problem.
David M. Wennergren, deputy assistant secretary of defense for information management and technology and the deputy chief information officer for the Defense Department, is a firm believer in the importance of information sharing. “No matter where you are—across government, across industry, across academia—people have gotten the idea that if you can get the right information to the right person at the right time, then you can have an information advantage,” he states. “If you can have an information advantage for your people and your mission partners, then you’ll do better at whatever it is you are trying to do.
“If we can share information, we can save lives on the battlefield. If we can share information, we can find a medical solution more quickly. If we can share information, we can get results to the taxpayers faster and spend money more effectively,” he posits.
Wennergren relates that information systems and networks evolved from local stand-alone solutions such as local area networks with local applications. This approach sped capabilities to satisfied users. However, it ultimately generated two challenges.
One is that taking this local solutions approach tended to stovepipe information. This in turn established a culture of information hoarding. And, this stovepiping led to duplication of both systems and information.
Then these local systems were consolidated into large systems. This action enhanced standardization and authoritative data sources, and eliminated duplication of effort. But, bigger systems meant greater complexity, longer delivery times and reduced customer satisfaction.
Now the focus is on a service-oriented approach. Wennergren notes that the concept of service-oriented architecture places greater emphasis on the ability to find and share information. This “services world” offers the best of both worlds, he adds. Core enterprise services permit individual solutions such as a single access card, a single front-end portal and a single federated search-and-discovery solution. For the defense community, these translate to the Common Access Card and Defense Knowledge Online, for example.
Local commands also can develop the services they need to accomplish their missions. A registry that publishes these services enables others to learn and reuse them, which helps avoid stovepipes. In this manner, users can take advantage of the innovation, creativity and flexibility inherent in local development.
This new approach changes everything, Wennergren declares. “Almost every process we have is a systems-focused process—how we decide to spend money, how we build and finance systems, how we develop systems views of architectures, how we develop systems certification and accreditation.” With the service-oriented world providing this opportunity to share knowledge quickly, many of the processes and educational issues remain challenges.
The Defense Department has both a network-centric data strategy and a network-centric services strategy. The data strategy lies at the heart of the department’s information sharing efforts, Wennergren states. This strategy aims to create communities of interest in which similar people will share information quickly and easily.
For example, maritime domain awareness is benefiting from this approach. Government agencies had a lot of information about harbors and port infrastructures, but they lacked information about elements on the water—ships, their crews and their cargoes. Considerable data on these three items could be found, but the information often would be in disparate databases in stovepipe organizations.
So, the maritime domain awareness community of interest gathered people from the U.S. Navy, the intelligence community, the U.S. Coast Guard, the Department of Homeland Security and the Department of Transportation. Rather than replace each of their legacy systems with a single new—and expensive—joint information system, the groups’ representatives opted for standards-based data tagging that would enable all users to publish and subscribe to the data. And, the standards-based data could be overlaid atop Google Earth or another user-defined picture. Instead of investing millions of dollars and several years building a new system, the organizations spent about $200,000 and within two months were able to access full information on seaborne elements.
“So we have a strategy that says, ‘If you could expose data, people could get the knowledge that they need and get their job done,’” Wennergren notes. “It’s the first big piece of the puzzle—but it’s not nearly enough.”
Completing that puzzle will require process, policy and cultural changes. The department’s information sharing implementation plan will call for incentives that encourage people to share information, including breaking down barriers. Standardized markings will help control sensitive but unclassified data. This will be particularly valuable across department lines such as those between the Defense and State Departments.
And, information security is changing with information sharing. “We have to get past this mindset that it’s a balancing act between the sharing of information and its security,” Wennergren charges. “What that [perspective] does is pit one side against the other. How you think about information security has to change. In this new world, we have to have information security solutions that allow more sharing.”
For example, an information security professional may deal with a significant threat by trying to block access. But, simply imposing blocks on different types of information thwarts information sharing. Information security solutions must enhance the ability to share—and securely.
“Security is really important now with regard to the sustainability and survivability of the network, because the information doesn’t all live locally,” Wennergren says. “It also has to do with ‘we’re all in this together,’ because the information is everywhere.”
Not only must security allow for information sharing, it also must take into account that others will have access to the same data that the Defense Department must protect around the clock.
