Navy leaders acknowledge networks are a problem. Now what?
The Navy’s chief information officer continued a direct and unsparing critique of the service’s networks at one of the largest IT conferences for government contractors.
Aaron Weis, who became the Navy’s CIO in September, said during a March 2 keynote luncheon at the West 2020 conference that the service’s networks were overly complex and, therefore, difficult to defend. “I would argue our networks are holding us back,” he said.
Weis said when he explained the Navy’s email setup to Satya Nadella, the Microsoft chief executive was “flabbergasted.”
And on the topic of cybersecurity, he said “the Department of Navy is losing our information every day to our adversaries. We’re leaking our information out whether it’s from direct exfiltration or through the defense industrial base.”
The problem is not the roughly $11 billion the Navy spends annually on IT, he said, but that the Navy needed to spend smarter.
Weis’ message came roughly two weeks after the service released its “Information Superiority Vision,” a strategic document on how to improve its IT efforts. Navy leaders often emphasize a need to move faster on IT, but Weis’ message since his appointment stands out for its candor.
Industry officials have long acknowledged the problems with the Navy’s IT systems. Some leaders, inside and outside of government, have been hopeful that these changes will get renewed attention under the watch of Adm. Michael Gilday, the Navy’s top officer. Gilday previously served as the head of U.S. Fleet Cyber Command/10th Fleet and the conventional wisdom has been that he can be an ally to help correct these problems because he knows first-hand the difficulties the infrastructure creates for sailors. In a December memo, he declared “Cybersecurity is commanders’ business,” a notion that officials in the IT community welcomed.
“We have a commandant [of the Marine Corps] and a [chief naval officer], who uniquely understand the value of the information environment,” Weis said.
During a 90-minute panel of sea chief leaders to kick off the conference, Gilday only mentioned the service’s cyber and IT troubles in passing.
But Navy officials told C4ISRNET they expect to see a coordinated effort to improve IT, from Gilday and Marine Corps Commandant Gen. David Berger, publicly manifest itself in the fiscal 2022 budget. In the meantime, Navy officials said the first glimpses of change may come in the form of reprogramming requests to Congress for the fiscal 2021 budget.
Weis suggested three initiatives to improve IT.
They included:
A “single, unified transport layer that’s flatter and easier to defend.” Weis wants this project, between the Navy and Marine Corps, to take advantage of software-defined networking that will allow sailors and Marines to share information.
Aggressively adopting a cloud-based infrastructure that will in part allow for modern software design. With a more streamlined approach, processes and approvals that today take years could shrink to weeks, he said.
A change in mindset for cybersecurity to more continuously determine protection levels.
“Cyber is a word that has become so used that at this point, it probably means everything to everyone. And, therefore, maybe it’s meaningless today,” Weis said. “It’s a buzzword that’s used to describe things so that you can get funding, so you can attract attention, so you can make speeches. But it doesn’t describe what we’re trying to do. And what we need to do is defend our information wherever it is. Whether it’s at rest, whether it’s in training, whether it’s supply chain, defense, industrial base, you name it, we should be defending it in a way we’re not today.”
Because the release of the Information Superiority Vision came just weeks before the West 2020 conference, the document was a common topic in San Diego, especially as it relates to emerging technologies.
At a conference panel on artificial intelligence March 3, Lt. Cmdr. Connor McLemore, principal operations research analyst and section head at the Office of the Chief of Naval Operations Assessment Division, said “our systems are not currently setup to employ AI to its fullest potential.” Jamie Lukos, head of the intelligent sensing branch at Naval Information Warfare Center, Pacific, said researchers there often circumvent existing systems to get their work done.
But Navy officials also spent much of the conference explaining their modernization efforts, including a greater emphasis on data, cybersecurity and software development.
Rear Adm. Christian Becker, the head of Naval Information Warfare Systems Command, said that, beginning in 2012, Pentagon leaders had looked for savings at the expense of the network.
“We harvested quite a bit of savings and efficiencies in our network,” he said. “And so we have the network that we paid for, and over time, that gap widens.”
Now, he said, Navy leaders view the network, and its subsequent modernization, with greater urgency. Today leaders are exploring “how we can start to build out that network, which supports our war-fighting capabilities, because the network itself is a war-fighting platform … The network is not a place to take efficiencies. The network is the place where we are going to fight.”
Photo: FORT GEORGE G. MEADE, Md. (December 12, 2017) – Vice Adm. Mike Gilday, commander U.S. Fleet Cyber Command/U.S. 10th Fleet (FCC/C10F), meets with meets with Command Master Chief Dee Allen and assistant chiefs of staff during a regularly scheduled morning brief. U.S. Fleet Cyber Command serves as the Navy component command to U.S. Strategic Command and U.S. Cyber Command. U.S. 10th Fleet is the operational arm of Fleet Cyber Command and executes its mission through a task force structure. (Mass Communication Specialist 1st Class Samuel Souvannason/Navy)