Lessons from SPAWAR
The Navy already has an example of how a single- agency provider can impact the joint information environment. The Space and Naval Warfare Systems Command (SPAWAR) has been the Navy’s single-source provider of information systems for approximately 36 years with varied results. SPAWAR has been key to developing, fielding, and supporting all Navy and Marine Corps C4ISR systems, including the Aegis and all cryptologic systems. The problem that has developed from this single source is two-fold. First, many of the systems that our sailors utilize are designed so that after brief initial troubleshooting on board, it becomes necessary for the technician to reach back to the shore-based infrastructure for technical assistance. Second, once distance support is exhausted, technicians are only authorized to troubleshoot to a pre-defined point; once this point is reached they must send the equipment back to SPAWAR for repair. This constraint is especially true with cryptologic systems.
With this process, SPAWAR has guaranteed itself, and the contractors that support and develop these systems, longevity as the creator and sustainer of the systems. Instead of ensuring that systems work as needed and that our sailors are able to fully operate and maintain the equipment throughout its life cycle, the current construct forces the Navy to rely on contractors to keep systems ready for and available in the fight. While SPAWAR certainly provides excellent support to the warfighter, the complications that have arisen from these contractual obligations give insight into the potential performance and management issues of a single agency, such as DISA, procuring and operating in the joint information environment.
Since the reestablishment of the 10th Fleet in January 2010, the Department of the Navy has done an exemplary job of examining the full scope of all of our networks and determining the best method to begin defending and fighting in the cyberspace domain. Part of this process has been implementing the Cyber Security Inspection and Compliance Program (CSICP), which has been instrumental in bringing cyber and physical security to the attention of commanding officers and placing an emphasis on cyber readiness. The focus is critical as we progressively incorporate non-kinetic effects into our operational plans and tasks.
CSICP, though, is not without its frustrations from the waterfront. A common issue appears to be that an inordinate number of ships score extremely low on the inspections. The inspectors readily admit that this low score is common across the Fleet and that nothing can be done until Big Navy changes security policies to recognize the inherent difference between ships and shore-security setups. Another common frustration is that often inspectors strike fear into commanding officers and their crews by indicating that if the inspection goes badly, the ship can be removed from the global information grid (GIG). This worst-case scenario threat is often quickly negated by the inspector’s statement of “Don’t worry, that never happens.” This double statement serves to lower expectations and removes concern for consequences from low scores on the CSICP inspection.
Every ship dutifully prepares for these inspections because the individuals within the affected departments want to excel for professional and personal pride. Ultimately, however, it comes down to focus of effort for each ship. As long as you are not the worst on the waterfront, the immediate supervisor in command takes the report and moves on with more pressing issues, with little or no concern for specifics of the results or significant corrective action. These frustrations with administrative burdens that have little meaning or impact will only be magnified if the joint information environment is run from a single agency such as DISA.
Given the need to maintain mission readiness regardless of connectivity to a shore command, it follows that all information systems and policies for the Navy need to be procured and created from the viewpoint of a deployed ship, submarine, or aircraft without immediate and sustained support from a shore-based command. A central controlling agency such as DISA would not be able to effectively operate from these independent-warfare platforms. While DISA is beneficial for high-level uniformity and to facilitate communication between different service’s networks, this difference in thought process is critical for the Navy’s ability to maintain operations in a bandwidth-constrained environment, while still complying with required updates and regulations. It seems that much of the information assurance vulnerability alerts updates and requirements come from a shore-based mindset where unlimited bandwidth and connectivity are not an issue. At a shore-based command, it makes sense to immediately download and implement patches and updates.
Alternatively, ships and submarines are operational around the clock with significant bandwidth constraints. Commanding officers cannot afford to limit connectivity to implement patches that may affect the network’s operations. If updates or patches are required, a criticality threshold should be met before requiring the ship or submarine to take the required bandwidth to download the patch or update.
Navy computer and telecommunications area master stations already provide the necessary backup to protect our networks; the Navy should allow them do more than just manage and report, they should conduct active protection of Navy networks. If a single computer is beaconing back to a suspicious host, let them isolate that computer from being able to communicate with that host. The more proactive the shore side is in protecting the Navy’s GIG, the easier the job of the deployed units. The Navy should also provide ships and submarines with cryptologic technicians trained in computer network defense. This provides instant on-scene analysts for any necessary forensics, as well as a source for ensuring that the proper security settings are balanced with operational needs.
These steps allow each level to actively protect the joint information environment to which each Navy unit serves as a node. We work in a risk-filled environment, and while we want to limit our risk, we cannot be risk averse in everything we do. As with all things, we need to understand the risk and limit it, but it can never be completely eradicated. At times circumstances may require taking greater risks to maintain battle readiness. Today, technology and adversaries change at a pace that limits our ability to effectively neutralize all risk. The Navy must utilize a minimally invasive approach to their participation in the joint information environment, which must simultaneously defend our ability to interact with it while minimizing the disruption to the operations of the affected commands.
In 2012, Naval Warfare Development Command produced tactical memorandum 3-56.1-12, “Command and Control in a Denied or Degraded Environment.” It emphasized the need to implement clear commander’s intent with well-defined prior permission required to ensure that in the middle of a denied or degraded environment, commanders would not be hindered in making the necessary decisive decisions that might win the battle. The Navy should operate in the joint information environment in the same way. While this environment provides an excellent way for Fleet and combatant commanders to know what is occurring at the unit level, it is also a way for those same commanders to micromanage the fight. This micromanagement has the potential to restrict units from making the critical decisions at the opportune time in the midst of a battle. If controlled by a single agency, the Navy risks losing our ability to manage the way we fight and the fight itself. The need to communicate in a joint environment is a given, but being able to communicate jointly and having the same systems are two separate discussions.
Historically, the Navy and Marine Corps team, more than any other service, has expected and continues to expect that junior officers and senior enlisted are capable and ready to make far impacting strategic decisions within the purview of their orders. The Navy’s strength has always been independence and flexibility of operations combined with the ability to dictate the terms of how and when we fight. From the Quasi-Wars with the Barbary pirates to Midway, success for the Navy has been defined by less restrictive doctrine and greater ingenuity. Fleet Admiral Chester W. Nimitz stated in March of 1948 upon his departure as Chief of Naval Operations that:
Naval forces are able, without resorting to diplomatic channels, to establish offshore anywhere in the world, air fields completely equipped with machine shops, ammunition dumps, tank farms, warehouses, together with quarters and all types of accommodations for personnel. Such task forces . . . can be employed with the unique attributes of secrecy and surprise—which attributes contribute equally to their defensive as well as offensive effectiveness. . . . It is wisest to exploit—not neglect—the element of strength. Hence a policy which provides for balanced development and coordinated use of strong naval forces should be vigorously prosecuted in order to meet and successfully counter a sudden war in the foreseeable future.
The Navy has strength in the joint information environment that no other service has on a day-to-day basis. We facilitate the President’s ability to place an information node where no other branch can go.
Our continued investment and balance in procuring both kinetic and non-kinetic effects, and the balanced employment of both, make the Navy the go-to service to provide immediate full support to the battle spectrum. If a single agency defines how the Navy interacts and operates within the joint information environment, then we give up our ability to shape the battle space as we see fit. With the Navy’s ability to quickly impact tactical and strategic decision-making, it is imperative that the Navy be permitted to dictate our specific interactions with the joint information environment. Each service tailoring their participation in the joint information environment provides a robust communications network that can survive a broad-spectrum attack. Without tailored participation, there is a greater risk of a breach in a singular system, which could be quickly replicated to destroy or hinder the other services’ ability to operate in the joint information environment.