Cyber defense and partner nation interoperability are vital to meeting national security objectives at home and abroad.
by Andy Strand
In “Sneakers,” a 1992 comedic caper about the ethical and political implications of cyberwarfare, Sir Ben Kingsley’s villainous character, Cosmo, sententiously instructs Marty, the film’s protagonist, played by Robert Redford, that war and power are no longer dominated primarily by weapons, energy or even money, but by the control of information.
More than 25 years later, the prescience of those lines is evident in a U.S. national security posture that highlights the criticality of information dominance and protection. In the 2018 National Defense Strategy, “Sharpening the American Military’s Competitive Edge,” Secretary of Defense James N. Mattis warns:
“America is a target, whether from terrorists seeking to attack our citizens; malicious cyber activity against personal, commercial or government infrastructure; or political and information subversion. New threats to commercial and military uses of space are emerging, while increasing digital connectivity of all aspects of life, business, government and military creates significant vulnerabilities.”
DOD is, therefore, focused on increasing information technology capacity, both within the department and on behalf of U.S. allies, to meet national security objectives at home and abroad.
Using the foreign military sales process, the U.S. Army’s Program Executive Office for Enterprise Information Systems (PEO EIS) international programs office, Allied Information Technology (AIT), headquartered at Fort Belvoir, Virginia, is doing its part to assist our allies. That assistance comes in the form of the command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) and defensive cyber capabilities necessary to defend against threats and contribute to allied coalitions, thereby expanding the perimeter of collective security.
AIT has taken acquisition notes from U.S. Special Operations Command (SOCOM) to do this as efficiently and effectively as possible. By focusing on speed, absorptive capacity (a country’s ability to absorb and support a particular capability), decentralization of command and interagency relationships, AIT is better equipped to deliver the right information technology (IT) solutions to our allies.
INTEROPERABILITY IN THE 21ST CENTURY
The global proliferation of IT over the past quarter-century has unlocked seemingly limitless potential for human well-being. The ability to create, manipulate, distribute or store information instantly has fundamentally changed the way we live and operate in the world. Just think of the ease with which a person can now communicate with family, friends, colleagues or customers from anywhere in the world through any number of digital media. Consider the significance of IT to fields like science and medicine, space exploration, commerce and education, to name just a few.
The internet has connected the world in ways our grandparents could never have comprehended, and while all of the interconnectedness is making life better in so many ways, our ever-increasing dependence on the IT that can improve our experience can also expose us to unique vulnerabilities and formidable threats. Indeed, our very way of living in the 21st century—the strength of our economy and our national security—now depends largely on a stable and secure cyberspace. DOD is prioritizing its focus on this issue not only for our own joint force, but also for our allies.
DOD’s mission is to make combat-ready the military forces needed to deter or prosecute war to protect and defend the security interests of America and its allies around the world against a continuum of state, nonstate and transnational bad actors. A key component of this mission is theater security cooperation, which begins with the conviction that building stronger defense partnerships and interoperability with our partners lightens our own security burden and enables them to play a larger role in the shared responsibility of maintaining what the 2018 National Defense Strategy calls the “free and open international order.”
Given the emphasis our joint force places on C4ISR and defensive cyber capabilities, it behooves DOD to continue investing in like capabilities for our allies. In doing so, we improve the durability of their IT infrastructures, help to improve the accuracy and reach of their warfighting systems, increase interoperability with our own systems and, perhaps most importantly, fortify their networks against antagonistic cyberthreats.
AIT has seen a sharp increase in appetite for these capabilities over the past several years, particularly in Eastern Europe, where Russia continues to provoke U.S. allies with cyberattacks and other overt acts of hostility. In Ukraine, for instance, AIT currently has underway several major IT modernization efforts for the Ukrainian armed forces, including a revamped network infrastructure, new training centers for Ukrainian special operations forces, a state-of-the-art joint operations center with effective command-and-control tools, NATO-interoperable logistics and medical defense business systems, and a first-of-its-kind cybersecurity operations center. All of these enhancements are a tremendous boon to the Ukrainian armed forces, enabling their leaders to make faster, more accurate decisions while defending against ubiquitous cyberthreats.
In fact, the Ukrainian armed forces are already seeing the operational impact of these capabilities in the ongoing conflict with Russian-backed separatists in eastern Ukraine. What’s more, the Ukrainian chief of general staff (equivalent to our chairman of the Joint Chiefs of Staff), recently wrote to the commander of U.S. European Command and NATO supreme allied commander, Europe, praising AIT for its efforts in Ukraine and requesting that AIT personnel continue to advise him and his senior staff on the investments needed to ensure that Ukraine can continue to optimize, maximize and sustain these capabilities over time.
