Archive for the 'Innovation' Category
Please join us at 5pm (EDT) on 22 May 2016 for Episode 333: The Battle of Jutland & the Time of the Battleship with Rob Farley:
We are coming up on the 100-year anniversary of the Battle of Jutland.
Stop for a moment, close your eyes, and then tell me what image comes to mind.
If your image is of a huge mass of steel coming at you out from the mist at 25-knots belching out sun-blocking clouds of coal-smoke and burned black powder and searing fingers of flame pushing tons of armor-piercing explosives, then this is the show for you.
For the full hour this Sunday we will have as our guest a great friend of the show, Robert Farley. We will not only be discussing the Battle of Jutland, but battleships in general in the context of his most recent book titled for clarity, The Battleship Book
Rob teaches defense and security courses at the Patterson School of Diplomacy at the University of Kentucky. He blogs at InformationDissemination and LawyersGunsAndMoney. In addition to The Battleship Book, he is also the author of, Grounded: The Case for Abolishing the United States Air Force.
The Decision Process for Littoral Warfare
Our Navy expects to retain open ocean dominance by superior “shooting” with sufficient weapon reach and accuracy using manned or unmanned aircraft and missiles, and with an adequate set of anti-scouting, Command and Control (C2) countermeasures, and counterforce measures. Our present network of continuous but electronically detectable systems needs only to be kept secure from enemy C2 countermeasures to continue our blue water dominance with carrier battle groups, surface action groups, and expeditionary strike groups. The Navy calls the capability “network-centric warfare.”
In this piece, however, we concentrate on the dangerous environment close to a coastline that the full range of our sensors and weapons cannot be exploited. The threat of sudden, short range attack is a constant concern. We wish to describe an effective mesh network to fight in combat environments like San Carlos Water in the Falklands War, the coast of Israel in the 1973 War, and other waters that led to sudden surprise attacks on ships at relatively short range, like the missile attacks on USS Stark (FFG-31), HMS Sheffield, the British supply ship Atlantic Conveyer, the many missile attacks in the Gulf “Tanker War” of 1982-1989, and most recently against the Israeli missile ship, INS Hanit, off the Lebanon coast.
The littoral environment is cluttered with islands, coastal traffic, fishing boats, oil rigs and electromagnetic emissions. It is further complicated by shoal waters and inlets that offer concealment as well as threats to our warships imposed by land-to-sea missile batteries. In littoral waters the tactics are dominated by the need to be as undetected as possible with ships and aircraft that are small in size but large in numbers. Offensive tactics are achieved not by dominance at longer ranges but by covert, sudden surprise attacks and anti-scouting techniques. The mesh network we will introduce is resilient, agile and self-healing, employing intermittent and hard-to-detect communications to support offensive strikes as its foremost operational and tactical advantage.
The development of a mesh network that enables us to Attack Effectively First with a distributed lethal force in the littorals is essential to the full spectrum of future naval operations and tactics.
Command and Control Structures
All networks for Navy Command and Control must function within the context of twelve fundamental tactical processes. The mesh network we describe below fundamentally is intended to achieve what the late VADM Arthur Cebrowski espoused: a command system that is a network of people and things to perform three processes:
- Sense (detect, track, and target enemy units)
- Decide (make tactical command decisions and execute them with a communications system for control)
- Act (which for simplicity we will treat as the acts of combat maneuvering and shooting at something to good effect. Other purposes include antipiracy, defeating drug runners, or conducting humanitarian operations, each of which requires other forms of action.)
What is the purpose of the sense-decide-shoot sequence? Keeping to basics, the purpose in naval tactics and in this paper is to Attack Effectively First. Now we see why there are not three but twelve elements of tactical decision making. With the above examples in mind, it is clear that to Attack Effectively First a Tactical Commander must perform his three processes better than the enemy who simultaneously is performing his own Sense, Decide, and Shoot processes. Furthermore, each side is trying to interfere with his enemy’s processes, stopping or slowing them enough so that we can act (shoot) first. In Fleet Tactics and Coastal Combat, Hughes calls these network-supported actions: anti-scouting, command and control counter-measures, and counterforce.
Each commander governs only six of the twelve processes with his network. He does his best to interfere with the enemy’s activities and network but he can’t control them. A complete discussion of what comprises the combat actions and what measures help achieve an advantage—to attack effectively first—can be found again in Fleet Tactics and Coastal Combat.
Also observe that timeliness is an essential ingredient of the tactical commander’s networked decision process. Rarely is it possible for him to wait for a complete picture before acting. The Battle of Midway, the night surface battles in the Solomons, and the 1973 Yom Kippur War’s sea battles all demonstrate the extreme pressure on leadership and the genius by which a victorious tactical commander chooses the right moment to launch his attack while mentally assimilating twelve interacting processes.
What Is a Mesh Network?
The definition of mesh originates in graph theory language describing flexible self-forming, self-healing, and eventually self-organizing networks. From a pure mathematical standpoint, mesh network topology is described as a complete or fully interconnected graph. For a system of N nodes the mesh topology is represented by N(N-1)/2 links in which the every node is connected to all the others. From the computer and information networking standpoint, mesh networking could take place at every critical layer of network functionality, which is typically structured through the 7-layered hierarchy of cyberspace. At the lowest physical layer populated by moving assets such as platforms and their antennas, it could be viewed as a directional or physical network of highly dynamic components. Here advances in computing technology, signal processing, and transmission open up new opportunities we are exploring at the Naval Post Graduate School
Altogether, across the layers of cyber-physical space the mesh network of LCS nodes could be implemented as an interacting set of Hubs and Relays (physical layer, layer 1) interconnected by Bridges (link layer, layer2) and governed by Routers (IP space layer 3 and above) . The set is assisted by Gateways (application layers 5-7) that interface with other networks, for example those of other Services and nations, that use different protocols. In the Navy application the network is a Decision Support System for efficient but intermittent, hard-to-detect transmission of information (processed when desirable); complex orders; and compact commands, in order to conduct almost undetectable actions by the force components in the network. A key advantage of a mesh network is its mobility in (a) physical, (b) cyber, and (c) functional domains simultaneously to enhance our command-and-control (or decision-execution) process, and to degrade an enemy’s attempt to interfere with our command-and-control countermeasures.
Mesh Networking Effects on the Decision Process in the Littorals: C2 Migration to Cyber-Physical Space
The Littoral Combat Ship (LCS) was designed to operate in the global littorals. Today’s LCS configuration with its sea frame and mission module capabilities provides a set of defensive surface, anti-submarine and mine warfare capabilities. Plans under way to boost the LCS to frigate like offensive capabilities presume survivability in contested waters.
The LCS already is a multimodal networking platform that carries small, deployable manned and unmanned components. Adding dynamic short lifetime mesh nodes will enable the LCS to operate in time and space with intermittent transmissions. We describe an extremely dynamic mesh which doesn’t rely on time-space continuity but instead executes the Sense-Decide-Act (S-D-A) C2 cycle in highly discrete moments in time and space.
In a mesh network the Sense, Decide, and Act processes operate in both the cyber and physical domains. The C2 correspondence between the S-D-A phase in physical space and similar S-D-A steps in cyberspace can be exploited to create new options for concealment and surprise. For example, by turning on the Sense Mine Counter Measure component, we start collecting surveillance feeds from organic unmanned vehicles and other fixed or aerial-surface mobile assets in the physical space. Then the LCS commander will repeat the D and A steps in cyberspace. It could be as simple as prioritizing the sensor feeds or turning the situational awareness views “on” and “off” to save on bandwidth that is shared with many partner boats. Or the MCM mesh capability can be as complex as switching all assets feeding data to LCS from on or over an island with strictly directional peer-to-peer links, meshed in a less detectable non-line of sight (N-LOS) mode. The Physical “Sense” capability meshes with multiple, nested “D-A” performed in the cyber domain.
On the other hand, suppose we are fusing feeds on a peer’s activity in the LCS physically with N-LOS to the peer concealed behind an island. Suppose as well the radar or optical sensor feeds from a patrol boat in view of the site only intermittently. Now it becomes a priority data feed. The LCS commander shoots a projectile (physical space action) with a miniature wireless hub in its payload. The projectile’s compact communications unit reads the data from the boat sensor during the descent and sends it to the LCS, while in the line of sight. It is a process of a few seconds carried out in physical space, while the C2 process improves on the patrol boat’s cyberspace data feed. Meanwhile if the adversary is able to observe the act he is unable to decide whether it is threatening or not. There are other opportunities as we approach an enemy coast while we are establishing all domain access with a mesh network. The littorals are where the complexities of warfare all converge and where access to all domains will be required often simultaneously. The Naval Postgraduate School, is exploring the complexities and experimenting with these technologies.
