While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
What follows are additional questions and answers from an interview with acting Defense Department CIO Linton Wells II that appears in the August 2005 Fed Tech. Fed Tech Managing Editor Vanessa Jo Roberts sat down to talk with Wells just prior to his returning full time to his job as principal deputy assistant secretary of Defense for networks and information integration.
Fed Tech: How did you get drawn into technology and information technology through your naval career?
Wells: As a teenager my hobby was naval history but also warship design. And so the ways in which the ships were built and technology incorporated, in conjunction with the operational constructs and how these contributed to victory or defeat, has been something that's interested me ever since I was a kid.
I think that's where the idea of policy and technology drew together for me. Both my parents were foreign correspondents. We spent a lot of time talking about policy-related issues when I was growing up. I personally had kind of techie geek interests. So it was a familial sort of thing from the beginning.
Fed Tech: How do the different things happening outside the Pentagon, such as the war in Iraq or any deployments, affect what you do?
Wells: Let me go farther outside. IT is transforming the world in which live, the way we do business and in fact, our way of lives-not to mention the mindset of the young people who are our future human capital pool. We've got to leverage what's going on out there. This is driving a lot of where we're trying to go. Rather than trying to just sort of wait and see what happens, we're trying to get out there, identify the trends and leverage them.
With regard to particular deployments and things like that, we need to get the best capabilities possible to our forces in the field. Technology rolls out in spirals that are keyed, wherever possible, to units deploying to Operation Iraqi Freedom.
What's really important is to realize that technology itself is not the be-all and the end-all. You have to evolve the doctrine, the organization, the training, the materiel, the leadership, the personnel and the facilities all together.
So if somebody's going to deploy in October, in order to work with capabilities during their predeployment training in August we need to have that technology to them in about May, so they can get familiar with it before work up. We try to treat the introduction of training, technology, doctrine procedures, also as a holistic integrated approach.
Fed Tech: How does something like the Base Realignment and Closure Commission's recommendations play into what you do and how you plan?
Wells: We had a very good relationship with the BRAC people as the plan was being developed.
They let me see the draft plans and, in some cases, we were able to weigh in and say, "I just don't think it makes sense to move this unit from here because you'll be losing access to the talent pool, or whatever." Or, in other cases, we'd say, "We think we're net-centric; we ought to be able to work with collaborative tools and teleconferencing. These units don't need to be collocated; it doesn't bother me."
I was quite happy with the outcome. I think that in part because of the build-out of the Global Information Grid and GIG-Bandwidth Expansion, there's enough connectivity around the country that there weren't many things in our areas that were falling off the cliff because of BRAC. But I appreciated very much the chance to weigh in. I think on those issues where we said we had a real interest, they listened.
Fed Tech: You've often identified some of the major challenges to net-centricity-turf, security, bandwidth, money, schedule-but over time have you seen that as the dynamics change of what you're trying to do that your challenges also change?
Wells: Absolutely. For example, there's no doubt you'll always be battling for spectrum.
But I have two thoughts.
First of all, the degree to which the department has by and large accepted the net-centric vision over the past 24 to 36 months has really been quite extraordinary.
Ken Krieg [undersecretary of Defense for acquisition, technology and logistics] has said that in the battle between digits and widgets, the widgets usually win. But, in point of fact, in the 2006 budget, net-centric concepts did very well.
The challenges, for example, are illustrated by one of the areas that caused concern in the Joint Tactical Radio System. JTRS began life as a replacement radio. And this was a significant improvement. We got a software-driven architecture with multiple waveforms in one radio. Now, JTRS is coming to be seen as a mobile router on an Internet Protocol network, in many cases this will be a multinations and coalition IP network.
The security design of the chips that you build if you're going to do U.S.-only circuit-switched radio is quite different than if you're going to do coalition network routing.
Part of what happened is that the concept got out ahead of the guidance to the program manager. The result was that he was out there bending metal, building to one requirement, and all of a sudden the world is expecting something else. So now we have to go back and recalibrate and then move forward.
Fed Tech: How does the net-centric effort look back at the data that already exists? DOD has a lot of historical data-useful, important command and control data. How do you make sure that can be blended in?
