Change Happening Now, but More Needed

October 2010
By Rita Boland, SIGNAL Magazine

 

Gen. Keith B. Alexander, USA, commander of U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service, spoke about cyberoperations during LandWarNet 2010.

Battlefield and homeland requirements demand innovations integrate quicker.

U.S. Army acquisition processes are in the midst of a dynamic alteration. Technology development speeds are forcing the military branch to rethink the way it procures the capabilities soldiers need, and the way ahead will be faster and less formal than past methods. Individuals will have the power to create applications faster without stringent guidelines, while larger systems will be brought into the fold in a more timely fashion.

LandWarNet 2010, held in Tampa, Florida, focused on acquisition and cyberoperations, including how to change the institutional procurement culture, with only limited big-group discussion on specific technologies. Lt. Gen. Jeffrey A. Sorenson, USA, the Army’s chief information officer (CIO)/G-6, used both his keynote address and a media roundtable focused on Apps for the Army winners to speak about rapid, semi-informal development of new applications.

In the apps contest, through which active duty, Guard, Reserve and civilian Army personnel could submit apps for Army use, the service branch discovered the power of allowing people to create without the burden of extensive guidelines. According to Gen. Sorenson, 25 apps for different smart phone platforms made it through the certification process and now are available for Army personnel. The service will continue to use this development format. By establishing contests with tight deadlines, it can take advantage of the knowledge and creativity of its personnel to push out necessary capabilities quickly. The general said that he plays with both the Android and iPhone to assess their potential uses.

 

Lt. Gen. Jeffrey A. Sorenson, USA, chief information officer (CIO)/G-6 of the Army, served as a speaker and a host at LandWarNet 2010. He addressed several items during his various remarks including the need
for acquisition reform and Army plans to implement new methods.

In the future, the Army will involve a broader range of potential participants in these efforts, including private firms. Gen. Sorenson said participants would receive a deadline of 30 days to submit their plans. A user community or group of commanders requesting the technology could vote for the best app, and the winner would receive funding to turn the product around in approximately 60 days, resulting in a 90-day acquisition cycle.

According to the general, the Army also is working to test, field and deploy systems in less time by standardizing processes, technologies and guidelines so industry can provide exactly what the military requires. One issue is the need to resolve the difference between military cell and tactical communications and commercial capabilities. The private sector has far higher throughput, and the military needs to reach levels closer to that of industry. Enemies take advantage of the commercial offerings because they have no formal acquisition and contracting processes to manage. “We have to close that gap,” he explained.

Gen. Sorenson emphasized the need for speed and standardization in the development and fielding of systems and for the military to look at technology from an integration standpoint. He also outlined how the Army is creating efficiencies and leading the way toward a single e-mail network for the entire U.S. Defense Department.

The CIO emphasized that everything done comes down to the requirement for shared situational awareness. This awareness is increasing through cyber technology, and the U.S. military recently stood up U.S. Cyber Command (CYBERCOM), the subunified command under U.S. Strategic Command, to deal with the opportunities and challenges of the domain. Gen. Keith B. Alexander, USA, first commander of CYBERCOM, believes one of the most important priorities for the cyberdomain is increasing situational awareness. He also explained that the Defense Department must secure the cyberdomain to protect and defend its own information and U.S. citizens. “Every link and system has vulnerabilities that we have to defend,” he stated. Gen. Alexander also serves as the director of the National Security Agency and chief of the Central Security Service.

The general compared warfare in the past with the movie WarGames and cyberwarfare to the movie The Matrix. In the former, as in nuclear warfare, there is no good engagement option because of mutual assured destruction. In the latter, as in the cyberdomain, a choice must be made between doing nothing and pretending everything is fine or seeking the truth and taking action. Gen. Alexander emphasized that network operators must understand and take action to address threats.

Further highlighting the differences of warfare through time, he talked about the disruptive attacks of the past, then explained the even greater threats today. “What concerns me is the evolution of destructive capabilities,” he said. Penetrated networks can expose sensitive information or go down completely, putting at risk not only military operations but critical civilian services.

“In the network, offense is dominant,” Gen. Alexander said. Exploiters have the advantage, he explained, because they only have to be right once; defenders must be right every time. He stated that network operators need to stop reacting and patching and become more proactive to protect information. The general explained that the standup of CYBERCOM will improve cyberoperations by putting the attack and defense missions of the cyberdomain together.