By serving as critical nodes in a littoral mesh network, the LCSs and other vessels and aircraft both manned and unmanned can take on new operational roles. The configuration of information networks—well described in (Comer, 2011), and their decision making variants described in (Bordetsky, Dolk, Mullins, 2015)—will typically be guided by the presence and usage of four major types of critical networking nodes: the Hubs, the Bridges, the Routers, and the Gateways in a hierarchy of protocol layers, of which the Open System Interconnection (OSI), a seven-layered model, is the most popular one. In such a unified picture, stratified nodes perform across a scaled mesh of links, and hubs are connectors of physical layer (OSI layer 1). Bridges (or switches) operate one layer above, becoming the main connectors for clusters of nodes, which share the same type of medium and use the same rules for intermittent or on-demand listening to each other. In information technology vernacular these clusters are known as local area networks. The Routers take packets of data from a local network separately and “navigate” them from cluster to cluster as layer 3 main connectors.
In this mesh network, the LCS’s function is critical as Sense-Decide-Act information flow in connectors to local clusters of manned-unmanned nodes support the mission. They could naturally become C2 flow Hubs, Bridges, and Routers. This contrasts with the usual information network, in which Bridges connect separate nodes and communicate with easily detected transmissions.
The LCS’s self-forming mesh networks are unique due to the fact that their mobile nodes perform as Hubs, Bridges, and Routers all together. Any Router could operate as a Bridge and a Hub, as those become sub-functions of node-layered operations. A Gateway includes the Router function. A special significance of this is that the LCS now becomes essential for reconciling different protocols in partner nation’s vessels and teams. Because of the LCS modular mission architecture, we can map these fundamental connector roles into the LCS C2 mesh network. Each LCS could be a Gateway, a Router, a Bridge, or a Hub, based on rapid Mission Module switching, or it could delegate some of these roles to nearby or remote vessels, depending on the situation. There will be constant reconfiguration of Mission Module functions onboard the LCS as well as reconfigured connections across the littoral mesh.
A Maneuvering Littoral Mesh Network
One of the most remarkable changes that an LCS-based littoral mesh network brings is in redefining the component of “Act” to include “Maneuver” (Hughes, 2000). COL A. T. Balls’ concept of manned-unmanned teaming, which he devised in designing the ODIN Task Force for fighting the IED threats (Task Force ODIN 2009) is similar in performance to an LCS as a flexible Hub, Bridge, Router, and Gateway in an LCS-centered, manned-unmanned force.
Such an LCS force operating in cyber-physical space will combine physical and cyber “maneuvering”. The goal for maneuvering is not only to achieve better attack or defensive positions but also to comprise a better network within the LCS modular architecture. Here are two options:
- Directionality of physical links in the cluttered environment of littorals. For the most part ship-to-ship networking is now dominated by omnidirectional communications. In the cluttered environment of a littoral battlefield, when an intentional enemy attack or unintentional neutral or friendly force interference is highly probable, the usage of highly directional, quickly switching links, from laser to 1.2-5.8 GHz mobile ad hoc network (MANET) radio platforms could make the difference between success and failure. It is physical space maneuvering, by getting “close enough” electronically through fast switching of highly directional links.
- Relatively swift physical movement by a LCS with its manned-unmanned vehicles to different locations. This is a traditional type of maneuver that creates a non-traditional function: an additional set of virtually undetectable relays and new links to support vessels for plugging them into the critical attack/defense data exchanges. It includes nested directional links to extend reach to one-hop neighbors and deceive the adversary. Within a few minutes the physical configuration changes, confusing the adversary by suddenly appearing at a new location, and seemingly as a new threat. Fast movement and grouping in tight clusters creates a temporary high data transfer rate cluster, in which scouting and firing data can be shared, or alternatively can create cyberspace honey pots deceiving the adversary’s countermeasures and foiling a cyber-attack on our assets.
We have described warfare as a twelve-function process in which our aim is to attack the enemy effectively before he can attack us. We have shown that the interactions of all twelve functions going on simultaneously are especially dangerous when one must fight and win in the confined, cluttered waters off a coast. Defense of ships is much harder than in the open sea where defense in depth is possible and in a relatively uncluttered ocean which has been the focus of the U.S. Navy’s successful campaign planning for decades. On the other hand, physical and electromagnetic concealment is easier in cluttered coastal waters. With practice, and aided by mesh networking, the U. S. Navy can learn to take advantage of the unique aspects of the littoral environment and take the offensive against enemy ships and aircraft.
We propose to shift Navy thinking from projection of power from a safe sea sanctuary to a new and different emphasis on offensive operations that forces the enemy to defend his warships and commercial vessels against our surprise attacks. We propose an operational and tactical concealment that compels the enemy to be ever-ready for our surprise attacks from above, on, or below the coastal sea surface at times and places or our choosing.
We then assert that the command and control process is the central one that does the most to coordinate the six processes our commander controls while simultaneously he attempts to confound the six processes under enemy cognizance. We wish to enhance our power of command and control with a mesh network that is hard for the enemy to detect and take actions against. We illustrated with some specific ways to do that – all of which ways are ready for experimentation at sea.
Our fundamental conclusion is that until we deploy and become proficient with technologies that permit mesh networking, the U.S. Navy will not be ready to fight successfully in the cluttered waters off enemy coasts. We urge that the Navy advance quickly from experimentation with mesh network technologies to new combat doctrine, and then to training and proficiency, in order to restore our ability to go wherever and whenever needed against any 21st Century enemy who is aided by precision tracking and targeting, and has also practiced stealthy surprise attacks at sea. We urge a perspective that takes distributed lethality to sea with offensive tactics to force the enemy to respond to attacks when the choice of time and place is not his, but ours.
Bordetsky, A., Dolk, D. and Mullins, S (2015) Network Decision Support Systems: A conceptual Model for Network Decision Support in the Era of Social and Mobile Computing, Decision Support Systems (In Review).
Bordetsky, A. (2015) Networks That Don’t Exist, CALCALIST Newsletter.
Bordetsky, A. and Dolk, D. (2013) A conceptual model for network decision support systems. Proceedings of the 46th Hawaii International Conference on System Sciences, (CD-ROM), IEEE Computer Society Press.
Bordetsky, A. (2012) “Patterns of Tactical Networking Services,” in: Anil Aggarwal (Ed.) Cloud Computing Service and Deployment Model: Layers and Management, IGI, 2012.
Comer, D. (2014) Computer Networks and Internets, Sixth Edition.
Ball, A. Task Force ODIN, http://www.globalsecurity.org/military/library/news/2009/08/mil-090819-mnfi01.htm.
TNT MIO After Action Report (2005-2010): http://cenetix.nps.edu , Naval Postgraduate School, Monterey, CA.
 Some readers will be reminded of John Boyd’s famous OODA loop. It is a useful benchmark for those who are familiar with it.
 W.P. Hughes, Jr., Fleet Tactics and Coastal Combat, 1999, Naval Institute Press, pp 174-177.
 Ibid pp 40-44; pp 180-202.
A few years back, a group of psychologists ran some tests on groups of first-grade students in the U.S. and in Japan. The researchers gave each group of students an impossible math problem, then sat back to watch how long the kids worked on the problem before giving up in frustration. On average, the groups of American kids worked at it for less than 30 seconds before quitting. The Japanese kids, however, worked and worked on the problem; each time, the researchers cut them off after an hour and told them that the problem was impossible to solve. The take away: the American kids quit at the first signs of frustration because they were not used to hard work, while the Japanese kids were determined to gut it out. One set of kids showed grit, the other set did not.
Do we have grit as a nation? Have we lost it? If so, can we regain it somehow?
When I think of Americans with grit, I think of Louis Zamperini, Anne Hutchinson, James Stockdale, and Sojourner Truth. I think of people like my great-grandmother, who successfully raised seven kids (two of them severely disabled) during the Depression. Grit reminds me of families surviving the Great Depression, the Johnstown Flood, or Hurricane Camille, through extreme suffering and severe hardship, even when all hope has been taken from them. Grit tells of men and women facing seemingly insurmountable obstacles yet digging in and persevering, pushing hard in the face of incredible odds and demonstrating courage even in the face of death.