Wells: If there are release-ability caveats on the information, "releasable to Ruritania," say, it's easy to band the data so the right people can get access. There also are some good algorithms today that allow us to tag data based on the content-more or less automatically. These are getting better.
Clearly, the way ahead is to get things tagged at birth. But we do have some pretty good examples of taking a wide range of things that, say, relate to a particular topic and tagging them in a way that a community of interest can make use of the information.
Fed Tech: Is that a constant ongoing project that you're doing?
Wells: We will never get all the legacy data tagged. This is why the idea of communities of interest is so important.
As you think about the data strategy, recognize that DOD has four main mission areas: warfighting, business, intelligence and the enterprise information environment.
Within the mission areas, there are a series of domains. Now, we're standing up communities of interest, typically within domains, that will define the data standards and the data dictionaries and what data is most important. The guys in battlespace awareness don't much care what the finance and accounting or human resources people are doing. But by using communities of interest, you get each party's most important data addressed and eventually make it available to everybody.
Fed Tech: What about the whole issue of privacy and security? Since more and more data is available in more and more ways and you don't have stovepipes anymore, how does that play into the issue of net-centricity?
Wells: The Information Assurance architecture that the National Security Agency laid out moves us away from the present paradigm of high walls and wider moats-with angry alligators in the moats to keep people out-to the recognition that you're always going to have the cleared insider problem (someone inside the network whose willing to compromise the information).
You have to accept that you're probably going to get some kind of penetration of the network.
Fed Tech: It never stops. They're always tryingÂ
Wells: They're always trying. And if our bodies were built the way our networks are today, we'd die every time we cut our skin because we'd have no immune system, or things like that, to fight it off.
So the new model calls for strong identification/authentication as the heart of maintaining near-real-time situational awareness of what's happening on in the network and then being able to respond when you see anomalous behavior.
In the course of that, as long as you have this strong identification/authentication, you can do a better job of protecting individuals in the network because I'm not going to let, say, your medical record out because we receive an anonymous request over the Internet. To receive it you've had to validate that you're the person who has access privileges.
I think the architecture actually helps with that, but it's going to be a while before we get there. Clearly the flip side of strong authentication and identification is a reduction in anonymity on DOD networks. Many prize anonymity on the Internet as a key privacy feature, and within DOD nets privacy is clearly a concern. One way to protect privacy is by limiting access to those who are authorized. DOD has for years also had a chief privacy officer so we have an advocate on the privacy side to keep things balanced.
Fed Tech: While there may be just a handful of main objectives, there are so many smaller, lower-level objectives at DOD. From the systems end, how do you keep track of all the work that's going on and how do you manage that and keep yourself in the know?
Wells: The department uses acquisition categories based on the size of each program. By having something like that, we can focus on the bigger programs, which is not to say that every now and then some small program that's really crucial to something else doesn't fall out of the woodwork and become a problem. But, by and large, it's tiered by the size of the programs.
Then you can also designate programs as special interest areas, even if they may not trigger the size checks.
The reporting requirements that the Office of Management and Budget has set up for e-government-as anguishing as the Exhibits 300 and those kind of thing are-also provide you data, a lot of data.
I also serve as the milestone decision authority for the acquisition of a number of the major automated information systems. And John Landon, who works for me, chairs the overarching integrated process teams that examine the acquisition of these capabilities.
We participate in these processes. We participate in requirements generation through the Joint Capabilities Integration and Development System process and through the many functional capabilities boards.
I'm a member of the Defense Acquisition Board, and my team is involved in the requirements piece of all NII-related programs. Clearly, we also play a role in the program reviews.
So there are actually lots of flows. The main issue is-and I think we're getting better at this-that are there some things that remain hidden, say within in operations and maintenance accounts where you just don't get much visibility into what's happening at camps, posts, stations and things like that.
Fed Tech: What about things that are great that are happening within a small program that aren't on the radar and so don't bubble out?
Wells: That may well happen; although I find that when people get some really good news story, they try to find ways to let folks know about it.
Fed Tech: What are some examples of pockets of excellence?
Wells: For example, the Horizontal Fusion [multiple-source data integration] people have been working with the 18th Airborne Corps and the Joint Explosive Ordnance Disposal folks as they deploy to Iraq to provide them with the most infusion of net-centric stuff that we can get. That, I think, is a pocket of excellence.
