The Issue of Informatized Conflict

The Issue of Informatized ConflictCharles H. Rybeck, Lanny R. Cornwell, Philip M. SaganIt as well ask the remilitarization of the Rhineland in 1936 to carry out many another(prenominal) to the terror of the national socialists. In 1957, it took S ratenik to alter the US to the Soviet threat in space. It took 9/11 to awaken many to the threat of rough Islamist extremism. And it took the Underwear Bomber of Christmas Day 2009 to awaken the White Ho engage to the inadequateness of the itinerary the US employmentd its Terrorism Watchlist.What forget it gull to awaken us to the threat of what the Chinese insightfully c exclusively(a) Informatized Conflict1? go out we embolden our adversaries finished an ineffectual response as the world did when facing the emerging Nazi threat? Or exit we respond as decisively and with as much foresight as we did to Sputnik?What will it betroth to align the linked States policy-making science (USG, used here as synonymous with whole of brass as an green light construct) and its allies to fool a focal point good countermeasures to prevail in Informatized Conflict? In this article, we outline a non-partisan, USG-led schema for security in the face of that argufy.Information Technology, the quaint and already outdated concept of IT, fails to seize the digital place of our world in the Information years. The concept harkens preciselyt to the without delay-distant days when IT was a sequestered, relatively unimportant, compartment of our world. CIOs reported to CFOs because CEOs pigeonholed computers as simpleton acquired immune deficiency syndrome to accounting. In elicitdor, though, as any 1 with a smart phone knows, the digital proportion is now integral to every aspect of business and societal fundamental interaction on a global scale.Each day we wake up in a world of active Informatized Conflict. Unseen battles argon creation waged all around us. After the Chinese penetrated our military weapons sup ply chain, later the North Koreans exposed our corporate vulnerabilities, and after the Russians influenced our national media in the 2016 presidential Election, how is it that we wastent responded strategically to this clear and present danger? What sequel would we find to transmit cross meanss to take the steps requisite for our own defense?Sadly, the USG and our consummate home(a) Security Enterprise (which includes all stakeholders, public and reclusive) be failing to without delay confront the digital threat because it is non constituted to see this issue. Our institutions explore at the world as it was, not as it is, and not as it is inevitably becoming in the rapidly emerging world of the pro plump of Things (IoT), where machine learning will play an essential role in organizing the growing sea of information in which we live.Every tool we use in national security (from weapons to intelligence to diplomacy), in commerce, and in memorial tablet now rests on a rapidly evolving digital run agroundation. Today we must run to keep up, and tomorrow we will be required to run even faster. This challenge to run is, unfortunately, in an ara where we pay off r bely managed to crawl and our nations behaveers have not fully know that reality at the extravagantlyest aims. Senior executives are moreover beginning to realize that our digital challenges have compel mission-critical, that they defy our routine scholarship processes, and that they are too consequential to be left to technologists and acquisition specialists, alone.The pressing read for friendliness of Informatized Conflict by non-technologists prompted us to translate what have been internal plane section of Defense ( defense lawyers) and comprehension Community (IC), IT-based debates into unclassified laymens terms for take careation by in organise influencers. This article was written to (1) identify key, progress-limiting issues on which the Executive leg and sexual relation guide to act, (2) offer a unifying and non-partisan strategy to shelter Security and Freedom. In Part II of this series uses 2 ad hoc examples to illustrate the execution of this proposed strategy.Responding to Global Disruption How do We Need to modify the Way We Fulfill our guinea pig Security Mission? The digital dimension is enhancing and disrupting the fabric of life in every society where crudefound-fangled applied science is present. Walter Russell Meads Blue Social Model2 describes the slow-motion collapse of that part of the 20th Centurys legacy is now accelerating in slipway that will alike(p)ly usher in an past re fusion. This realignment will, of necessity, change the frameworks at bottom which America provides for its security, including how it acquires the goods and values it uses in that effort. 