Images like these tend to belong to events in our collective past. To anyone who is a parent or has served with Millennials, the idea that American kids today suffer from a lack of grit may be very familiar. We are constantly bombarded with the idea that American youth today consists primarily of entitled, coddled, self-absorbed individuals who don’t understand what hardship or hard work is. By this narrative, Americans—especially Millennials—are spoiled, lazy creatures consumed with ridiculous first-world problems who are growing into ineffective adults because they have been raised without taking risks and with the ease of the internet at their fingertips, all while being coddled by helicopter parents. They are used to getting info and materials instantly, can’t talk or relate to others on a personal level because all they know how to do is text, need trigger warnings before hearing harsh words, and don’t understand suffering or deprivation. And they are self-absorbed, expecting others to be interested in the inane details of their lives while constantly putting on a show of how enlightened and amazing they are (a la White Savior Barbie). Generation X is certainly not immune to these same criticisms, but the focus has been particularly harsh for Millennials.
Similar observations also come from long-term educators. School administrators complain about the worrisome changes they have seen in incoming students, whose parents are overly involved in the minutiae of their children’s lives. Camp counselors tell stories about kids who have to call home every day, or who wouldn’t make decisions for fears of choosing the wrong answer. Senior military leaders grumble about the self-absorption of their young Marines and Sailors and question whether or not younger generations can work hard enough to keep our nation safe.
A 2007 study on grit, in fact, emphasized the critical role that individual grit played in determining whether or not West Point cadets would successfully complete their first summer, Beast Barracks.
I’ve got my own fears and questions about the future, and worry that my kids will be weaker adults since they are growing up in a more comfortable (entitled?) world than the one my husband and I came from. What happens to our military in the next two decades if the people who populate it are a bunch of unimaginative, coddled nincompoops who don’t know how to gut through a challenging problem? What happens to our country by 2050 if the women and men who will one day lead it can’t relate to each other as people and can’t lead their way out of a paper bag? What happens to my kids if they can’t function as adults?
But a few recent observations have made me reconsider these fears.
Last summer, I wrote on this forum about a trial run camp that my husband and I held in our town. While talking one afternoon with friends about everything we wanted to teach our kids, we realized that we learned many of those skills at OCS, TBS, USNA, and while turning from an immature 21-year-old into a junior officer. So we held a 5th-grade version of TBS, with a bit of other stuff thrown in. It was a resounding success—the kids loved it, we had a blast planning and running it, and the feedback was overwhelming. This spring, we’ve adapted our camp into an after-school program, and are partway into the first session right now. We are attempting to teach, test, and emphasize hard work, leadership, and teamwork, how to tackle complex problems, and to enable them to lead peers in an unfamiliar and at times demanding physical environment. In a way, we are trying to teach grit.
So far? The kids eat it up. They are hungry for more responsibilities, more challenges, and tougher stuff. They relish the struggle. One of the less-athletic kids gets anxious at the thought of anything physical and competitive, and grows worried before each event, but she keeps coming back and is hugely proud of her accomplishments. Another is deathly afraid of heights but is really excited each time he climbs up an obstacle, visibly proud of conquering that fear. It’s like this whole world is out there that they can’t wait to get their hands into, and once there they shine.
What we are doing, in many ways subconsciously, is weaving a bit of struggle into all that we do with the kids. Look back at that early classroom experiment on Japanese and American kids. One researcher noticed a key difference between Japanese and American classrooms: the Japanese teachers that he observed uniformly taught and emphasized struggle. They picked tasks that pushed their students beyond their current capabilities, then discussed how the hard work and struggle was part of the successes the students had when they had them. And that grit study that looked at West Point cadets? It also found that grit increases with age. Life will certainly hand us all some trials, and if we succeed and pass these trials, we tend to develop and use grit. So it does come along at some point to some of us. But why wait until poor habit patterns are set to learn hard work? Why don’t we teach hard work and struggle earlier, to set our kids up for success, so that when the real struggles come, they are more prepared?
As for fears that the ease, comfort, and “politically correct” nature of our kids’ world is uniformly bad for them, my recent experience at the Naval Academy Foreign Affairs Conference (NAFAC) has made me view those fears differently. During the conference, I worked with a group of about 15 college students, about half of them midshipmen. I didn’t know what to expect. But during the roundtables, I grew impressed with both the demeanor (incredibly civil and professional) and the level of foreign policy knowledge and awareness demonstrated by the college student participants. I don’t remember seeing anything remotely like that level of sophistication when I was the same age. And the ideas and solutions they proposed to problems facing the United States today were insightful and creative precisely because of the knowledge that each brought to that roundtable. Maybe all of that internet stuff played a role, and maybe the greater emphasis on manners—or political correctness, to some—did as well.
What if that education, ease, and internet accessibility helps future leaders cast a wider net in the hunt for workable solutions? Compare it across generations: when given a task in elementary school, I had the local library and my parents’ old Encyclopedia Britannica to search through. But my kids, they will have the world. More knowledge and more information = more alternatives and more solutions. How is this not good?
So I believe that we can teach grit, and we can do it by building struggle into school, work, and daily tasks in imaginative ways. We can ensure that young people are allowed the gift of failure, a gift that for most of us will keep on giving. And we can expand our ideas of learning, fully embracing the wealth of information available to people today. The sooner we give that gift, and enable those struggles, and rethink what it means to teach and to learn, the more mature and grittier America can be.
Today’s cyber world is getting more complex. For those charged with ensuring information systems remain secure the question remains – how can we be certain we are taking the right actions when we continually hear of systems penetrated, information stolen, and resources plundered due to nefarious cyber actors? Is our confidence in our cybersecurity efforts based on reality or something else? In Thinking, Fast and Slow, Nobel prize winner Professor Daniel Kahneman explores the manner in which we think. To ensure cybersecurity efforts will be successful, we must first understand how we think, and how the way we think impacts our ability to bring about real cybersecurity improvements.
Thinking, Fast and Slow Concepts
In his book, Professor Kahneman addresses the two ways we think. Thinking Fast, identified as System 1, is how we quickly and easily put limited information together to tell a coherent story. Thinking fast is hardwired into our DNA. It’s what gives us our gut feeling which will keep us safe in some instances. Thinking Fast is what we are doing when we breeze quickly through new articles, like this one, looking for information that is familiar, instead of trying to figure out if the concept really applies to us.
Thinking Slow, identified as System 2, takes serious mental effort. Thinking slow enables us to be factual, challenging accepted beliefs with all available evidence. Thinking slow is what gives us self-control, like not indulging in too much chocolate. Thinking slow takes real effort, which is why it is difficult to do all the time, or when we are fatigued. Thinking slow is what is necessary to grasp new concepts.
The unfortunate reality is we are all “lazy thinkers.” We rely on fast thinking for the large majority of activities in our lives. In many instances that is perfectly acceptable. In familiar situations, where we have a lot of experience, thinking fast usually works fine. However, in unfamiliar areas, thinking slow is what is needed in order to succeed. The complex and challenging world of cybersecurity is just such an area where it is critical to understand how our thinking could mean the difference between success and failure.
Two concepts brought forth in the book are critical in identifying where fast thinking can lead us astray. Those concepts are What You See Is All There Is and Cognitive Ease.
What You See Is All There Is (WYSIATI).
“System 1 (fast thinking) is radically insensitive to both the quality and the quantity of the information that gives rise to impressions and intuitions.” When we are thinking fast we tell ourselves a story that supports a specific belief. In creating this story, we grab whatever information will support a belief and don’t consider anything that may refute it. We are content with What You See Is All There Is (WYSIATI). Our ignorance of other evidence, which may be of greater quality, allows us to remain in bliss. “Contrary to the rules of philosophers of science, who advise testing hypotheses by trying to refute them, people (and scientists, quite often) seek data that are likely to be compatible with the beliefs they currently hold.” WYSIATI is fast thinking, and in the world of cybersecurity, this fast thinking can result in having faith in actions that do little to improve cybersecurity. Unfortunately, WYSIATI has a fast thinking partner in crime that also conspires to keep us ignorant. That partner is Cognitive Ease.
Cognitive Ease is simply how easy it is to retrieve a thought from memory. Something we have heard or thought on many occasions will be retrieved more easily from memory. The easier it is to retrieve something from memory gives greater confidence that the belief is true, although the reality may be the exact opposite. For example, you could be performing a certain “best practice,” like patching software or upgrading operating systems. Labeling something a “best practice” can make you think this practice has been shown through data and analysis to result in significant improvements. However, if the initial conditions are different than those considered when developing the “best practice,” this “best practice” may only result in wasted resources. Regardless of the reality, the more you recall the “best practice” from memory, along with the story that you are performing it to improve cybersecurity, the greater your confidence will be that the best practice will improve cybersecurity. WYSIATI and Cognitive Ease are truly super villains. The super hero with an “S” on its chest that can save the day is Slow Thinking.
