Listening to General Cartwright discuss the QDR – 1 day after release – for almost an hour was a real treat at West 2010. AFCEA and USNI have captured the timing perfectly for this discussion, because we are getting a quick turn around from places other than Congress with an inside view to compare to the outside analysis many have been offering up.
One of the first topics General Cartwright took on was administration priorities. He noted the FY2010 budget at release was about 1% change from the previous administration, before noting again the FY2011 budget is about 5% change from the previous administration. With the QDR, he said he expects to see FY2012 represent the first real budget of the new administration that brings together all of the studies into the priority moving ahead. What was implied is that over the next 12 months the QDR acts as a boilerplate by which decisions will be made, or at least that is the intent. There was a critical point repeated in several places today at West 2010 – Secretary Gates put a lot of time into the QDR and made it his QDR, and that specific detail would presumably mean this QDR has more influence than previous QDRs. Should Secretary Gates remain in office through the FY2012 budget cycle then I think I would have to agree this QDR will mean more than previous QDRs.
One of the more interesting points raised by General Cartwright was when discussing the operational level of war, what has changed is how the work is now done at the entity level, and he contrasted this to the operational level of war previously being work like a maneuver operation. It sounds interesting, and I understand that operations now work at the entity level – but has that really replaced operations at a larger scale or is this an attribute of the current fight? I thought it noteworthy that as the day rolled on and cyberwarfare became the larger topic, reaching back to my experience as an IT security professional I can say the entity level matters a great deal to that discussion as well. Operating at the entity level is something worth more intellectual discussion and debate I think, because while it is not necessarily something new, it does represent an effective way to think and discuss operations, as it does a good job of articulating the conditions, objectives, and I would include training within the operational level of war. The “entity level” phrase was something that stood out to me, and has apparently been given considerable thought inside the DoD as the phrase was used more than once. Language matters, and using terminology and words from a common lexicon was a theme in the cyber discussions.
General Cartwright also discussed Ballistic Missile Defense, the Space Posture Review, Cyber Forces Command, nuclear posture review, and acquisition reform. The depth explored in these topics requires a unique post, so they will be addressed individually later.
Frank Hoffman’s panel that explored whether the QDR got it right include VADM Kevin Consgriff, Dr Thomas Mahnken, David Ochmenck, and Ronold O’Rourke.
Ron O’Rourke was excellent – he is good in DC, but even better the further from DC he gets. Tom Mahnken played the role of the devil’s advocate, and I noted when he discussed continuity he was basically reinforcing the parts that he helped write in 2006. He should have been more polarizing than he was, because the backhanded compliment style left a lot to be desired. When Ronald O’Rourke had harder hitting criticism than Tom Mahnken provided, quite frankly I was left with the impression Tom punted – or at minimum held back too much.
VADM Cosgriff was very good. He discussed principles of complexity and noted how the maritime strategy played the role as building block for several tenents expressed in the QDR. His line noting the QDR often represents a “classic” – always quoted and never read – led right into a key point he expressed to the audience… Read the QDR and think about it. It is good advice.
David Ochmonck was a real treat for the audience, being one of the writers of the QDR. He discussed the post -post cold war as exampled by 9/11, North Korean nuclear tests, and the growth of China as examples of the new types of trends that shape planning for the future. He discussed contested domains, emerging threats in the form of ballistic missiles, anti-space weapons, cyber, anti-air systems, and addressed both state and non-state challenges all within the context of the QDR. He discussed the QDR conclusions on more long range strike, more survivable ISR, more robust communications, building resliancy into bases, more cyber defenses, and better capabilities for dealing with nuclear threats in the 21st century. Moving past Mutually Assured Destruction was something the panel and General Cartwright discussed in detail – more on that later.
During the lunch speech, ADM Stavridis discussed the balance between protection and interaction in the cyber space. The key question he continued to focus on is “What is a cyber attack?” For him this question carries considerable value, as article 5 of NATO says an “attack on one is an attack on all.” How a cyber attack fits into NATO is apparently the question right now. That such a basic question is asked highlights where in policy development of cyberwarfare we are at. It was nice to see Stavridis out in front of the 1000 or so attendees touting Facebook, Twitter, this blog, and the Small Wars Journal – although I am still unclear how social software is being leveraged for the value of collaboration from folks like ADM Stavridis. Information sharing – OK, I can buy that, but how valuable is the information being shared? In Haiti the Navy did an amazing job flooding the social software space with information via Twitter and Facebook, but how valuable was that information? In the end, the signal to noise ratio was enormous, because while we know what was on a LCAC moving to shore thanks to pictures – we have no idea how many gallons of water the USS Carl Vinson (CVN 70) may have produced for Hatians in the first week. Two themes emerged today in regards to information: bandwidth and data filters.
Well, I’d say data filters are not only ineffective in insuring relevant information rises to the top, but the way humans apply data filters is just as problematic. Of all the information that is collected, disseminated, and distributed… what information is relevant and what is not? Applied to just about every issue discussed with the Navy, that basic question often goes without answer. Apply that question to the pot smoking naval academy midshipman, apply that question to the Littoral Combat Ship program, and apply that question to the operation in Haiti… is the Navy communicating effectively? Are the tools part of the solution or are the contributing to the problem? We all have opinions, but I think there is a discussion there.
Stavridis spoke to industry making it absolutely clear he believes the future in cyberspace must be a partnership between private and public. His phrase was “strategic connections” instead of “strategic communications.” As someone who has read a tremendous amount of what ADM Stavridis has written in the past, I think he should pen an article about strategic connections – because any attempt by me to explain it as well as he did would flop. Can device connectivity be strategic? ADM Stavridis believes it can be.
The cyber panel that concluded the day was moderated by VADM Nancy Brown (ret) with a panel that included Ms Terry Roberts, VADM Carl Mauney, Robert Carey (USN CIO), and Norman Friedman. Robert Carey is one of the few people in the Navy who follow every time an article he is cited in gets published, so it was interesting hearing him in person. He is a question asking guy, and didn’t bring his answer sheet to the panel. Actually, there was a lot in the panel that I will go into more in a later, broader cyber security discussion, but the bottom line for me is that Norman Friedman was absolutely brilliant in presentation and delivery because he was asking the basic questions that often get ignored after money is already committed to an issue. He was great – hopefully we can get some video on YouTube.
Lots more to come, this is just my very broad AAR based on just a few 0f the notes I took. Tons of thoughts, and yes, there were plenty of controversial things said today. Is the constitution in the way of good cyber security defense? That wasn’t asked as a question by one speaker, rather delivered as a statement today if you can believe it… More later.