Navy Creates More Powerful Information Management Position
A shift in emphasis from compliance to proactive endeavors defines the new approach.
The U.S. Navy is creating a new position emphasizing a cultural and operational change in cybersecurity to deal with increasing online threats that have already plagued the service and its contractors. The new position, special assistant to the secretary of the Navy for information management, will be established and filled in the next couple of weeks with a cyber expert from private industry, says Undersecretary of the Navy Thomas Modly.
The new special assistant also will be the Navy’s chief information officer (CIO). This position will differ from the traditional Department of the Navy (DON) CIO, which Modly offers was more of a compliance organization and less of a proactive one involved in developing strategy. The new position will be far more strategic, he offers, with more private sector talent. “We have some authorities we can use, not just for hiring but also for compensation, that Congress has written into law over the last couple of years we will try to leverage,” he states.
Under this position will be four directorates: chief technology officer (CTO); chief data officer (CDO); chief digital strategy officer; and a chief information security officer (CISO). Functions from the Navy’s chief management office, such as its chief data officer and team, are likely to move into the new billet. The new position will hold responsibility for the portfolio of assets that composes Navy information systems. These four interrelated directorates constitute the broader strategy that the new position features, Modly says.
The impetus for this move comes from an independent cybersecurity review commissioned last year by the secretary, following what the undersecretary describes as significant cyber breaches in the industrial base. The review concluded that the Navy needed to reorganize differently to address the cyber threat.
Modly explains that the CTO will be responsible for helping guide acquisition and priorities across the department’s technical infrastructure from warfighting to business systems operations. The chief digital strategy office will determine how the Navy will move more effectively in the emerging digital realm, both for capabilities and information. The Navy does not yet have a strategy that ensures when data is ready for advances such as artificial intelligence and advanced analytics, he notes, and this directorate will work closely with its counterpart the CDO to establish a strategy.
The CISO directorate will aim to change the Navy’s cybersecurity culture, Modly continues. Many cyber hygiene rules are not enforced across the department and its industrial base, where second- and third-tier suppliers “need to get onboard with us,” he states. “Our biggest adversaries are relentlessly hacking into our systems—the Chinese, the Iranians, the Russians—and they’re trying to come at us in every possible way. They come into the places where it’s easiest for them to come in. They’re able to go to lower-level suppliers, get information that … they piece together with all sorts of information they get from other sources, and then all of a sudden they’re getting a bigger and clearer picture of our competitive advantages in certain areas of technology.”
This cultural change will be accompanied by more rational funding investments, he adds. “We’re spending a lot of money in this area right now. We don’t understand where we’re spending it,” he offers, adding that the Navy anticipates that this funding rationalization will allow it to get by with its current funds and not need any additional funding. Similarly, the Navy will not be adding a significant staff for this billet, as Modly describes the personnel effort as largely “moving pieces around on the chessboard.”
The special assistant will have a pair of dual-hatted deputies: Lt. Gen. Loretta Reynolds, USMC, the deputy commandant for information; and Vice Adm. Matthew J. Kohler, USN, N2/N6. Their offices have been involved in the planning for the office, Modly states.
The first task for this billet will be to develop an organization with clear lines of authority, Modly says. The second step will be to develop an information management strategy for the department. Then will come taking on some of the biggest information technology problems confronting the department, he adds.