2017s national and external news is unfolding so feverishly that the non-partisan Joint action recommended in this article is in constant jeopardy of becoming everyplacecome by events.As Mead points out, Donald Trumps election rump scoop up be on a lower floorstood as part of the Blue Social Models collapse. TAI readers will not be shocked to hear that regime, Industry, and Labor leaders have all, in their chill to preserve the old hunting lodge, ignored the digital dimensions field Security imperatives. contempt all the Governments talk about the Internet Cybersecurity and all its investment in IT Cyber, our national Security Enterprise has yet to orient its priorities or its figure to prepare for Informatized Conflict.Right now, our Government has a bizarre chance to reorient the structure, flow, and management of the information for the subject area Security Enterprise in ways that both ensure the security of our future and reduce the cost of our defense.3 We have not yet recognized that-even though our challenges have their roots in the technology arena-business-as-usual technological themes alone will not promise these challenges. USG last makers and influencers, from the Executive Branch to telling to our citizenry as a whole, will have to consider and adopt a Joint strategy in order to realize the benefits of this digital reorientation. Of course, this will take us away our national comfort zone, but, given the Informatized Conflict threat, the alternate(a) of continuing with business-as-usual is unthinkable. foolhardy observers have pointed out that overreaction to catastrophic attack is likely to jeopardize our democracy. So, bar of such attacks should be a rallying point for citizens of every political persuasion. And we should protect our capacity for non-partisan and bipartisan cooperation on confronting our vulnerabilities as one of our fuddledest field Security assets. scarce the Trump nerves actions to preserve and rebuild trust across the National Security Enterprise fag make that cooperation possible.Vision for a New National Security Jointness descriptor 1 Th e Joint National Security Enterprise Combining Capabilities of the refutation, IC, and International Partners stemma USD(I)In the US, we hand our frontline National Defense leadership to the DoD and the IC, cardinal interconnected but separate chains of command. These entities are chartered to deliver energizing and non-kinetic capabilities. Only the Commander-in-Chief (POTUS) controls both.In 2009, Lt Gen James Clapper, as Under Secretary of Defense for Intelligence USD(I) unite his focus on Intelligence, Surveillance, and Reconnaissance (ISR) with all projections of national situation that are in create by ISR in a hallucination for Jointness. This vision (see Figure 1.) has yet to be implemented, but it provides the basis necessary for C4ISR coalescency (Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance). This vision summarizes what the DoD and the IC have on in theory. They agree on Jointness and spinal fusion in the fields of i ntelligence, military operations, cybersecurity, and counterterrorism.4Jointness has a sublime and successful history as a strategy for the US build up Forces. moreover here we use the term Joint to refer not only to the combined Armed Services but to the corporate actions of all the DoD, IC, and other stakeholders-and ever-shifting alliances-whose efforts combine in pursuit of National Security with all the instruments of national power. spinal fusion here combines data, data science, and data services to fulfill security objectives first outlined by the bipartisan 9/11 Commission. We depend on this Fusion at every stage of conflict. For example, modern ISR depends on Upstream Data Fusion (UDF), not always having to handle for cumbersome sequences to produce a fully-vetted finished document. Similarly, active conflict with near-peer adversaries demands kinetic responses only possible via Fusion-based, Machine-to-Machine (M2M) interoperability. A concerted national applicatio n of Jointness and Fusion can break the deadlock that is keeping us from doing what we know we admit to do at the enterprise-level to defend ourselves in a world of Informatized Conflict. That Jointness can only be achieved by bringing together the appropriate teams, at the appropriate levels, to ensure a clear commanders intent is realized.Our trinity subjective Mission-Critical Teams Figure 2 The National Security Enterprises Three Mission-Critical TeamsSource DMIThree Mission-Critical Teams combine to form the National Security Enterprise and fulfill its mission. The Government teams (brass section Budget, Mission Execution, and Technology) perform functions analogous to their three familiar private orbit equivalents (i.e., the CEO, COO, and CIO organizations). The obvious differences between the Governments organization and the private sector (for example, the shared powers of Congress and POTUS) are useful in understanding why common-sense solutions and efficiencies adopt ed most universally in the private sector have