A High Tide Raises All Boats

Net-centricity “is really a fairly simple concept,” explains Dave Wennergren, Deputy Assistant Secretary of Defense for Information Management and Technology and Deputy CIO, DOD.

“It’s all about knowledge management. It’s about getting the right information to the right people and wonderful things will happen. People will be able to collaborate; decisions will be made more quickly and more effectively.”

Wennergren made his comments during the Federal Executive Forum on Net-Centric Operations broadcast on Federal News Radio. The Forum delved into a number of topics that have far ranging implications on how net-centricity is affecting government operations for civilians and warfighters.

Because net-centricity focuses on the distribution of information, information assurance is a key driver and a key concern. Net-centricity is introducing new vulnerabilities, but it’s also full of opportunities according to Wennergren. “We have moved away from a world of thousands of local area networks with local area applications,” says Wennergren. That changes the focus of security from one that is local to a focus of relying on others. (Wennergren: A High Tide Raises All Boats continued below)

·         Brig. General Dave Warner, Director for Command and Control Programs, DISA

·         Cheryl Roby, Acting Principal Deputy Assistant Secretary of Defense for Networks & Information Integration (DASD/NII), DOD

·         Terry Morgan, Director, Net-Centric Strategies, Global Government Solutions Group, Cisco Systems, Inc.

·         John Meincke, VP, Air Force and Navy Operations, Federal Systems, Unisys Corporation

“My vision is that we would see information as a strategic asset,” says Cheryl Roby, Acting Principal Deputy Assistant Secretary of Defense for Networks & Information Integration (DASD/NII), DOD.

“As valuable to us as the ships we sail, the planes we fly, and the troops that we command, that we would see that net-centric operations allow the humans to leverage the power of that information, to be able to deal with the uncertainties that we have, the challenges, the needs, the unanticipated partners and the circumstances.”  Read More

Speedy, Rapid, Flexible and Agile

“What I would envision in the next three to five years is being able to provide capabilities to the warfighter in a very speedy, rapid, flexible, agile fashion,” says Brig. General Dave Warner, Director for Command and Control Programs, DISA. “To me the key to doing that is this federated development certification environment.”

BG Warner explains that this is a collaborative environment by which all participants can come forward with their ideas that are going to satisfy the warfighter’s requirements. Then capability modules can be developed and the environment can be used as a gateway to the Global Information Grid (GIG). Read More

A Note On The Network

“At Cisco we believe that everything that flies, drives, walks or sails will become a note on the network,” says Terry Morgan, Director, Net-Centric Strategies, Global Government Solutions Group, Cisco Systems, Inc.

Morgan explains that at the infrastructure level, Cisco has seen continued growth of unified communications, where as new data centers come on board they are becoming part of the network. He notes there has been significant progress in the development of IPv6 and the introduction of secure information sharing architecture. Read More

The Number One Priority

“Our Number One priority is clearly to support the warfighter,” says John Meincke, VP, Air Force and Navy Operations, Federal Systems, Unisys Corporation, “whether you are talking about the warfighting mission or the business systems and the other support mechanisms that are out there.”

To meet that priority, Unisys is doing quite a few things actually to support net-centric warfare. Read More

Knucklehead vs. Zealot

A key part of net-centricity is relying on an authoritative service that may not be local for the applications you need. As Dave Wennergren notes, “I go to an authoritative system that may be someplace else around the world and so being able to leverage that technology and find the application and do the work when I need to do it changes the mindset about what security means.”

To some this means there has to be a balancing act balancing act between information sharing and information security. “I think is completely the wrong analogy,” says Wennergren, “because it implies that one comes at the expense of the other.

And so the information assurance professional becomes the knucklehead that just wants to lock everything down and not allow me to collaborate with the people I need to get my work done. The information sharing person becomes the zealot that just wants to go talk to anybody and doesn’t realize the nature and severity of the threat to our systems right now.”

Wennergren believes we have to be hugely successful at both. “To borrow a nautical theme from my past life as the Navy CIO, ‘a high tide raises all boats’ then we would say that we would pick information security solutions that don’t further isolate me but information security solutions that allow me to collaborate securely.”

That is the kind of mindset Wennergren advocates. “If we go into it with that kind of mindset that we will collaborate more and more with more unanticipated users, and yet the threat to our networks is ever growing, we have to pick the security solutions that allow me to share, not to withdraw into my isolated world.”

That means changing the nature of what we look at and changing the way government looks at protection. “Because in the old days, COOP often focused on how do I back up my local system and that sort of stuff, but now I’m relying on a single authoritative system that might be someplace else.”

“Now the information assurance solutions are a lot more about the survivability, sustainability, resiliency of the network and the integrity of the data, can I trust the information I’m getting back? So the nature of the continuity of operation planning  changes and the fact that I work with so many other people and so it is not enough to just protect myself, I have to make sure that everybody else is raising the bar in security for themselves too.”

Wennergren points out “a lot of great stuff is going on,” including successes with the DOD common access card (CAC) and PKI solution. “We have a single PKI smart card application across 3.5 million people. It is raising the bar not only on physical security but cyber security and allowing us to do E-Gov. Digital signatures, get rid of paper based processes.”

Over the last year the Joint Task Force Global Network Operations (JTFGNO) has shown that by doing cryptographic log-on under the network with the common access card, there has been a drastic reduction in the Number One attack vector which was people cracking passwords.

“We are also reaching out to make sure that we are helping everybody raise the bar in security,” adds Wennergren. One example is that by working as a co-branded DOD Enterprise Software Initiative (ESI), DOD has put into place BPAs with companies to purchase data at rest encryption products for laptops and personal digital assistants.