They agreed that the Ukrainian armed forces’ senior staff should visit U.S. Army Europe in Wiesbaden, Germany, “in order to visualize the digital common operating picture and to receive an overview of battle staff procedures in support of the commander’s decision-making process.” Beyond the goodness of kudos, the real significance here is that AIT is having an impact far beyond the foreign military sales transaction itself, working to ensure that these capabilities do not become wasted investments.
But any success AIT has achieved, it has not achieved alone. We rely on best practices and lessons learned from organizations throughout the interagency enterprise, including SOCOM, to help us build partner capacity at the speed of relevance.
BUILT FOR SPEED
One of the biggest complaints from allies and foreign partners about the foreign military sales process writ large is that it takes too long for requirements to be prioritized, defined properly, organized and then processed through the many layers of DOD’s security cooperation enterprise. The sheer abundance of complexity in the IT space—system design, data sharing and protection agreements, etc.—can make foreign military sales in this area seem more daunting, especially considering the pace at which technology in this field changes. This is why AIT has chosen, not unlike other interagency organizations, to take a page from SOCOM’s stated acquisition methodology to cut timelines and bring greater velocity to the foreign military sales process. For AIT, the tenets of SOCOM acquisition translate to:
Speed as an attitude. Teams that understand not only how to execute their mission, but why it matters to the bigger picture, are generally motivated to hustle. AIT conducts sync meetings throughout the week during which one teammate is called upon to discuss the tasks he or she has for the week and why accomplishing those matters to both AIT and the Army’s overarching security priorities. This simple exercise encourages better communication, creates shared consciousness among the team and ensures that each individual—leader or follower, government or contractor—understands how his or her actions support success for DOD’s broader security cooperation mission. All of that tends to generate an expeditious vibe in the office.
Absorptive capacity matters. Not every country is prepared technologically, organizationally or even culturally to implement the latest and greatest capability that the U.S. defense industry has to offer. It may sound counterintuitive, but when we try to deliver too much capability too quickly, we end up overburdening the customer, making things perhaps worse than when we started. In our business, the best way to achieve effective results quickly is to deliver capability in a crawl-walk-run approach. Starting with smaller amounts of capability and using time-phased optimization to scale those capabilities later can build confidence in system users, earn buy-in from senior leaders and help the U.S. government know when, where or whether further investment is desirable.
Decentralize to win. Building tailored IT system solutions in a foreign country requires tremendous amounts of touch labor and calculated risk tolerance, which cannot be managed effectively from a desk in Northern Virginia. That is why AIT has chosen a decentralized organizational model, pushing most of the technical, operational and program management decision-making capability forward, where its personnel, led by an area-of-responsibility portfolio director (a government civilian), can work directly with the geographic combatant command and theater special operations command functional proponents (e.g., J-5, strategic plans and policy, and J-6, command, control, communications and computers and cyber), as well as the offices of defense cooperation and host nation ministry of defense itself. The proximity of AIT personnel to these commands provides front-row access to the requirements coming down the pike, which we then can take an active role in developing with the customer. This ensures that requirements are actionable by the time AIT officially receives guidance and funding to execute the projects.
Expand the Rolodex. Every AIT employee is encouraged to cultivate relationships with interagency members and other partners in the public and private sectors, and bring back ideas that can help us solve problems. By leveraging lessons learned from coaches and teachers, first responders, special operations forces, executives in finance and anyone else who can improve the way we operate, AIT will continue to increase its capacity to deliver efficient, effective IT capability across the globe.
The United States and its allies are clearly aware that the exchange and protection of information is paramount. Security is no longer solely about who has the biggest bombs or the most bullets; it is about access to and control of information. The 2018 National Defense Strategy acknowledges this reality, and the combatant commands are developing security cooperation strategies that will strengthen bilateral defense partnerships, enhance coalition building and interoperability, and increase the readiness of our allies and partners in uncertain, complex and potentially hostile security environments.
AIT understands its role in this mission and is working to cultivate a culture of acquisition operators who are laser-focused on doing foreign military sales better and faster.
For more information, go to http://www.eis.army.mil/programs/ait.
ANDY STRAND is the director of AIT, based at Fort Belvoir, Virginia. He holds an M.A. in international affairs from the University of Oklahoma and a B.A. in history from The Citadel. He is an Army Acquisition Corps member and is Level III certified in program management and in information technology.
This article will be published in the January – March 2019 issue of Army AL&T magazine.
Subscribe to Army AL&T News – the premier online news source for the Army Acquisition Workforce.