“So if I do a great job of protecting the boundaries of Defense Department activities, my information also exists in academia and industry. We now have a shared set of responsibilities,” Wennergren says. “If people want to take intellectual capital from the Defense Department and they cannot get in [through department information security], then they will get in through industry partners. We have to raise the bar on security together.
|A U.S. Air Force technical sergeant uses a pen to emend information that will be sent on to local base commanders. Changes in how people relate to information, particularly those changes wrought by Web 2.0 capabilities, will bring about totally new ways of sharing information.|
But one challenge is to design an incentive structure for developing information security solutions of the future. Whether physical or online, security is a risk-adverse profession, Wennergren states. Despite that, officials must keep the basic imperatives of information sharing in mind—that it improves function of many diverse elements and activities of government—when they develop information security solutions.
Wennergren believes that the information sharing partnership his department has with the intelligence community is a highly beneficial one. The information sharing strategies and policies the department issues are not similar to those of the intelligence community—they are identical, he asserts. The level of understanding about information sharing is better than anything he has experienced in the past, he states.
But many of the challenges must be solved individually, and foremost among them is cultural resistance. Leaders today are experts in how they do business, but the shift to a service-oriented world will change those ways of doing business, Wennergren says. People will need to be adept at these new ways, and they will need to learn to let go of some of their personal control.
Flavoring the concept of information sharing is Web 2.0. Organizations that embark on the information sharing process are putting in place tools that will enable Web 2.0 use. Wennergren observes that mass collaboration depends on the ability to find and use information. Tagging and exposing information allows users to adapt it along the lines of Web 2.0 capabilities.
“If we imagine that Second Life is a game, then we are missing the point,” Wennergren declares. “If we imagine that Facebook is only about keeping in touch with your friends, then we are missing the point.
“These Web 2.0 technologies are the way people do business,” he continues. As vice chairman of the Federal CIO Council, Wennergren says that Web 2.0 and its applicability to government is one of the council’s imperatives for this year.
What may be even more important is that the people moving up in the work force today use the Web and its related capabilities in far different ways than currently practiced by longtime Web veterans. This new generation, tabbed the Millennial Generation, even works differently, and government organizations must adjust their ways of doing business to accommodate them.
Coupled with this paradigm influx is the beginning of retirement for the baby boom generation. As these boomers retire, there are not enough of the next generation—Generation X—to fill their leadership positions. So, Millennials will be moving into leadership positions sooner. Businesses and government organizations will need to establish the right atmosphere to be an employer of choice for these netizens. And, these organizations must retain their hirees by providing the environment for these people to unleash their powers of creativity and innovation—“It won’t be in a world of e-mail,” Wennergren emphasizes.
“If you live in a world that is functioning with e-mail to get your job done, you probably are not in the future—and the future is now,” he continues. “These Web 2.0 technologies provide phenomenal opportunities for us.
“I see it [Web 2.0] in everything that we are doing, from how we keep track of information on the battlefield to how places such as the Environmental Protection Agency are trying to generate new ideas through wikis and blogs,” Wennergren points out. “This kind of technology can make a profound difference now, and people have to get that.”
He offers that the power of Web 2.0 is that the boundaries of organizations become much more ethereal. For example, in the past when people wanted to solve a problem, they turned to the appropriate professionals in their own department. But, using Web 2.0 technologies, someone seeking a solution can access experts around the world. The appropriate community will engage in problem solving and idea generation while self-policing its activities.
One of the cultural changes facing information sharing is how to instill proper security amid valuable Web 2.0 collaboration tools. Access to some of these tools might be restricted in the name of security, Wennergren reiterates. He charges that it is up to all information leaders to make the case for why these emerging technologies and capabilities have so much value to an organization that officials must rethink their approaches to security.
Wennergren calls for industry to both protect its own vital government-related information and find security solutions that will permit sharing information rather than blocking access to it.
Above all, industry must help work through the shift from a systems-centric world view to a services-centric one. This will require changes in business models, he points out. Software licensing will need to change because information may be shared among people not easily identifiable beforehand—so, traditional licensing models will not work.
“The world is going to change from a few really big systems to a bunch of services,” Wennergren predicts. “There are plenty of business opportunities, but the business opportunities will exist for companies that can understand that there is a change in how they need to do business with the government.
“There will be an ever-increasing reliance on commercial off-the-shelf technology, but higher and higher expectations that you will be able to attest and affirm the pedigree of the things that you deliver to me—so that we have some sense about the supply chain and the security of the solutions that are provided. We will need to work together to ensure that we keep thinking about, ‘I will never be sure who I need to share with next, but I will know with certainty that I will have to share more and more.’”
Defense Department Chief Information Officer: www.defenselink.mil/cio-nii/index.shtml
Defense Department Network-Centric Services Strategy: www.defenselink.mil/cio-nii/entservices
Defense Department Network-Centric Data Strategy: www.defenselink.mil/cio-nii/datastrat/index.shtml