Slow Thinking to the Rescue
Slow thinking is what is necessary to end storytelling and discover the truth. Slow thinking is about reframing the problem in order to find information that can challenge existing beliefs. As slow thinking uncovers new and better information, Cognitive Ease will remind you of your confidence in prior beliefs. Your gut will be telling you that no additional information is necessary (WYSIATI). Slow thinking is what will give you the self-control to fairly assess the new information you have discovered.
Fortunately, the Department of Defense has leaders who encourage slow thinking. The Department of Defense Cybersecurity Culture and Compliance Initiative (DC3I) was signed in September 2015 by Secretary Carter and General Dempsey. The DC3I is based on “five operational excellence principles – Integrity, Level of Knowledge, Procedural Compliance, Formality and Backup, and a Questioning Attitude.” Similarly, in his Principles of Better Buying Power, Secretary Kendall instructs us that, “Critical thinking is necessary for success,” and we should “have the courage to challenge bad policy.” These three DOD leaders are asking us to think slowly. This article will examine three separate areas; Cybersecurity Training, Our Cyber Adversaries, and The Certification and Accreditation Process, to illustrate how slow thinking can lead to improved cybersecurity.
In order to utilize slow thinking to improve cybersecurity, we must first be able to recognize where we are thinking fast. Cybersecurity training is an area that can clearly illustrate the difference between fast and slow thinking.
A typical approach to training on cybersecurity is to track the percentage of people trained in a particular cybersecurity area. As the percentage of people trained goes up, then the cybersecurity readiness of the workforce is assumed to be improving. This is a perfect illustration of WYSIATI. Limited information has been put together to tell a coherent story. In order to determine if the story is fact or fiction, slow thinking must be used to actively look for information that can confirm or deny the assertion that training is improving cyber readiness.
Unfortunately, there are a number of potential flaws to the assertion that training is improving cyber readiness. The training could be incorrect or inadequate. The training may not actually provide the workforce with skills required to improve cybersecurity. The workforce may not take the training seriously and not actually learn what is covered by the training. In some cases, knowing what to do isn’t enough to ensure the correct actions are taken. In the area of spear phishing, which is still the most common way malicious software enters information systems, a person must first be able to recognize a spear phishing attempt before they can take the appropriate actions. Even if spear phishing training provides a number of examples of spear phishing attempts, when people are tired, or in a rush, or possibly just don’t believe they will get spear phished, the chances of them taking the correct actions are not good.
Now, compare training on spear phishing to actively spear phishing your employees. If your employees know they will be spear phished, and held accountable for their performance, then they will be more on the lookout for suspicious emails, whether they are actual or training spear phishing attempts. By actively testing your employees with quality spear phishing attempts, you will compile real data on how the workforce is responding to this threat, and be able to provide additional training for those who aren’t. Training on spear phishing is like reading a book on running. Actively spear phishing employees would be like timing your employees for a run around a track. One is a Fast Thinking story. The other is Slow Thinking reality. Unfortunately, as illustrated by Professor Kahneman’s book, our default response in most situations is fast thinking. This can be especially true in circumstances where we have a problem that we are desperate to solve. We look for information that supports our success, and fail to look for, or disregard, information that would tell us we aren’t improving.
Outside Secretary Kendall’s door is a sign that states, “In God We Trust; All Others Must Bring Data.” One of his Better Buying Principles is “Data should drive policy.” In this circumstance, the data that we seek isn’t the simple, fast thinking question of how many people have been trained; it is the more difficult, slow thinking question: are our cybersecurity training efforts improving cybersecurity readiness? Only through slow thinking will we obtain meaningful data to drive policy and our cybersecurity efforts.
Our Cyber Adversaries
The SONY attack, the OPM breach, the Target theft, Edward Snowden, Private Manning – all involve information destroyed and stolen, resulting in the loss of millions of dollars. The cyber threat is certainly real, as the incidents above all attest. Unfortunately, the above incidents, and the press coverage that brings these threats repeatedly to mind, can lead to the perception that any system can be exploited by our adversaries at any time. As we learned previously, thoughts that are repeatedly brought to mind are more easily remembered, which Professor Kahneman describes as Cognitive Ease. In the world of cybersecurity, Cognitive Ease can make us quite confident that every single system can easily be exploited by any random hacker. With limited time and resources to address every system, it is critical to gain a clear understanding of how vulnerable systems are, and the impacts that can result if systems are exploited. If we attribute capabilities to adversaries that they don’t have, or install unnecessary protections in systems that aren’t at risk, we not only waste resources, but we continue to remain ignorant of the actual threat to our systems. Let’s see if we can do some slow thinking on the challenges faced by our cyber adversaries.
Eliminating the Fog of War
Cybersecurity firms often demonstrate the damage that could be done to information systems if hackers got control of them. What needs to be recognized is that the people performing these demonstrations have full access to system documentation, the system itself, and can run tests repeatedly until they get a desired effect. These demonstrations are a perfect example of WYSIATI. The people performing these demonstrations would have you believe (and often believe themselves) that If these demonstrations can be done then surely our cyber adversaries can do the same thing. The problem with demonstrations like these is that they eliminate the Fog of War, the uncertainty that is pervasive in almost every aspect of warfare. For our adversaries the challenge is much greater. System software and hardware configurations are constantly changing, so even if adversaries have system documentation, that information often very perishable. How will our adversaries know if that configuration is still in the Fleet? How will they locate a system that has that specific configuration so that they can test to see if their cyber-attack will work? How will they conduct the test in a manner that won’t tip off their adversary (us) about a potential vulnerability? How will they gain the necessary access to test out the attack? If they are able to locate the system, and attempt to perform their attack, how will they get the necessary feedback to understand why a test may have failed? These cybersecurity demonstrations show what is possible – with perfect knowledge, perfect access, and perfect conditions. What they don’t address is what is probable. Every step in the enemy kill chain is assumed to be perfect, which can then, of course, generate extremely significant consequences. Under those conditions, tremendous damage can be caused in non-cyber areas as well. For instance, any of our fighter planes would cause an amazing amount of damage if it was crashed into a carrier by an insider threat pilot. While everyone would admit that is certainly possible, we all recognize that the probability of that occurring is extremely low so we don’t waste valuable resources trying to create technical systems that could stop a rogue pilot from crashing their plane. In order to obtain value from our cybersecurity efforts we must understand all the challenges our adversaries must overcome. We must not focus on what is possible and then try to fix every associated vulnerability. We must use slow thinking and improve our understanding of what is probable in order to best utilize limited resources.
The Certification and Accreditation Process
The Department of the Navy spends a lot of time and effort on certifying and accrediting information systems to ensure information systems have a certain level of cybersecurity. The WYSIATI approach to certification and accreditation is simply that by using this process, and tracking the correction of system vulnerabilities, then information systems will become more secure in terms of cybersecurity. Systems that are certified and accredited are better off in terms of cybersecurity than systems that aren’t.
Once again we have a fast thinking coherent story that seems to makes sense. Let’s now willingly look for information that can compete with this story. In his book, Professor Kahneman describes an approach to enable Slow Thinking called a Pre-Mortem. The Pre-Mortem is an intellectual exercise done prior to committing to a major initiative that challenges people to think about how the initiative might fail or make things worse.
A pre-mortem for the certification and accreditation process might predict that the process could fail by taking such a long time that it significantly delays the implementation of cybersecurity capabilities. The pre-mortem could predict that due to unclear requirements and untrained personnel the certification and accreditation process might generate very little improvement in cybersecurity, wasting precious resources on something that is primarily a paperwork drill. In this situation, since the C&A process has been in place for a number of years, we can look for indications that support these predictions.
Little value for the effort.
The Naval Surface Warfare Center (NSWC) at Dahlgren, Virginia is just one of the Navy’s centers for innovation. In 1920, only 17 years after the Wright Brothers flew at Kitty Hawk, engineers at Dahlgren launched the first remote control airplane. The plane crashed, but the boldness of such an effort, so soon after the first manned flight, is striking. Innovation remains a constant pursuit by the men and women who serve at Dahlgren NSWC today.
