Enable breadcrumbs token at /includes/pageheader.html.twig

The Challenge of Finding the Best Approach for Funding Functional IT

You get what you pay for.
The Air Force is leading efforts to create a data-driven method called combined joint all-domain command and control, or CJADC2. It’s a DoD concept that will connect data-centric information from all branches of service, partners and allies, into an internet of military things, making information accessible anywhere, anytime for quick decisions on the battlefield. Credit: Staff Sgt. Timmethy James

The Air Force is leading efforts to create a data-driven method called combined joint all-domain command and control, or CJADC2. It’s a DoD concept that will connect data-centric information from all branches of service, partners and allies, into an internet of military things, making information accessible anywhere, anytime for quick decisions on the battlefield. Credit: Staff Sgt. Timmethy James

“You get what you pay for.” Though arguably trite, this maxim is as true in the information technology (IT) realm as it is in other facets of business and industry. Therefore, it would seem to be an obvious and crucial necessity for a business or industry to know exactly what it wants or needs from its IT systems and how much it’s willing to spend on them to attain its goals. This applies to the Department of Defense (DoD) and its respective service components as well.

If the DoD is seeking superlative digital transformation and modernization and the application of big data platforms, artificial intelligence and machine learning, cloud computing and rapid process automation—it must have and use the proper devices. More importantly, it must establish necessary connectivity to strong, efficient, secure computer networks, even if the network happens to be in someone’s home. With all these considerations, is the DoD spending enough money appropriately to get the best return on investment for its IT dollars? I proffer that it is not.

You cannot observe any DoD installation without seeing digitally connected soldiers, sailors, airmen, guardians, Marines and coastguardsmen. These individuals require devices and networks to be digitally connected, and I would argue that these devices and networks are integral tools for accomplishing their respective missions. Some people may disagree, but a plane doesn’t fly, a ship doesn’t sail, a tank doesn’t roll and a rocket doesn’t launch without services provided by a digitally connected network.

These networks also come in many different flavors, such as traditional Internet Protocol networks, radio networks, telephony networks, as well as supervisory control and data acquisition and industrial control system networks. The networks consist of supply systems that provide warehouse connectivity and can back-order parts, manpower and personnel systems to ensure the proper skill sets are trained and in the right place at the right time, as well as a multitude of other systems that the services rely on to achieve their varied missions.

Though these IT systems are often considered support functions, they are just as often operational mission requirements. For example, program management offices and weapon systems rely on these same networks, which aren’t only for office automation and collaboration but also contain data that affects operations around the world and in space. Joint all-domain command and control and Advanced Battle Management System (ABMS) are two examples that can’t execute cyber operations without IT. The U.S. Air Force recognized the importance of IT years ago and reclassified IT from a support function to an operational function with the realignment of cyberspace support to cyber defense operations.

 

The requested defense budget for 2023 was $813 billion; $773 billion was for the DoD alone. The Pentagon requested $57.9 billion for IT, and of that amount, $11.2 billion was determined to be for cyberspace activities that include zero-trust efforts, growing the Cyber Mission Force and maintaining cybersecurity to secure the defense industrial base.

With all these dollars being set aside for IT investments, are the services spending it correctly? These are seemingly excessive budget numbers, but how much funding actually goes to operating and maintaining the network? Is the network really funded at the appropriate level? At the end of the day, does the DoD have a funding strategy for execution of its network? Does each of the services need its own network? A major roadblock to appropriately funding IT services in the DoD is that every functional community spends its own money for its own network. Is this the best approach? When the services provide enterprise capabilities—email, office automation and collaboration—the intent is to standardize capabilities, reduce excess spending and centralize funding within the IT budget. However, what often happens is the functional communities use the funds for other functional requirements. The resulting must-pay bills created due to the lack of centralized IT funding reduce the power and return on investment of the overall IT spend.

The majority of spending is 3400 (same-year or one-year) execution money that was programmed in the Five-Year Defense Plan; for IT, it’s more likely end-of-year fallout money. The must-pay bills have almost become larger than the total IT funding received through appropriations. Funding the backbone for data transportation for most weapon systems should be part of a larger strategic network and infrastructure framework and shouldn’t be relegated to an end-of-year leftover funds competition.

Part of the funding challenge is the subservience of the network investment to the ever-changing strategies of the departments. Every conflict the Air Force (and Space Force) has engaged in has required a robust network infrastructure, and in every conflict, the network need at the onset was substantially insufficient. It is safe to assume the next conflict in the information age against a peer adversary will be no different.

