Managing Risk In War and Peace

January 2007
By Henry S. Kenyon

 
Bulgaria’s armed forces are facing modernization challenges, according to Vice Adm. Emil Lyutskanov, BU N, first deputy chief of the Bulgarian General Staff.
Planning for scenarios in multinational environments improves potential for success in business and battle.

Risk management is essential to successful business practices as well as to victorious military operations. Although danger is inherent in many of the duties of the armed forces, planning for operational contingencies can reduce the risks and save lives. Mitigating risk in a coalition environment is even more imperative as a variety of policies, equipment and training and security procedures complicates the scenarios that planners must consider.

Highlighting the challenges and identifying solutions for risk management issues in coalition operations were the goals of AFCEA’s TechNet Europe 2006 symposium and exposition. Titled “From Risk to Recovery—Identifying and Controlling Business Risks Effectively!” the October event in Sofia, Bulgaria, was held in conjunction with NATO’s Communications and Information Systems Symposium and focused on the type of situations that keep leaders awake at night.

Sofia was chosen as the event site to highlight Bulgaria’s recent entry into NATO and its upcoming membership in the European Union. Vesselin Bliznakov, Bulgaria’s minister of defense, opened the symposium with a discussion of the ongoing modernization of his nation’s military. He noted that Bulgaria has shifted its military policy from national defense to overseas coalition operations. To support this agenda, the Bulgarian Ministry of Defense (MOD) is developing a variety of capabilities to enable modern operational planning and command and control (C2).

Bliznakov outlined the Bulgarian military’s modernization plan, which is designed to ensure greater interoperability with NATO and the European Union. The plan, which has been presented to the Bulgarian parliament, extends to 2015. He explained that the effort focuses on enhancing national capabilities through modernization and offset programs to acquire and develop technology and systems. This new approach also improves coordination between the MOD and the military to ensure the effective use of resources.

Bulgaria is launching a number of projects as part of its modernization plan. These efforts include the development of communications and information support systems, the construction and maintenance of stationary digital systems, training, mobile communications systems for the Bulgarian military and a friend-or-foe identification system. Bliznakov said that these capabilities allow Bulgaria to be interoperable with NATO for joint operations. Interoperability will enable national systems to be integrated into a Bulgarian command, control, communications, computer and intelligence (C4I) network, permitting network-centric operations with NATO.

The alliance has more active military commitments than at any time in its history, explained Rear Adm. Christopher Clayton, RN, assistant director of the intelligence division, NATO International Military Staff. NATO’s support of operations against groups such as al-Qaida has caused its personnel and assets to become a target. The admiral focused on several terrorist threats: the developing role of al-Qaida, terrorist use of cyberspace and the ongoing war against ideology.

Recent operations have disrupted al-Qaida’s C2 network and have seriously depleted the organization’s financial resources, related Adm. Clayton. But while it is under pressure, the terrorist organization has shifted its tactics by using local groups to launch attacks. He warned that al-Qaida also is using the Internet to spread its ideology and recruit new members. One result of this globalized approach to recruiting has been the increasing radicalization of second- and third-generation immigrants from Muslim cultural backgrounds across Europe. The admiral said that the ideological war must be won by the West and its allies. He added that many Arab and Muslim governments realize that they are al-Qaida’s ultimate targets. Disseminating a Muslim message to counter al-Qaida’s message would be more influential than conducting Western information campaigns, he said.

Cdre. Patrick Tyrrell, OBE, RN (Ret.), Tyrrell Smith, explained that technology must be linked with people and processes and that the processes must be consistent and predictable. Cdre. Tyrrell spoke about the “tyranny of choice” associated with many advanced systems and how users are happier with limited information. He added that C2 systems are run by people and people tend to see what they wish to see when processing data. Flexible applications mirroring human behavior are needed, he said. Because people like variety, designers should strive to deliver system variations but allow different applications to communicate with each other.

Reacting to changing computer networking needs on the national level, Viktor Sterle, head of the Slovenian MOD’s information technology department, explained that when Slovenia joined NATO, meeting interoperability goals created challenges for the nation’s military. He observed that the rigid structure of the MOD led to operational inefficiencies. In 2000, the Slovenian government decided to modernize the ministry with an enterprise resource planning and systems applications products (SAP) system to help various parts of an organization to share data and business processes. SAP can control logistics, management and defense planning, but implementing a SAP system is a complex effort that often involves people and processes as much as technology, he said.

Brig. Gen. Dennis Via, USA, commanding general, 5th Signal Command/deputy chief of staff, G-6, U.S. Army–Europe and 7th Army, noted that transformation is an important goal for the Army as it shifts its forces from division-based heavy units to more flexible modular formations. Citing the example of his command, he explained that it consists of two brigades, with one currently on rotation in Iraq. The general outlined his command’s three missions: to operate, maintain and defend theaterwide signal and information technology network enterprises; to train, deploy, sustain and redeploy for the Global War on Terrorism; and to rebase and restructure bases to support information technology changes.