Recently, four of Dahlgren’s engineers, with combined experience of more than 100 years, noted their concern with the certification and accreditation (C&A) process. Over the course of 18 months they examined the resources and time required to get 43 information systems processed through the C&A process. These packages took 33,000 hours of work for a cost of $3.5M, and in the end all of the information system packages were certified. Yet all that administrative work only generated one minor technical issue that needed to be corrected. $3.5 Million worth of time and effort generated almost no changes to the systems in question, and took talented engineers away from the process of innovation, research, and development which our country needs them to be doing.
Forgetting the Commander in Situ
The “Commander in Situ”, which stands for the Commander in the Situation, is a military term that recognizes it is the Commander actually on scene, or in the situation, that has the best understanding of what is going on and what needs to be done. This principle has been evoked over the years after horrible mistakes have been made by those far from the scene who tried to order what must be done with imperfect knowledge of the situation. “Commander in Situ” is all about decentralized control, leaving control to those with the best information.
Unfortunately the C&A process is a very slow, centralized process that pushes information system packages through to one approving authority. What should be recognized is that the farther the approval chain gets away from the system requiring certification, the less knowledge and understanding decision makers have regarding the system in question. In many cases, the people who make the final decisions for approval don’t have any technical expertise on the systems they are approving. System experts have to educate those who give final approval of their system. In cases such as this, decisions that could be made, literally, in minutes by the local experts, have taken over a year to run through the certification and accreditation process. The lack of local authority for cybersecurity matters is quite stunning. For example, the Dahlgren Naval Surface Warfare Center is one of the few organizations in the United States that has the authority to handle the Anthrax virus. Dahlgren can also handle and detonate ordnance up to 10,000 pound bombs. Yet if engineers at Dahlgren want to connect a new microscope to a standalone laptop, that requires a process that can take over six months and requires routing paperwork through four other organizations to gain the necessary permission.
The Illusion of Authority to Operate
When an information system successfully completes the certification and accreditation process it is provided an Authority to Operate (ATO). The ATO authorizes a particular information system for operations, normally for a period of three years. So at two years and 364 days from the date the ATO is provided the system is still good, yet two days later these systems are no longer acceptable for operation. In some instances, when a system is deemed to be at higher risk, an Interim ATO is granted for a period of six months or less. How the length of the time periods of the ATOs are linked to reality is not clear. These information systems are being treated like cartons of milk with expiration dates. While we know the science behind why milk goes bad, there is no science behind why an information system should have an ATO of three years, two years, or six months. This is just a story we have been telling ourselves.
Disregarding Design Thinking
The movie The Imitation Game details the story of the United Kingdom’s efforts to solve the Enigma machine – the encrypting machine the Germans used during WWII to send messages. The movie pits Professor Alan Turing against a group of mathematicians and code breakers. Each day, the mathematicians and code breakers scribbled furiously on paper in order to try to break the code, and each day they failed. Professor Turing was an early practitioner of design thinking. He realized he needed to design a solution that would be a good match for the problem at hand. Professor Turing eventually solved the Enigma machine by creating a machine to do it. Unfortunately, like the mathematicians and code breakers in The Imitation Game, our certification and accreditation process is a slow, centralized, and bureaucratic solution, which is unfit for the very fast, decentralized problem of cybersecurity.
The examples and concerns I have brought forth above are not intended to blame or criticize, but instead to engage in the type of critical thinking that DoD leadership has encouraged us to do. In our efforts to address current cyber challenges we are all on the same team. The examples above are meant to illustrate the concepts of fast and slow thinking in order to best address these significant cyber issues. A fast thinking response to these concerns would be to dismiss them or dispute them. A slow thinking approach would be to willingly investigate them and try to confirm them. New processes should be developed for those concerns that are confirmed.
High Velocity Learning
Recognizing that we must respond to a changing global environment, in January 2016 the Navy issued A Design for Maintaining Maritime Superiority. In the document four lines of effort are established, one of which is to “Achieve High Velocity Learning at Every Level.” The objective of this effort is to “Apply the best concepts, techniques and technologies to accelerate learning as individuals, teams and organizations.” Our Chief of Naval Operations, Admiral John Richardson, has made it clear that the US Navy will be a learning organization. But to accelerate our learning we must first understand how we think. In the end, we should recognize that what we need to effectively address our cyber challenges, as well as achieve high velocity learning, is slow thinking.
The above views are solely my own and have not been endorsed by the Navy. All quotes are from Thinking, Fast and Slow by Daniel Kahneman, a tremendous book that I highly recommend.
From “Pacific Pivots” to “Offshore Balancing” to “Leading from Behind,” as a culture, the national security chatterati and professionals have been grasping for a good “Ref. A” that looked like anything close to strategic thought – even if in reality some of them are only rough operational concept outlines.
As such, heads turned when CNO Richardson announced last week,
Adm. John Richardson, the current CNO, is seeking to accelerate learning and information processing and reportedly has decided the eight months each group takes to study a problem and generate a report is too long. On March 30, he directed retired Vice Adm. Phil Wisecup, the current SSG head, to stand down the group after the current team completes its work.
As a backgrounder,
The CNO Strategic Studies Group (SSG) at the US Naval War College in Newport, Rhode Island, has been working on particular CNO-directed topics since 1981. The group, according to the Navy, is tasked only by and reports directly to the CNO.Organized each year with about 18 to 22 members, many of whom are considered bound for flag rank, the SSG is thought of as a concept demonstration team, often taking on topics that could have great potential but are not being pursued in other Navy organizations. Study topics have included the integration of rail guns into operational concepts, the convergence of cyber power and sea power, and the development of synthetic fuels.
With a name like “Strategic Studies Group” and such a pedigree, one would think in a time of flux that would not be a body that the CNO would want to get rid of. Give all the squid ink about “speed” a pass and look a bit deeper on why we would do such a thing.
Why would the CNO decide it was no longer value added? I think the answer is a simple one; the product.
Such an organization produces a poor product for one of two broad reasons, neither are comfortable to talk about in the open.
1) The Process: this is what the CNO mentions as “speed.” Process is also the easiest thing to fix. Why was this not looked at in detail first? Too hard? Really not. That is what leads me to the next reason.
2) The People: if the people in the Flag holding pen are really our best and brightest, what was it about the SSG that produced such ossified thought to the point it was negative help? What does that say about either how we direct the energies of our talent, or the talent we are selecting? Those are uncomfortable and hard questions that make enemies, but they are ones that have to be asked.
This is not a process issue. Nuclear trained Admirals can fix process. The smart money is on a people problem, and that should worry us all.
As one highly respected professional told me,
SSG has been slowly descending into irrelevance, a holding pond for a bunch of post major command guys to give them a veneer of being smart guys, but the products have become increasingly vanilla. Sort of a wasted exercise where the CNO sends a really tough and important question up to Newport and nine months later the answer … comes out the other end (and sucked). I have given up reading their final reports a few years ago, a waste of time, but still three guys were selected for flag out of there in the past few years.
Why are our best and brightest producing inferior produce, and being rewarded for it? That too is a question we should want an answer to.
The plot unfolds around the creation of the credit default swap market that “shorted” the collateralized debt obligation (CDO) bubble, precipitating the housing crisis and global financial collapse of 2007. The book describes a private financial and government regulatory system so blind to its own vulnerabilities that it trundles towards failure of epic proportions.
Lewis points to three key enablers of this collapse:
1) A system so large and convoluted that no one truly understands it
2) Individuals who act in self-interested stovepipes to protect their specific aspect of the system
3) Lack of adequate, appropriate oversight
The global financial collapse of 2007 resulted in trillions of dollars of lost savings, pensions, and home value. It affected the lives of millions and has fundamentally altered the way Americans interface with their economy.
There is another system in our nation that shares similar characteristics. The military acquisition system is the elephant present in every room in Washington, DC; its success or failure affects every dollar we spend and every man, woman, and child in America. If the housing bubble affected the lives and livelihoods of millions, we can only surmise the deleterious effects that the acquisitions bubble could have on global security.
We must fundamentally examine the acquisitions bubble and how we can avoid it, before it is too late.
Shorting the System
In The Big Short, Lewis tells the stories of the individuals who predicted the housing collapse and “shorted,” or bet against, the market. These were men and women who profited off the bad business practices of banks and hedge fund managers.
When considering the military acquisitions system, it is our current and potential adversaries who are betting against us. Those who “short” the system include both small-scale organizations who employ inexpensive, low-tech methods to sabotage our forces, and large nation-states who are engaged in a broader game of geopolitical Risk with the United States.