been rejected within the Government. C4ISR Fusion connects the three Mission-Critical Teams for Informatized Conflict.Acquisition to Support USG Innovation? Eisenhowers farewell address cautioned us to be wary as well as vaporific in how we contract with the military-industrial base to improve capabilities. Despite yeoman efforts by the Executive Branch and Congress, Americas system for acquisition has not matched Eisenhowers challenge nor has it kept up with technologys structural transformation. Platforms, sensors, and systems are undergoing widely reported changes, but the USG go the accepted acquisition challenge only by understanding the molecular(a) structure of the information or digital substrate underlying them all.Without the field imposed by what the private sector calls a business case, the USG has become famous for failed large-scale technology initiatives.5 Fortunately, though, new, private-sector innovations are cre ating opportunities to change how the Government conducts its National Security business.Industry observers are all aware that software study has undergone an historic transformation from grand, multi-year Waterfalls to modest, short-term Agile sprints. DevOps is now coming into use to describe software DEVelopment and information technology OPerationS as a way of accelerating the building, testing, and releasing software. Famously taking advantage of microservices and as-a-service infrastructure, private sector leaders (such as Netflix and Uber) are currently showing how new software can be delivered hourly.In contrast, fielding software enhancements in National Security now typically takes years. The USG is adopting Agile study-but within enterprise strictures that are preventing the implementation of many of its most potent benefits.Responding to these global, private sector-led changes, Congress has mandated acquisition change in the National Defense Authorization Acts of 2016 and 2017. 6 Although such reform has been a perennial subject of conversation, Secretary of Defense Mattis has an opportunity to work with a receptive Administration and Congressional leaders like the Chairmen of the Senate and House Armed Services Committees, Senator John McCain (R-AZ) and Rep. Mac Thornberry (R-TX), to fundamentally reorient acquisition. In the past, the USG focused primarily on procuring existing products, services, and capabilities to happen upon know requirements. Now, the USG demand to build the inherently Governmental internal competency to lead a new way of doing business continuous engineering to take advantage of evolving technology in a data-centric context and to confront evolving threats.In confronting the current strategic and acquisition challenge, the Trump Administration will drive to avoid the pitfalls of commercial conflicts of interest, bureaucratic overreach, and unnecessary partisanship. In a propelling commercial environment involving man y vendors offering to sell partial solutions to the USG, the Administration will need to improve its acquisition and orchestration functions.What does an informed USG elderberry bush executive need to know about the infinite array of National Security technological and programmatic detail in order to affect such a consequential change? At one level, it is quite simplePrivate Sector best practices can guide, regulate, and execute the many functions that are not unique to the USG.Key mission areas, in contrast, demand unique and USG-specific intervention. US law often refers to this as inherently Governmental and specifies how it needs to be handled. Private Sector best practices, here, are inadequate to meet USG needs.This simple distinction can be usefully applied to our current Informatized Conflict challenge.Commanders Intent/ Congressional Intent/ National StrategyWe already Know What roleplays The Trump Administration should begin immediately to right the gridlock inherent in so much of the USGs preparation for Informatized Conflict. The Executive mathematical function of the President (EOP) could mobilize the leaders of Governments three Mission-Critical Teams (Governance Budget, Mission Execution, and Technology) across the entire National Security Enterprise. Together, the three Mission-Critical Teams could champion Tightly reorient amount capabilities to enable enterprise functionality and innovation at the by and large joined edge.Figure 3 Tightly Aligned/ Loosely bring together as an alternative to straight offs dysfunction and as a Winning Joint Strategy in Informatized ConflictWhile the Tightly Aligned/ Loosely Coupled appeal originated as an engineering concept, it has been successfully applied in concert by the three private sector equivalents of the Mission-Critical Teams to guide similar foundational, Internet-dependent initiatives. Major retailers and service delivery firms (famously, Wal-Mart in the 1990s and Netflix in the 2000s, for example) rebuilt their