Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

NAVWAR Strives for Industry-Style Innovation

The command emphasizes a culture of empowerment.
By Robert K. Ackerman
Two cyber experts in the Naval Information Warfare Systems Command (NAVWAR) review the cyber baseline process. NAVWAR is implementing new approaches to ensure the security and resiliency of Navy cyber assets. U.S. Navy photo
Two cyber experts in the Naval Information Warfare Systems Command (NAVWAR) review the cyber baseline process. NAVWAR is implementing new approaches to ensure the security and resiliency of Navy cyber assets. U.S. Navy photo
Naval Information Warfare Center Pacific tests the Cooperative Autonomous Systems for Standoff Maritime Inspection and Response, which is designed for supporting remotely operated vehicles autonomously. NAVWAR is increasing its efforts to blend commercial and military technology to generate innovative solutions to Navy needs. U.S. Navy photo
Naval Information Warfare Center Pacific tests the Cooperative Autonomous Systems for Standoff Maritime Inspection and Response, which is designed for supporting remotely operated vehicles autonomously. NAVWAR is increasing its efforts to blend commercial and military technology to generate innovative solutions to Navy needs. U.S. Navy photo

The Naval Information Warfare Systems Command is addressing human-technology synergy by empowering its workforce to both adapt new technologies and adapt to new technologies. The command’s personnel are working with people in its industry partners on efforts that will affect operations across the entire Navy.

Tonya Nishio, command information officer, Naval Information Warfare Systems Command (NAVWAR), notes several technology areas in which NAVWAR will rely on innovation to advance its capabilities. Digital transformation, machine learning and robotic process automation will be the fiscal year 2022 focus across the command’s five functional areas. And the key element in a NAVWAR information superiority strategy Nishio signed off on a year ago is to have an empowered culture with optimized resources and innovation, she relates.

Nishio offers that the organization has three high priorities spanning its five functional areas. One priority is to drive data-informed decision making and digital transformation across NAVWAR. This entails targeting end-to-end processes such as requests for information and information technology purchasing, and the group is developing an information technology effort across NAVWAR. It will use the Navy’s Jupiter data analytics environment, she adds.

Her organization is using robotic process automation bots and other low-code/no-code automation platform efforts across NAVWAR. The Jupiter platform will serve to deliver data analytics and dashboards, she notes. And the Information Technology Procurement Request (ITPR) process will align all information technology purchasing and budget data across the entire Navy. The office’s work on ITPR reform is the crux of what will drive many other efforts, she offers. This will allow the service to divest tools, expedite the purchasing process and cut costs servicewide via the Jupiter environment.

Data is the key to ITPR reform. Nishio relates that a 90-day pilot conducted last year took all the information-authoritative sources and connected all NAVWAR business intelligence systems to provide initial data upfront without a user having to look for it. All decisions would be automated upfront via a dashboard that approves criteria.

But this just scratches the surface, she continues. Her organization is seeking to feed data analytics and robotic process automation into machine learning (ML) and artificial intelligence (AI). The challenge is to make this happen at the Department of the Navy (DON) level to give the leadership an accurate image of information technology procurements and spending across the board.

This will require more than the NAVWAR business intelligence tools, she states. These capabilities must move into the Jupiter environment to be connected, accompanied by rule changes so that all the DON commands are using it the same way.

And putting all these capabilities in place is the key to exploiting AI and ML, she declares. “Everything is linked together,” Nishio elaborates. “You can’t do one data initiative or one data analytics/machine learning/artificial intelligence effort without it being linked to a million others.”

Another priority is to enhance NAVWAR cybersecurity readiness and resiliency. Nishio relates that the command is scheduled for an enterprise cyber inspection this year, so it will address deficiency remediations arising from that inspection. The command also wants to improve its programs’ cyber status by disconnecting or securing any operational systems with expired authorities. Defense in depth will be the approach, she notes, for mitigating the risks of any particular system.

The focus on information security must be holistic, Nishio says. When cyber defense orders are issued, all NAVWAR systems receive them. The future holds zero trust and other capabilities related to defense in depth, she explains. “We’re targeting our risk management portfolio and ensuring that we have a capable system moving forward to evaluate where our vulnerabilities are,” she elaborates.

The Navy as a whole is looking at risk management framework (RMF) reform, she continues. In the past, it was compliance-based within specific criteria. But instead, the Navy wants it to be more about specific systems—their assets and vulnerabilities. “It’s about constant awareness instead of, ‘Yes, you’ve gotten all your checks in the boxes and you’ve met your criteria and you’re good to go for two years,’” she allows. “This is more of a constant review of a particular system.” It would be more agile, dashboard-based and data-informed than just a compliance check.