 
Lt. Gen. Ulrich Wolf, GEA, director, NATO Communications and Information Systems Services Agency, tells TechNet Europe attendees that better protection is needed for NATO’s computer networks.
NATO faces a threat from cyberwarfare, according to Lt. Gen. Ulrich Wolf, GEA, director of NATO’s Communications and Information Systems Services Agency, who cited a recent cyberattack on an unclassified NATO server in Naples. “If we lose the cyberwar, we will lose all the battles on other fields,” he said. The command’s mission is to manage information security for the alliance, and the alliance’s networks are under constant attack. To protect its networks from further cyberattacks, NATO recently established a CyberwarDefenseCenter. The center achieved initial operational capability in late October 2006 and is scheduled to be fully operational by the end of this year.

Viruses and other malicious codes are evolving more quickly than NATO can react, Gen. Wolf explained. He said that the alliance still retains a Cold-War-era defensive mentality that is static and inflexible. Besides making cultural changes, NATO has to change security policies and embed security systems into communications devices so that user compliance is not a necessity. To counter cyberthreats, the general said that NATO must accelerate plans to implement multilevel security across its networks. An aggressive stance also is necessary, with Internet-based responses and other types of active measures taken against individual hackers and organizations attacking alliance systems.

Dag Wilhelmsen, general manager of NATO’s Consultation, Command and Control Agency (NC3A) said that his organization, based in The Hague and Brussels, assists the alliance through the seamless provision of unbiased scientific support and C4I, surveillance and reconnaissance acquisition. He explained that the NC3A has four unique characteristics: It has unequaled expertise and facilities; it is multinational and unbiased; it is a NATO strategic partner; and it has extensive partnerships with alliance nations.

Wilhelmsen outlined the challenges facing the NC3A and NATO for implementing network-enabled capabilities, which include the need for a federated, interoperable infostructure, a new approach to standardization and development of a dynamic need-to-know environment for information sharing. He explained that interoperability must be standardized with some type of certification process. Besides changing existing NATO standards, he said that it was necessary that industry participate in early adoption of commercial standards for the alliance’s needs and that interconnected battle labs and multinational programs share data.

 
Additional private sector technical advice would be helpful for alliance decision making, relates Maj. Gen. Georges D’hollander, BEA, director, NATO Headquarters Consultation, Command and Control Staff.
Maj. Gen. Georges D’hollander, BEA, director, NATO Headquarters C3 Staff, discussed the alliance’s relationship with the Network-Centric Operations Industry Consortium (NCOIC). The NCOIC is a group of international aerospace, defense and information technology systems and professional services firms that serves as an advisory body for NATO. Gen. D’hollander explained that the consortium is seeking a stronger relationship with the alliance that would offer many advantages. Among the benefits, he noted that the consortium would allow the alliance to access industrial knowledge and connections and would provide opinions regarding NATO policies on system architectures, standards and interoperability. The general added that the enhanced partnership would mean that the military would no longer be the main driver for technical innovation.

Risk management in defense can be tied to legislative, economic, interdepartmental and social activities, explained Vice Adm. Emil Lyutskanov, BU N, first deputy chief of the Bulgarian General Staff. The admiral said that the Bulgarian MOD has a major stake in risk management because unnecessary or unexpected risks have major consequences in military operations. Adm. Lyutskanov emphasized that risk management involves state policy and leadership with the government setting priorities, strategy and planning. He noted that it was critical for Bulgaria to implement its 2015 modernization goals for NATO interoperability along with changes in national legislation to help speed modernization efforts.

Col. Nikolay Yankov, BUAF, director of the Bulgarian MOD’s Directorate of Armaments and Equipment Policy, noted that because enormous public resources were invested in the MOD across a broad scale of operations, risk management is crucial. Bulgaria’s defense acquisition strategy views risk management as an uninterrupted process for all military products. Col. Yankov outlined several of his organization’s priorities: defining precise criteria to determine minimum risk levels, building and developing a quantitative and qualitative expert capability in the MOD and developing effective and productive procedures to implement risk management within the framework of the force management process.

Because of the scope of a natural or manmade disaster, higher levels of management are necessary to mitigate risks, related Dr. Velizar Shalamanov, an integrated emergency management system consultant with the Bulgarian Ministry of State Policy for Disasters and Accidents. He discussed efforts to create a national, integrated emergency management capability and explained that a major challenge is compelling different ministries to work together to provide security to the citizenry. To improve government efficiency, Shalamanov proposed several solutions such as increasing transparency, accountability and results-oriented program management; creating an integrated security sector and regional projects; launching feasibility studies, vendor seminars, advanced technology demonstrations and pilot projects; and holding computer-assisted exercises.