supply chains exploitation this come on. The Google Android used on smartphones, tablets, and other devices-the operating system (OS) with the worlds largest installed base-is an apply source example of this strategy in action.The Tightly Aligned/ Loosely Coupled strategy applied to the USGs digital assets can be what Ernest may and Philip Zelikow called a Capital P Policy7, a redirection around which the country unites over a long timespan and across political divides. This and subsequent Administrations will need a rigorous Mission/Business Case to sustain alignment among these three Mission-Critical Teams. Fortunately, the mission benefits are so powerful and the cost nest egg so dramatic that the Mission/Business Case could be rigid enough to overcome the entrenched interests who will, of course, fight it with all the tools at their disposal. The subject matter of the Tightly Aligned/ Loosely Coupled strategy is to agree on those few principles , policies, and standards necessary for the enterprise to function as a unified whole. Then operational units and mortal programs can be freed to innovate at the edge in whatever ways best serve their individual missions.Who Needs to Do What?What we are proposing is an approach inspired by some systems thinkers from each of the three Mission-Critical Teams. Here we give examples with an emphasis on those representing the Governance Budget and Mission Execution teams. The only technologist listed here is Dr. CerfAndy marshal (retired leader of the Defense sections Office of Net Assessment)Gen Mike Hayden (retired after star NSA and CIA)Philip Zelikow (former executive director of both the Markle Foundation task force on National Security in the Information Age and then the 9/11 Commission later Counselor of the Department of State under Secretary Condoleezza Rice)The late Ernie May (senior advisor to the 9/11 Commission)Michle Flournoy (former Under Secretary of Defense for Poli cy and now head of the shopping centre for a New American Security)Gen Paul Selva (the Vice moderate of the Joint Chiefs of Staff)Vint Cerf (the co-inventor of TCP/IP, the messaging protocol that underlies the entire Internet)They and we have found that few Government executives have the cross-functional experience to fully appreciate their counterparts frames of reference. But the kind of changes that the USG needs now can only be do by aligning the strategies of all of the three Mission-Critical Teams.Figure 4 align the Three Mission-Critical Teams Source DMIThe three Mission-Critical Teams bring very different foci, levers, and arti items to the fight. These, in turn, depend on distinctive disciplines, equities, goals, methodologies, timetables, and metrics. In order for the teams to align, each need to accommodate the others demands and battle rhythms.A Call to ActionPresident Dwight Eisenhower in person led the response to Sputnik. Among a series of coordinated initiatives, he formed the Advanced Research Projects influence (ARPA) which changed the Governments approach to procurement of high risk, high payoff take placed technology, ensured US leadership in the Space Race, and funded what finally became the Internet. Eisenhower demonstrated the power of senior executive decisions in combining the three Mission-Critical Teams under the coordination of the EOP.This article has proposed how the three Mission-Critical Teams Necessary for Security (Governance Budget, Mission Execution, and Technology) can mobilize around a Tightly Aligned/ Loosely Coupled strategy. We have specified roles and responsibilities in language understandable to each of those teams. We have proposed a framework that enables serious, public consideration of issues that have been ignored, enables senior executives to take decisive Joint action, and enables them to authorize unclassified metrics for assessing progress in classified realms.8Do we have to wait until adversaries in flict catastrophic terms before we take the steps that we already know we need? Will we allow ourselves to be incapacitated by internal divisions? In advance of the unthinkable, can we do what it takes to provide for the common defense in this Age of Informatized Conflict?Charles H. Rybeck, Lanny R. Cornwell, and Philip M. Sagan are Senior Advisors to the Intelligence Community and the Defense Department on Enterprise Engineering issues. They are CEO, COO, and CTO of Digital Mobilizations, Inc. (DMI).This is Part II of an Occasional Special SeriesDRAFT IN PROCESS non Releasable in Any FormThis requires Prepublication Re realise before official introductionThe Figures are in this draft for content only. They are creation recreated in forms suitable for publication. This is a continuation of theWhat Will It Take? Part I of an Occasional TAI Special Series.Tightly Aligned/ Loosely Coupled Strategy in Action Two Illustrative exercises Charles H. Rybeck, Lanny R. Cornwell, Philip M . SaganThe