As mentioned earlier, those who leveraged the housing bubble operated with three key enablers at hand. These are the same characteristics that our adversaries will continue to use as they leverage our military acquisitions system against us:
1. A system so large and convoluted that no one truly understands it.
DoD has an entire college–“Defense Acquisition University”–that includes both physical and online classes on the subject of military acquisition, technology, and logistics. Its website estimates the total number of individuals it services each year in the acquisition system at more than 150,000, a figure that represents but a fraction of the whole.
Tens of thousands of men and women, both in uniform and out, work on the subject in the National Capital Region alone. These folks work in small cubicles with water coolers and locked doors. The DoD budget that they each have a small hand in preparing heads to Congress at more than 500 pages each year.
No one–especially not this author–could accurately describe each stakeholder or step of the military acquisitions, technology, and logistics process. Unfortunately, this means that no single person could point out its inefficiencies or effectively propose improvements.
2. Individuals who act in self-interested stovepipes to protect their specific aspect of the system
The men and women wearing the cloth of our nation, far from our shores, are our nation’s true heroes. They work hard in conditions and at tasks that would make the rest of the world blanche.
But decisions are not made on the front lines, in the cockpit, or on the bridge. They are made in office buildings with air conditioning and snappy internet connections. They are made by both military staffers and civilian bureaucrats.
Too often, these offices succumb to what you might call “9 to 5 syndrome.” Many are of the mind that the job they were hired for has definite conditions, and they will work no longer than is necessary to meet only the minimum requirements. Any further issues that arise outside of these hours or requirements are “not my problem.”
Likewise are those that see a problem–incorrect information being passed up the chain, an erroneous analysis, unjustified assumptions–and do nothing. Why? “It isn’t my job.” “I wouldn’t know who to talk to about that.” “I don’t want to make any waves.” People fear for their employment, their financial stability, and their perceived reputation in the workplace more than they fear incrementally adding to the entropy of the system.
These aren’t necessarily behaviors that you could discern from a workplace survey. It is much easier to hide behind the anonymity of the computer screen, ignore our real problems, and react with dismay when the wheels start to fall off the bus.
3. Lack of adequate, appropriate oversight
Beltway Insiders refer to the “Iron Triangle” as the relationship between Congress, the military, and industry. Through the lens of the acquisition bubble, however, let’s take a closer look at each corner of this shape:
-A Congress with an approval rating hovering near 10%, in an environment hostile to incumbents and financially costly to challengers
-A military with a joint staff that each of the services scoff at, with the term “joint” or the color “purple” disparaged, handling oversight of the acquisitions process
-Industry beholden to investors who are looking for profit and short-term gain
This is a reality that has existed for decades. A system that should be designed for mutualism, where the actions of one benefit the other, has instead manifested as parasitic, where each actor seems to be negatively impacted by the actions of the other.
Each of the stakeholders in the Iron Triangle is responsible for the oversight and proper regulation of the military acquisition system. But in an environment where Congressmen are more apt to pass a funding bill that includes jobs and money for their individual districts; where industry advances projects that further their bottom line the most; and where the DoD serves up an amalgamation of individual service plans rather than a comprehensive strategy, oversight and regulation are fundamentally broken.
Now, more than ever, we should remember the words of a former president: “Our problems are man-made; therefore, they can be solved by man.” We must get beyond all of this; we must eliminate our excuses. The health of our Republic and the continued success of our men and women in uniform depends on it.
No Easy Way
The slow devolution of our acquisition system is the result of an unchanging bureaucracy that is grinding to a halt in the Information Age. As the pace of the world quickens around us, our system is growing more and more inefficient. At times, it is both too easily taken advantage of and not easy enough to engage; it is both too deliberative and not deliberative enough. Yet we continue to lurch towards multi-billion dollar platforms and continued inefficient policies, unable to stop this carnival ride we are on.
Hindsight has a way of making things look more obvious than they appeared at the time. Perhaps the system is helped in some way by the notorious bean counters and turf protectors that seem to stove-pipe problems and sabotage solutions. Perhaps the American acquisition machine will continue to slog on, unabated. But as we come upon our fourth post-Cold War decade, it is alarming that our systems and processes are becoming increasingly Soviet.
One of the most obvious solutions is to foster strategic thought, understanding, and literacy in military and civilian agents of DoD at a much younger age. Mark strategic aptitude early and enable groups of these hard workers to actually influence policy and lead change within government. There are plenty of outstanding strategic leaders across DoD, but we can do much more to enable our strategic enterprise as a true meritocracy, rather than a “tenure-ocracy.”
There are already cohorts fulfilling these roles in their own personal capacities, such as the Defense Entrepreneurs Forum and similar service-based groups of junior officers, enlisted, and civilians. We should further these groups to include true coalitions of service, Congressional, and industry staffers and leaders who can come together to solve problems instead of going through the motions of decorum and paying lip service to real issues. But to date, both Congress and service leadership has reacted with scorn to these possibilities, seeming to validate problem #2 on our list above.
At the end of the day, no matter how many bits of data or inches of type-block this article takes up, there is no silver bullet solution to the military acquisitions bubble. There isn’t a 5-point plan or a CONOPS capable of the kind of course correction needed.
There is simply this:
If we got every stakeholder and decision-maker, from the lowest ranking uniformed service member to the highest ranking civilian and industry leaders, into one room at one time–with a Congress and President ready to vote and sign whatever came from such a meeting immediately into law–could we task them to build a system around answers to one question:
“What would you do differently if you knew you couldn’t be fired and you couldn’t fail?”
And how do we get them there? How do we press the “reset” button on doing the right things?
Time is of the essence: before the acquisitions bubble pops, and we are left with a tragic sequel to The Big Short.
How did we get here, to this place pointed out to us by Kyle Jahner at ArmyTimes?
Army Chief of Staff Gen. Mark Milley has repeatedly complained about the convoluted, slow and expensive acquisitions process, and cited the Modular Handgun System program as a glaring example.
“We’re not figuring out the next lunar landing. This is a pistol. Two years to test? At $17 million?” Milley said to an audience at a Washington, D.C., think tank on March 10. “You give me $17 million on a credit card, and I’ll call Cabela’s tonight, and I’ll outfit every soldier, sailor, airman and Marine with a pistol for $17 million. And I’ll get a discount on a bulk buy.”
Leadership; that is how.
It all starts in Congress, of course, but the uniformed services have much of the blame to share along with them. As warfighters allowed themselves to transmogrify in to simple fonctionnaires – so we find ourselves at this point.
Through the years allowed ourselves to become numb to the various habits, regulations, instructions, regulations, and laws that have layered us like so many beggarweeds on a long-haired spaniel after a run through a fallow field in summertime.
Each little part can be traced back to someone’s good idea made flesh, or an attempt to prevent fraud, waste, abuse, or the hobby-horse of a pushy and ill-informed leader advocating a program no one wants. Each bit accumulates, but no part leaves.
We also have the sad effect of allowing leadership and integrity to be substituted by paperwork and process. We exist in a world where it is common and accepted practice to say, “The right thing is to do X, but IAW OPNAVINST 1313.99Xy, Section IV, para 1.A.(2).g.iii, we can’t.” Always with the royal, “we.”
As even a small and simple thing as a pistol takes an absurd length of time, we attempt to jump generations of developments to compensate – and as we see time and time again from A-12 to DDG-100 to a replacement for the M-16 and the 5.56mm – we fail in the face of the green eye-shade.
What to do? I think General Milley has shown the way. Within acceptable guidelines, point out publicly with a bit of scorn and sarcasm, the system we have been given mostly by those wearing civilian suits. Fix what we can, shame what we can’t.
Even before the submission deadline last month, the road to a new pistol has been long and winding. In 2008, the MHS started as an Air Force program. But little progress was made before January 2013, when the Army kick-started the latest efforts by asking industry for more information. Additional discussions with industry drew out the release of the 350-plus-page document until August 2015. Then the solicitation’s deadline for submissions was Feb. 12 of this year.
As defined before, this timelineis 1.6 WorldWars. Six years just to submit a solicitation.
Congressman Thornberry; over to you.
By Ciro Lopez
In 2015, innovation initiatives took center stage at the Department of Defense (DOD). The U.S. Navy, for example, stood up its Task Force Innovation, and the Office of the Secretary of Defense (OSD) created Defense Innovation Unit Experimental (DIUx), an innovation nexus in Silicon Valley. These efforts signal innovation’s place in reversing the erosion of DOD’s technological edge.
However, with all eyes on defense innovation, there is an increased danger that it will succumb to buzzword fatigue—a condition brought about when a word has been so exhaustively used that no one knows its original intent or ultimate purpose. DOD is rife with examples: net-centric warfare, transformation in military affairs, and effects-based operations. To the cynic, innovation is just another buzzword that will come and go.