One critical aspect of response efforts is speed. For quick reactions to occur, guidelines, including laws, must be in place to guarantee that actions fix problems while assuring privacy. Gen. Alexander noted that military members operating in cyberspace go through extensive training about protecting privacy. The Defense Department also must operate with its partners to provide dynamic defense that works against organized attacks by nation-states and informal actions by non-nation-state actors, he said.

Unfortunately, none of the Army’s enterprise problems have easy answers, according to a panel of industry experts. For example, employing plug-and-play capabilities can benefit the Army, but using this business model can result in “lowest common denominator” technology and stifle innovation, according to Col. Barry R. Hensley, USA (Ret.), vice president of the Counter Threat Unit at SecureWorks Incorporated. Rear Adm. Elizabeth A. Hight, USN (Ret.), vice president, U.S. Defense Command and Control Infrastructure practice, Hewlett-Packard Enterprise Services, explained that having implementation and mitigation plans is just as important as strategic architecture plans when it comes to the plug-and-play processes the Army is using.

Another area of contention is how the Army should use apps. Vice Adm. Richard Mayo, USN (Ret.), an executive vice president at CACI, stated that innovation and speed are important but not as important as security. He said that if it comes down to a choice between speed and security, he is firmly for security. The admiral also referred to “informational IEDs” that are a potential threat to smart phones. Dr. J. Scott Goldstein, senior vice president and chief technology officer, Systems Engineering and Advanced Technology, ManTech International Corporation, said that security is the biggest difference between apps for the commercial sector and the military. However, he added, the Army needs to move forward with app development and deployment.

Panelists disagreed about aspects of cloud computing, including how to secure and employ it. Finding where data resides and ensuring that forensics could still be performed to discover problems also were discussed. Additionally, the experts addressed how to use performance-based services. Though the speakers agreed that these can benefit the Army, the contract type works only when the Army clearly defines what it wants from its industry partners. The military branch will be served best when it can totally trust contractors to implement the government strategies, Adm. Mayo said.

Speaking about defending against network attacks, Col. Hensley said, “We can’t protect everything.” The Army will have to decide what information must be defended and what information will have to remain vulnerable. Brian McKeon, vice president, Raytheon Network Centric Systems Integrated Communications Systems, added that in the case of cyberattacks, the commercial and military communities have the same problems and he suggested that perhaps different allies should band together to counter the threat.

The Army can take a better stab at resolving problems by improving acquisition and internal communications. It needs to fix its acquisition process and move good ideas to top leaders, according to Gen. Peter W. Chiarelli, USA, vice chief of staff.

The general wants the people who know the day-to-day frustrations of developing systems and other technologies to reach out to him and other leaders to explain what they need to fix problems. By flattening organizations, the Army could bring better solutions to bear quicker, he said. He repeatedly emphasized the need to change acquisition processes to keep up with technology changes and the enemy. Gen. Chiarelli would like to see the acquisition cycle for systems reduced to four years, and to see that time become even shorter for information technology procurement. Currently, the Army requires systems to meet 41 statutory requirements before putting them into the hands of soldiers. The service needs a better way to take advantage of new developments, he said.

Another key to improving the network, according to the vice chief, is for people developing products and systems to talk to one another. Gen. Chiarelli stated that the words “network” and “integration” are almost interchangeable because when people say they want to integrate a technology, they mean integrate it into the network. “The network must be symbiotic” if it is to function properly, he explained.

Initiating all the changes leadership deems necessary will mandate an institutional adjustment for the Army. Retired IBM Chief Executive Officer Louis V. Gerstner addressed this issue, but rather than speak to military-specific needs, Gerstner explained how he worked to turn around IBM by changing the entire culture of the organization. He told listeners to take his lessons and apply them as appropriate.

According to Gerstner, at some point successful organizations will face a time when outside influences demand a complete institutional transformation. Unfortunately, many organizations ultimately will fail. This may not matter much in most cases, but in the case of the U.S. military, success is critical.