Tightly Aligned/ Loosely Coupled strategy calls for budgetary, operational, and technology changes, but in this article, we only introduce the strategy in broad outline using two representative examples of where the USG has already successfully begun. These two examples unders nucleus the role of the combined three Mission-Critical Teams within the Government in initiatives that require broad popular support.Below we explore two examples in order to illustrate the challenge facing the USG, to show how pockets of excellence within the USG have already pointed the way forward, to demonstrate how the challenge of the digital dimension demands different USG responses, and to underscore what, concretely, will need to be done by the USG. Many achievements are classified, lawfully and necessarily protected from public discussion. But any digital strategy for National Security can and must be agreed upon at the unclassified level, sustaining widespread public support on the bas is of legal arguments that include a full defense of our privacy and civil liberties. For that reason, we consider two pathfinding efforts, acknowledging their strengths and sketching what needs to be done next.Our System Can Work Weve Shown We Can Crawl We assess the US response to the challenge of the digital dimension as requiring a progression from Crawl to go to escape. US visions for future defense such as the Third Offset, Integrated Intelligence, Cyber Security, Data-to-Decisions (D2D), and Fusion Warfare all depend on this digital foundation. For the last decade, for example, the DoD has been guided by the Anti-Access/Area Denial (A2/AD) construct in supply to confront near-peer adversaries. A2/AD will also need to adjust its view of platforms, sensors, and weapons to accommodate the kinetic and non-kinetic implications of this new digital foundation.Fortunately, much groundwork for this mobilization is already beingness laid at the Federal level. We can already point to many successes at the Crawl stage. Two examples can solve how consequential these decisions can be, how the role of the USG will need to be accommodate to the problems, and how much further we have to go in order to Walk and Run.Example 1 Modernizing Infrastructure In 2012, the IC recognized how it was go through and delivering IT hardware, software, and services in ways that were unnecessarily inferior to the private sector. They awoke to the fact that the Governments acquisition approach was handcuffing every aspect of National Security. The Congress, the IC, and the Administration support the Central Intelligence Agency (CIA) in taking the lead in this initiative. They all deserve credit for the joint effort.The CIA reoriented its office of the CIO. It created a commercialized Cloud Services (C2S) contract to end CIA reliance on internal, outmode expenditures and shift to purchasing infrastructure services as a utility. And it put the CIO under a new Directorate of Digita l Innovation (DDI) to give away link it with Mission functions.The contract enables a new, market-based model for acquiring enterprise-level software. C2S-based applications are licensed with fees to software vendors paid on the basis of the utilization of their products. This grocery store allows competing products to be evaluated and adopted by users in their day-to-day decisions as to how best meet the requirements of a specific problem. In the rapidly evolving data craftiness of the Internet, this method is far more adaptive and effective than a pre-determined, one size fits all solution imposed by a modify bureaucracy.In technical terms, the IC is shifting much of its infrastructure be from CAPEX (Capital Expenditure) to OPEX (Operational Expenditure), eliminating recurring CAPEX, paying only for services as needed, and arranging to tick current with hardware and software innovation in ways that were out of the question in the old business model.The success of the CIAs C 2S initiative results from the Agencys recognition that the effective use of commercial market investments, technologies, and business processes can result in highly effective application of all too precious tax-payer capital, avoiding ineffective, expensive duplication. The result of the Agencys strategy has been improved mission effectiveness while unloose scarce technology development funds to meet those needs that are truly unique to the Agencys mission.Example 2 Modernizing Knowledge Management (KM)In marked contrast to Infrastructure, the management of information within Federal systems was recognized by the IC as an inherently Governmental function, a core competence that should not be outsourced.Accepting that responsibility, the National Security Agency (NSA) took the lead in the Smart Data Initiative to identify what standardised labeling of packets of information are necessary in a modern digital environment.The first results, an Enterprise Data Header (EDH), was a sig nal achievement, professedly and intentionally minimalist, but sufficient to enable the IC Cloud in its Crawl phase.In both these examples, Infrastructure and KM, success was achieved only because the organizations involved, specifically the Congress, the Administration, ODNI, CIA, and NSA all aligned their three Mission-Critical Teams in the service of a new strategic direction.But Can We Walk Run? In order to achieve mission benefits well need to stop mistaking blowzy for Hard and Complex for Simple. We have selected these two specific Crawl success stories because they also illustrate the executive decisions that need to be made today if we are going to Walk and Run tomorrow. In the case of infrastructure-which can best be thought of as plumbing-something relatively straightforward is being made unnecessarily complex within the DoD acquisition and prep apparatus. In the case of KM, many USG Departments Agencies-including the IC DoD-are mistaking KM as a simple issue. The USG is failing to come to grips with something inherently difficult by, in some cases, inaccurately imagining it is easy if we just build the plumbing, everything else will take care of itself. It is only by effectively structuring and managing information (KM) that the USG will grow the digital dimension to yield its mission benefits.In both cases (Infrastructure and KM) necessary but insufficient actions have been taken. Creating Cloud repositories for data and minimal metadata standards are achievements, but, in themselves, they cannot produce the Mission Benefits that are needed and that have been promised. Sadly, many executives have bought into an automagic fallacy that these Crawl phase activities would automagically produce Walk and Run results.Figure 5 What is a Responsible Executive to Do?Source DMILower level Government employees are left holding the bag. They are forced to describe classic Quick Wins and low-hanging fruit because it is only their boss bosses who are empow ered to make the tough choices and substantial investments that will be required to produce the promised Mission Benefits. In the Agile development environment, where development of software continues apace as long as lower level Government product owners approve incremental progress, mission-critical decisions and investments are often postponed indefinitely.The impediments to the mettlesome Road are so formidable that thousands of National Security employees and contractors have adopted the Low Road. The distinction depicted in Figure 5. has in reality been rejected by USG employees because it disparages the Low Road. That is the strategy weve adopted, and we need to promote it.Example 1 Enterprise Infrastructure Private Sector Best Practices confidential information the Way for Government Action Due to the disconnect between the DoD and the IC, Infrastructure Modernization is currently being held back at the National Security Enterprise level. Private sector solutions will nee d to drive this partnership.The DoD and its Armed Services are resisting the massive budgetary/acquisition changes needed to implement the CIA-led strategy.Only the Commanders Intent will be strong enough to clear this impediment.POTUS does not need to wait for a catastrophe to prompt this solution.Example 2 Enterprise Knowledge Management (KM) Government Active Management of a Modularized, Multi-Vendor Competitive Environment for InnovationAt the same time that a sound foundation for KM was being laid through the establishment of IC data standards in the EDH, two basic strategies for the acquisition of intimacy exploitation technology were utilized. Weve termed the first approach The Hedgehog and the second The Fox in honor of Berlins 1953 essay on Tolstoy and the philosophy of history, which begins quoting the ancient Greek poet, Archilochus, who wrote The fox knows many things, but the hedgehog knows one big thing.The Hedgehog. The hedgehog strategy entailed the acquisition of a n all-inclusive solution from a single vendor, what we can think of as a highly-advanced knowledge appliance9, a comprehensive solution that combined hardware, software, and a particular way of thinking about knowledge, problems, questions, and answers. This approach outsourced all to a single supplier. It fit the existing procurement system well because it focused on a single, big procurement decision.The Fox. The fox strategy entailed the acquisition of a order of battle of modularized10, best of breed, highly-advanced devices, each of which solved parts of problems and in combination formed a system capable of solving a particular problem. Hardware, software, and way of thinking about knowledge, problems, questions, and answers could be quickly re-configured as better technologies came on or needs changed a critical capability given the hullabaloo of Internet technologies and applications. This approach limited the amount of hardwa