A development, security and operations (DevSecOps) environment will secure the infrastructure so that patches and upgrades can move through the system quickly and securely to the end user, she states.

Nishio says that NAVWAR is “definitely all-in” on any capabilities involved with digital transformation within the command. Yet, NAVWAR is working on other innovation realms such as 5G and cloud service, and the command has pilots across NAVWAR on these and other capabilities. Late last year, the command undertook a couple of pilots on blockchain, for example. “When you start thinking about it in terms of security and integrating into networks, it gets very fuzzy,” she offers.

A third priority focuses on users and their information technology experience, she says. This entails expanding information technology and cyber knowledge and resources, as she notes that NAVWAR makes up nearly half of the Navy’s acquisition information technology workforce. Technical training will remain a NAVWAR responsibility, and the command already has rolled out a digital training platform. But NAVWAR needs to move forward toward a full learning management system, she adds. This will require consolidating and expanding licenses in information research and contracts.

These priorities that Nishio is addressing span NAVWAR’s five functional areas: information technology portfolio management; information technology capabilities and services; command information security office; data and digital innovation; digital workforce development and communications.

Information technology portfolio management is where the command has its compliance validation of the training and regulatory requirements. Nishio explains that this is done for all acquisition programs across all of the program executive offices composing NAVWAR. For all of these registered systems, this area conducts compliance requirements per the Clinger-Cohen Act, the information technology budget process and information technology procurement management. This group also manages the command’s overall information technology enterprise, such as legacy network authorization or cloud migration road maps.

The second area, the technology capabilities and services group, basically serves as the information technology command for NAVWAR. Nishio notes that this group serves NAVWAR the way that NAVWAR serves the rest of the Navy. It coordinates assets and devices for thousands of users across NAVWAR encompassing Navy Marine Corps Intranet computers, mobile devices, printers and SIPR tokens, for example. It also maintains four base area networks hosting several key applications at a campus in Old Town Alexandria.

The third group, the command information security office, coordinates execution of defense cyber operation orders for all NAVWAR systems. While responsible for securing systems and networks and defending against new attacks, this group also is in charge of incident response, cyber inspections and business continuity management. It also hosts the command’s RMF package permission office, to which every NAVWAR system or program must submit a request for connection authorization. Nishio points out that the command prepares all NAVWAR systems for high-risk escalation when needed.

One key development emerging from this group this year is a set of dashboards for program managers. It is part of a scorecard for a collective picture of the overall NAVWAR cybersecurity footprint, Nishio says, to abandon the approach of relying on compliance checks. Instead, the dashboards will empower program managers to improve their cybersecurity where necessary.

The fourth group, data and digital innovation, contains the command enterprise resource planning business office and the command knowledge management office. It also includes the command data director along with facilitators of the information superiority governance structure, which comprises many distributed teams, working groups and the executive governance board.

The fifth group, digital workforce development and communications, manages the official task orders that come down from the Navy chief information officer. These total about 1,600 annually, she adds, and the group also handles records management as well as information technology accessibility.

NAVWAR’s involvement with industry ranges from contracting to implementing innovation. Nishio notes that the command’s industry partners that work with it on a daily basis play a key role in developing the command’s strategies and executing its activities. NAVWAR also works closely with its Naval Information Warfare Center (NIWC) Pacific and NIWC Atlantic research and development organizations, and both facilities have substantial ties to industry and academia. “Pulling information from industry is one thing, but then we really want to do some deeper dives as well,” she states.

The command has a standing vendor brief that it performs an average of once a week. This entails a two-way discussion on what a company has to offer NAVWAR in the way of tools or technologies that can be implemented in the command’s strategy, she relates.

The command has several challenges in which it will depend on industry, particularly in use case requirements such as collaboration. But NAVWAR has added challenges in that it must maintain a higher level of security than industry, Nishio notes.

But in the end, it all comes down to the workforce—government and industry, she allows. These workers are the font of innovation, and being connected across organizational lines increases the effectiveness of their inventiveness. The command must have people available, either internally or from industry, who can adapt industry solutions to meet Navy challenges in security and ease of use. The

Navy can learn from industry’s agility as well, she adds.

Enjoying The Cyber Edge?
The Cyber Edge is part of SIGNAL Magazine. Subscribe or join AFCEA to receive SIGNAL and its award winning news.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA

Related Cyber Content