For a true institutional transformation to take place, an organization must have two things, Gerstner explained: leadership and a deep understanding of an organization’s culture. Leaders get people to do things they would avoid otherwise; culture is what people do when no one is looking. Gerstner imparted that to succeed, leaders have to constantly, unflinchingly communicate and demonstrate the necessary changes to the people in the organization.

One of the biggest challenges to institutional culture transformation is what Gerstner calls “the middle.” These people have invested and succeeded under the old culture and fear the introduction of new processes. Leaders must check in with personnel and ensure they are making the adjustments to the new culture. In addition, they must do what they can to help people adjust to the changes, but leaders cannot allow those who would work against the transformation to remain in place. Former behaviors drain an organization trying to establishing a new culture.

Gerstner touched on comments by senior Army leaders at the event regarding the need for the Army to adjust to the new technology available and to the adaptive enemies the military faces. Technology is forcing the military to re-evaluate its acquisition processes, its force structure and more, and it is flattening the chain of command.

The entire military is looking at how to work better together and with other partners. Policy and governance remain the biggest hurdles to interoperability, according to members of a joint/coalition panel. Their message stressed the idea that information must be delivered to warfighters at the tactical edge so they can successfully, safely carry out their missions. Security concerns that mandate separate networks have created barriers between partners operating together. Brigadier Andrew Bristow, director, Command and Battlespace Management, British Armed Forces, commented that interoperability is inversely proportional to the number of security domains. “We tend to disadvantage the majority for the security needs of the minority,” Brigadier Bristow said.

The representatives from the Joint Staff, the Deputy Assistant Secretary of Defense for Information, Management, Integration and Technology, and the Defense Information Systems Agency told the audience about their organizations’ work to enhance interoperability and to push information where it needs to go. Panel members touted technical advantages as well, such as the Afghan Mission Network that allows various partners to communicate by connecting disparate coalition networks.

Rear Adm. Janice Hamby, USN, vice director, C4 Systems, the Joint Staff, also referenced a new capability that allows all Common Access Card (CAC) holders with access to the nonsecure Internet protocol router network (NIPRNET) to use any CAC-enabled NIPRNET machine to pull their own profile and access information stored through web services.

Brig. Gen. Kevin Nally, USMC, director-designate, C4, U.S. Marine Corps, touched on technology and policy, saying that command and control systems—not networks—must be standardized. “Systems can become combat prohibitors,” he stated. Panelists mentioned standards several times as one part of the solution for interoperability problems.

David DeVries, principal director, deputy assistant secretary of defense for information, management, integration and technology, Office of the Assistant Secretary of Defense for Networks and Information Integration, explained that one of many problems facing information sharing and technology is that policies were written for a different age. “It’s all about data now,” he said. The Office of the Secretary of Defense needs stakeholders to submit requirements in clear language about their capability issues, DeVries added.

 

Lt. Gen. William T. Lord, chief of warfighting integration and CIO, Office of the Secretary of the Air Force, addressed joint operations during his speech at LandWarNet, bringing an Air Force perspective to the discussion.

Lt. Gen. William T. Lord, USAF, chief of warfighting integration and CIO, Office of the Secretary of the Air Force, continued the joint theme in his address, saying that he believes all future operations will be joint because the services are too small now to operate on their own. He also added to Gen. Alexander’s comments, explaining the military must continue to improve cyberspace operations to enable its partners.

An Air Force study titled “A Day Without Space” examined what would happen if capabilities from space such as the Global Positioning System and intelligence, surveillance and reconnaissance capabilities were disabled. Gen. Lord said that type of catastrophe would take the military back to the days of World War II. Without cyberspace, experts estimate the military would be back to World War I capabilities, he stated. Faced with those situations, the military would have to return to a larger standing force, which current budgets would prohibit.

He also described the “yin and yang” of securing networks versus making them usable. To find solutions, he said people must look for nontraditional answers to problems, because this is a nontraditional age. Improving operations also entails bringing in partners such as civil engineers who understand certain issues.

For allies to band together to protect networks, a new type of training that teaches young people to think differently about problems and processes must take place, Gen. Lord explained. The Air Force recently sent its first officers to a 29-week course at Keesler Air Force Base, Mississippi, to become cyberspace-trained warriors, he said. The general also cited joint training programs taking place in the military.

WEB RESOURCE
LandWarNet 2010: www.afcea.org/events/landwarnet/10/intro.asp

 

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.