For those of us who believe in defense innovation, we want to move past the buzzword hype and make innovation a normal part of doing business. So how is this done? There are, of course, things that should be done at the staff level, which I discussed in my previous article, but shaping a climate of innovation rests with the DOD leadership.
Here are four actions that defense leaders can take to shape such a climate:
Define the purpose. An old proverb says that, “without vision a people perish.” A similar proverb can be applied to innovation—“without purpose, innovation flounders.”
The Innovation Cell at U.S. Forces Naval Southern Command, where I was a member, got direct tasking from the Commander, who clearly communicated our purpose: find creative, low-cost ways to support the Southern Command counter-narcotic mission. This purpose defined our boundaries and allowed us to use our creativity efficiently. Leadership provides clarity of purpose so that innovation is not for innovation’s sake.
Secure a perimeter. In 1981, Admiral Hyman Rickover, an innovative and controversial figure, gave a speech at Columbia University’s School of Engineering titled “Doing a Job.” He talked about management and the organizational environment that achieves results. What he described was, in effect, securing a perimeter for innovation to thrive. Rickover addressed the role that leaders play in creating and protecting a space where staff work to their maximum ability. Leaders actively guard employees in this environment from the fear of failure and risk-taking. This protected space allows employees freedom to collaborate, and encourages healthy confrontation and disagreement because the goal is progress, not conformity. This environment invigorates a workforce and drives people toward finding ways to say “yes” instead of the reflexive “no” that is too common at DOD these days.
Develop processes, but focus on people. Too many leaders focus solely on organizational processes to achieve innovation. The thinking goes that if it were for the right process, we could institutionalize innovation. This will never work. In their 1995 report to Mr. Andrew Marshall, the director of the Office of Net Assessment, authors Williamson Murray and Barry Watts detailed military innovation during the interwar period (1918-1939). Their findings showed that the marriage of organizational processes with the right people leads to successful innovation. Leadership at the time chose innovators like William Sims and William Moffett to navigate the processes of their day. The result was the birth of carrier aviation. Innovation was the result of the talent, energy, personality, and tenacity of these individuals.
This is not to say that processes should be ignored. Innovation requires processes to guide and bound the flow of ideas in an organization. But, ultimately, the processes are there to achieve results. Even the most heralded process is one short step away from a burdensome bureaucracy if the wrong person is in a position of oversight. Processes are important and necessary, but leaders must realize that sometimes the answer to a problem is a person.
Require progress. In her book, The Creator’s Code, Amy Wilkinson documents her research from studying and interviewing leaders of many of today’s most innovative companies (e.g., In-Q-Tel, LinkedIn). Her findings show a common thread across innovative leaders—the insatiable desire for progress. As Wilkinson points out, successful leaders maintain momentum by analyzing the data (i.e., where they’ve been and how it went) and changing their actions based on what they learn. That is, these leaders are always learning and always modifying. One leader characterized the process as “flexible persistence.”
DOD leaders should not be satisfied with answers from bullet points on PowerPoint slides. They should constantly ask questions that help them learn why things went wrong and why things went right. They must be comfortable modifying their approaches and programs based on what they learn; they must be quick to build on successes and to abandon failures. And when they’re done with that iteration, they must be ready to do it again—the process of flexible persistence. This continued drumbeat toward progress, not perfection, generates the organizational momentum that advances innovation.
The need for innovation will not go away when the buzzword frenzy has subsided. The global security landscape and proliferation of technology to potential adversaries will require DOD to be agile and forward-thinking. DOD has the resident talent within its workforce to meet these challenges, but the workforce will need leaders who can create and maintain an innovation climate. Leaders who can successfully cultivate that climate will ensure that innovation remains a normal part of doing business at DOD.
America and her partners stand astride the greatest alliance in world history. Thanks to globalization, massive coalitions, and cutting edge science and technology, we appear to be the drivers of global events. Nevertheless, present influence is often a poor predictor of future performance in the wars of nations. Technological advantage has never been more crucial in warfare, nor has it ever been so easy and quick to displace, or be displaced by, another power. The lethality and decentralization of military technology have risen in tandem, allowing renegade sects to acquire deadly missiles and advanced cyber technology for sums that wouldn’t fund a coffee mess at the Pentagon. This paradigm shift is largely due to the computing revolution’s conquest of the dark corners of the world. Distance, time, and even vast quantities of money are no longer the essential components of a military campaign. Today’s geopolitical security environment requires us not only to out-develop our opponents, but also to find immediate defenses to their latest and greatest while operating within a fiscally constrained environment.
With these constraints, and our desire to protect the world system that has allowed billions to thrive, we must find a method that realistically and consistently produces optimal outcomes. With cost as one of our primary problems, more money shall certainly not be the solution: there will not, nor should there, be a massive increase in defense spending. Cost can render even the most revolutionary technology useless, and if we continue to simply throw money at the problem rather than dramatically altering the acquisition process, we cannot be surprised when we do not get dramatically different results. Innovation is as much about making great products as it is about making them at reasonable prices. In order to foster such innovation we must leverage our often overlooked strengths and avoid becoming the victim of our greatest fear: failure. We are a nation of innovators and pioneers, why should our military not emulate, even proselytize innovation? The rigid hierarchies and structures from our foundation were necessary in an age of lawless sailors and high seas high jinks, but today’s service members are not petty criminals. In fact, they are the best and brightest we have ever had. In a rapidly changing developmental and operational environmental we must also rapidly change.
To overhaul the Department of Defense (DoD) and bring it into the twenty-first century, we must not rely on gadgets and whiz-bangs. Cautionary tales such as the F-35 and the DDG-1000 have shown us the perils of trying to produce cutting edge assets with a flawed acquisition process. Instead of focusing on the end product, we must focus on how we proceed from idea to proof of concept. In order to achieve this we must increase the efficacy of our greatest resource: our human capital. This should not be conflated with pushing people harder or working more. It’s about having the right people doing the right work on the right projects, the sort of deft management that is nearly impossible from a centrally-planned organization.
The millions of patriotic Americans that serve in or assist our armed forces care deeply for both our future and their profession. In order to manage these teeming masses we have developed the world’s largest bureaucracy. We have attempted to rein in its excesses and raise its efficacy with strict accountability, both within our respective chains of command and by our civilian overseers. Regrettably, as Francis Fukuyama so insightfully explains through his study of the U.S. Forest Service, such endless reporting and micromanagement breed a navel-gazing, inward-facing culture so caught up in fulfilling requirements that it is unable to do much else. This culture does not adapt, innovate, or improve under the weight of daily paperwork drills. That is not to say that there are not hundreds of thousands of superb sub-organizations and heroes within the DoD, or that determined individuals cannot overcome its strictures, they certainly can. Rather, it is that they should not have to overcome barriers in the first place. Accountability is important, but not when it is taken to the point of sapping initiative, flexibility, and risk-taking. It is a trite cliché to bemoan the burdens of bureaucracy, so we must not focus on the problem and produce another tome of a study that few will read. Instead, we must start implementing the solution, one that is as simple as it is difficult: embrace failure.
Our fear of failure is so colossal, so in-grown that we are unable to see what a culture unhindered by such paranoia could accomplish. Fearing failure discourages risk-taking, experimentation, and ultimately innovation, the essential elements of technological advancement today. The key to innovation is opening an organization up to failure and breeding a culture of creative destruction wherein from the ashes of experimentation rises the phoenix of ingenuity. To determine how we can best incubate such low-cost, high-efficiency systems we need look no further than the golden shores of California. In teams that are often no larger than a minesweeper’s crew, Silicon Valley has produced some of the defining technologies of our age. Their model of innovation is a high-risk, high-reward system characterized by extremely high human capital, independence, room for failure, and divergent thinking. While the DoD’s sprawling size, security concerns, operational requirements, and Congress make it difficult to perfectly emulate Silicon Valley, that does not mean that we cannot adapt our organization with their model as a guide. From cyber warfare to manpower-reducing automation, the possibilities are striking. However, the technology itself is not the solution; it is the process, the organization that undergirds technological development, which will best allow us to continue our mission as a global force for good. The ideas that follow are but a few of the limitless possibilities we have before us if we embrace this Silicon Valley-inspired spirit of decentralization, experimentation, and innovation.