The recent creation of the chief data officer, chief architect, chief software officer and chief experience officer are revalidations that the departments are aware of their neglect and lack of prioritization for robusting the infrastructure in the past.

How did the services get there?

Large-scale adoption of automation, software-driven processes, cloud native applications, machine learning and artificial intelligence in industry has long been admired by senior leaders and strategists in the Air and Space Force. Yet admiration did not spark quick exploration or adoption. The department hired multiple individuals with industry experience to lead efforts in data, data sharing, software and human-machine interactions. Despite promising ideas, success for these chiefs has been elusive because the first criteria for success was a robust, secure and reliable network. Without substantial investment in the network, each proposal for a new technological advancement stalled. Instead of adopting principles and technologies widely used in the smallest of industries, these technological chiefs were forced to ask first for an investment in the network. After years of frustration and lack of adoption, or even traction for these cutting-edge, industry-proven ideas, many of these chiefs have left government service and returned to industry unfulfilled and dismayed with the inability of the government to procure and modernize an outdated and antiquated network.

Image
The Department of Defense must view technology as a powerful investment and not simply a means to an end. Credit: Staff Sgt. Timmethy James
The Department of Defense must view technology as a powerful investment and not simply a means to an end. Credit: Staff Sgt. Timmethy James

The enormity of the task of building and sustaining the network is too often oversimplified. Instead of placing the task in the hands of experts, the departments default to a reliance on traditional warfighters: the rated community. The result is often a proposal to build a new network not dissimilar to the existing network.

The Air Force’s ABMS is a perfect example. The objective of retiring the E-8 JSTARS aircraft and replacing its combat capabilities with a network of sensors is now an effort to build a “digital infrastructure” supported by the core capabilities of “connectivity, secure processing and data management.”  Each of these capabilities is a requirement for any network, including the vastly under-funded networks the Air and Space Force leverage for operations today.

In the business world, IT spending as a percentage of revenue is the most popular formula to calculate overall IT spend. One reason is that financial executives are accustomed to looking at many business functions in terms of a percentage of revenue. For example, they look at sales expense, marketing expense and accounting costs, all calculated as a percentage of revenue. Computing this metric for information technology is a logical extension.

The average IT spending across all industries was 8.2% of revenue. Unsurprisingly, software and hosting companies had the highest spending compared to revenues. Financial services organizations also showed higher than average spending at 10% of revenue. At the same time, across all industries, 56% of organizations expected an increase in IT spending in 2020, compared to the 20% that were expecting a decrease. However, there was significant variation by industry, with 85% of retail organizations planning to increase 2020 IT spending, more than double the 42% of consumer products companies planning to grow IT investments.

To be a bit more specific, let’s see how much money is spent on a per-user basis. A study in 2020 conducted by market research firm Computer Economics found that annual IT spending by users has been declining since 2018. The study found that annual IT spending by user averaged $7,569, down from $8,183, taking into account all sizes of businesses. This trend is not due to fewer employees, however. Moving to the cloud, increasing automation and other similar initiatives result in organizations gaining those operation efficiencies. The metric of “users” versus “employees” tends to give a more accurate picture of spending because not every employee is a user.

I wonder what the actual spend rate is in the DoD. In the end, the IT network can be one of the most valuable tools or weapons the DoD currently operates. To get there, the departments need to start looking at technology as an investment versus a means to an end and stop funding with end-of-year fallout. To achieve further savings, the services need to harness and exploit the power of artificial intelligence, machine learning and robotic process automation. They also need to look to industry to adopt best practices such as cloud computing and services and client and server virtualizations. They should also consider further incorporating mobile devices as service capabilities. To diminish the unnecessary spending and achieve the highest return on investment, leadership needs to push functional communities to concentrate and deliver on functional expertise and allow the enterprise to provide the network and infrastructure capabilities necessary for mission accomplishment.

If the DoD isn’t willing to make drastic changes and shift its paradigm, it will absolutely get what it pays for—a network that does not meet mission requirements.

 

Marc Packler, president, CISO Advisory, Silent Quadrant, leverages an immense and diverse skill set derived over the course of his 25-plus year career in the U.S. Air Force to positively impact digital security, digital transformation, risk management and strategic operations within organizations across a vast array of industries. He can be reached on the Silent Quadrant website, LinkedIn or marc@silentquadrant.com.

Enjoying The Cyber Edge?