GIG-BE is a pocket of excellence.
I was out a couple of months ago at Fort Leavenworth, Kan., talking to the Army doctrine people and looking at how we can take their dynamic battlespace networks and command and control and fold in net-centric concepts.
So there are some real success stories. We have the long-term vision. Now, it's going to be the hard slogging work, if you will, of making it happen at the tactical edge where the users are.
Fed Tech: How to you work with others within DOD to communicate?
Wells: One of the things I've tried to do is have almost informal networks, if you will, so people can say, "Hey, this is bothering me," and that sort of thing.
Lt. Gen. Robert M. Shea [director for command, control, communications and computer systems on the Joint Chiefs of Staff] and I co-signed a memo recently outlining our broad concerns over the next 12 to 18 months about where things are going. Gen. Shea has a C4 campaign plan, and is moving forward. So we've now been going through and crosshatching his campaign plan with what is in our joint memo, with our internal actions, with what DISA is doing and with other activities.
Fed Tech: How do you get buy-in for your programs and to share data in an environment that has sometimes been controlling of data in little pockets?
Wells: I do two things.
First of all, you go for win-wins whenever you can. You look for things where there's something the Air Force is doing that can actually benefit the Navy.
Second, my observation is-and I think it's an advantage having been a career officer in uniform that I can at least speak with some credibility about what the operators need-the operator doesn't care if the electron is light blue or dark blue or khaki or olive drab. You're interested in getting the information that you need. So long as you stay focused on the needs of the joint warfighter, you can't go too far wrong.
Fed Tech: What happens in a case where somebody has to give something up to get to something better? How do you deal with that?
Wells: Secretary Rumsfeld has been really good about making the point that we should not let the midlevels of the bureaucracy stymie progress. If you get to the stage where there's a fundamental disagreement, then bubble it up to whoever can make the decision, let them decide and go on.
One of the things he really is down on is people who let things simmer along for six months without him ever knowing there was a disagreement. He's more than willing to say, "Fine. Do it that way. If it's wrong, we can change it later." Make a decision and move on.
Fed Tech: How would you describe your management style?
Wells: I try to be as decentralized as possible, to provide broad guidance, then let people go off and run their own shows. There are some areas, some particular projects, where to get something started, you need to grab it and dictate to get things on the right path. Once it's on the right path, I back off. If things are on track, fine, let 'em run. If there's a problem, come tell me. I set up feedback mechanisms to provide checks and balances.
Fed Tech: In the time that you've been in the CIO job-or maybe even longer-what is the thing that you're most happy having achieved?
Wells: I think the extent to which the network-centric vision is being accepted across the department and being able to articulate that vision to broader audiences. We've been working to develop the ability within the department to reach out and communicate, collaborate, translate and engage beyond the dot-mil domain with nontraditional partners inside and outside of government. I think the first satisfaction is getting the vision internalized within the department, and then now being able to see the extent it's being accepted broadly.
If I was looking at a particular program, I think GIG-BE has been an excellent example of something that's come along well.
Fed Tech: Is there anything else you'd like to talk about?
Wells: Yes, I'd like to address the rewards of public service, especially to our younger readers. There's a large number of midlevel and senior managers in DOD, actually throughout the federal government, who are going to be retiring over the next several years. The opportunity for young people, especially technologically literate young people, in government careers will be extraordinary.
Fed Tech: Is that something you find yourself doing, trying to recruit people into government service?
Wells: I try to go out and talk to universities. Almost anytime I give a speech, I'll make the point. I spoke at the University of Virginia School of Engineering a few weeks ago. Usually, I go back to Johns Hopkins University-they have an Information Security Institute-and talk with the students. I've been over to the Naval Academy a couple of times.
Fed Tech: What's kept you in the government?
Wells: As far as the Navy goes, the Navy never figured out that for years they were paying me for doing my avocation. I remember telling someone in seventh grade that I wanted to go to the Naval Academy, and I had a chance to follow through on that.
Doing this, not a day goes by that I don't say, "Wow, what new and exciting stuff is happening!"
I had the opportunity at 17 to take an oath to support and defend the Constitution of the United States, and I've had the privilege of doing that in uniform and out for the past 42 years. It's been a tremendous opportunity.