The most crucial change must be to our centralized structure. In traditional combat, where one commander was able to gather the disparate elements of warfare into one chain of command, centralization was crucial. However, warfare and the nature of the national security apparatus have changed. For the development of breakthrough ideas and technologies we need to loosen this centralization. We need small, agile teams rather than sprawling commands with 15 layers of reporting. By the time an innovative idea runs from a peripheral command to the Pentagon it has been a decade and the opportunity is lost. We must acknowledge that admirals make great leaders but are often decades removed from deckplate leadership. We must trust our O-5s and O-6s to lead teams of junior officers in developing ideas and technologies. They will partner with scientists, developers, and contractors to take the seeds of invention and cultivate them into the saplings that admirals can grow into mighty oaks. Too often a seed is not given a chance to grow and is killed in development, or a seed is seen as so great, so interesting, that it is given far too much, killed by overmanagement. Instead, let us step back and allow these small “innovation pods” the chance to incubate and experiment with these new seeds, then take those successes to the admirals for fertilization and replication. This devolved style is necessary if we are to remain on the cutting edge. No matter how great a single idea appears, it is impossible to pick the best ideas at such early stages.
Venture Capitalism Repurposed
Of course the mechanism to determine how these nimble “pods” will be funded and their ideas advanced is just as important as their mission. Here again we can borrow from Silicon Valley. By cultivating a network of internal venture capitalists (VCs) we can revitalize the DoD and inject it with the creativity and passion that so enrich our nation’s private technology firms. Initially there would only be a few teams as the model’s kinks were worked out and its nuances adapted to the Pentagon. These teams would be composed of a mix of DoD acquisition experts and Silicon Valley VCs. The basic framework would be:
- The DoD issues a general call for a perceived requirement.
- Relevant innovation pods brainstorm ideas and submit proposed solutions.
- Pods are given a small amount of money to test their ideas.
- VC angel investors read the proposals and the results of initial testing.
- Top tier ideas receive additional seed capital and advance.
- As the ideas become increasingly mature, the most efficacious design is advanced to the highest levels.
- The official program then begins with the leadership of the winning pod, taking into account the lessons learned from all of the pods involved.
The pods would be highly fluid and project-based, much like those of management consultants who frequently rotate through teams and tackle extraordinarily diverse problems yet still produce outstanding results. An officer would be assigned a billet as a general innovation pod member, then apply to the pods whose goals most interest him or her or where his or her skills would be most valuable. These general pod members would be able to rotate through pods as projects and proposals come and go, sticking with those pods that best align with their interests and capabilities. Again, this is a rough framework, what matters is the spirit: the idea of having the best ideas selected through an objective and creative experimentation process. We would learn lessons faster, break barriers, eschew vested interests, and find flaws much earlier in the process, saving us untold billions. One billion dollars on 1,000 programs that lead to fifty breakthrough technologies is better than one billion dollars lost to a forced idea such as the Arsenal ship or the Army’s Crusader self-propelled howitzer. Good ideas cannot be made; they must be proven and cultivated. With an internal VC system we would find the good ideas first, before development. The Pentagon would become a market place of ideas rather than a centrally-planned laboratory and our military would thrive.
The Right to Fail
All of this comes back to fighting our fear of failure, of doing away with a zero-defects culture. Junior officers will mess up. Mistakes shall be made. However, these are necessary, for there is no greater teacher than failure. Instead of giving progress reports to every inquirer at every step, teams must be allowed to tinker, to have room to breathe, to have time to fail, learn from it, and improve it on a small scale. It is much simpler to fail early and fix it than it is to keep passing the buck until we end up with a useless billion dollar program and can’t even figure out the core problem because it’s so buried in paperwork, complexity, and band-aid fixes. These runaway costs and delays are endemic to our current system. “A 2009 Government Accountability Office study of 96 major defense acquisition programs found that almost two-thirds of them suffered major cost overruns — forty percent above contract prices — with average delays of nearly two years. Those overruns totaled close to $300 billion.” A rigorous, specialized, small team-driven approach will help us weed out which seeds need to be developed and which must be discarded, keeping us from ending up with billion dollar lemons. We love to champion a project from start to finish, but we must switch to championing them at the mid-course stage. As what we want and what is possible often diverge significantly, nothing should be sacrosanct in the development stages.
Reinvigorating Basic Research
All of these organizational changes and small teams still require the great tools and breakthroughs that made atom bombs, supersonic missiles, and strike drones possible. We must return to our rich World War II heritage and rekindle the DoD’s role as the ultimate benefactor of basic research: research done to advance scientific understanding without being directed at specific problem. These funds will come from the savings reaped by our organizational restructuring and will be distributed to America’s world-renowned research universities and organizations. Their discoveries will further fuel the opportunities and advances achieved by the innovation pods and DoD VCs.
Scaling Up Modularity and Allied Partnerships
Basic research will pay off in time and allow us to continue pushing the frontiers of warfighting, but we must also find innovative and evolutionary ways to get breakthrough technologies to our service members quickly and consistently. One of the most promising means of achieving this is through modularity. Despite the challenges the Navy has encountered with the Littoral Combat Ship’s (LCS) modules, the principle remains one of our most promising ideas going forward. The increased versatility, upgradability, and specialization provided by modularity drastically increase the effectiveness of a single vessel. Our guiding light should be to create platforms that can be specialized and re-specialized as is operationally necessary, rather than trying to design a Swiss Army knife today to fight tomorrow’s wars. In order to further augment these modules, and the Fleet in general, we also need to open ourselves up to more allied and off-the-shelf technology. Increasing partnerships and technology sharing with our allies, along with licensing the production of foreign designs in America – with appropriate security – would save us billions in R&D, strengthen our ties, and encourage our more reluctant allies, especially in NATO, to get more involved in the defense sector.
Extending Tours on Key Projects
On the personnel front, we must allow those who embark on long-term projects to stay longer than a typical 18-36 month billet allows. Our relatively short-term billets, especially on long-term projects, mean that there is little true ownership for programs like the F-35, which has had so many program managers and developers over the years that no one has ever been truly responsible for the results. We preach immediate accountability constantly, but pay less heed to the perils of long-term gaps in responsibility and follow-through. Just as being the head of Nuclear Reactors is a ten year job, so should more billets be of a length commensurate to the task at hand. This ownership would incentivize passion, dedication, and follow-through by giving our leaders real skin in the game and bonding with their product and team. In our innovation pod model this would kick-in when a pod “wins” and gets the green-light to go into full-scale production. Their key leadership would stay with the project and continue working on it until completion.
Seizing Opportunities & Accelerating Careers
In the spirit of SECNAV’s much-lauded changes from May of last year, we must continue the process of providing ever greater opportunities and career development for our best officers. Successful innovation pods should be rewarded with promotions, bonuses, and other accolades, showing our officer corps that exceptional successes and hard work have immediate and tangible benefits. These rewards will further motivate and empower our innovation pods to dare greatly and push the frontiers of the possible. Similarly, we must provide them with extensive flexibility in using the Career Intermission Pilot Program (CIPP) to pursue developmental opportunities, including those that arise suddenly. Much like then-Lieutenant Nimitz’s 1913 study in Germany to become the Navy’s foremost expert on Rudolf Diesel’s revolutionary new engines, so should officers be strongly encouraged to seize learning opportunities that benefit the Navy’s intellectual and innovative vitality. Foreign exchanges, elite graduate programs, Fortune 500 fellowships, and other external opportunities should be highly sought after and advantageous for promotion since they cultivate the diversity of ideas and perspectives that will be so crucial in twenty-first century warfare and technological development.
Ultimately, what is most important about these changes is not the organizational details or the funding mechanisms, but their spirit. It is a new cultural paradigm that will bring the DoD into the brave new world of the information age. The organizational changes will reinforce and perpetuate this spirit, but as leaders we must lead from the front and push our military to become the agile, effective organization that our country needs and the American people deserve. To do this we must embrace risk and reap the rewards of creative destruction. We must cast our zero-defects mentality asunder and implement creative development and funding mechanisms such as those of Silicon Valley. We must tinker with and cultivate great ideas, allowing fluid innovation pods to create, fail, and thrive in pursuit of cutting edge developments and technologies that will keep us at the forefront of modern warfare. We must trust our junior officers and allow them to experience opportunities throughout the Fleet and the civilian world. We must increase basic research, modularity, and partnerships and technology sharing with our allies in order to retain the technological tools necessary for our innovators and DoD VCs to pioneer novel and effective applications. These solutions are budget neutral and potentially quite cost-saving; all they require is faith. We must have faith in our government and in our officer corps, for there are none better. If we are able to rise to this occasion, embracing failure, decentralization, and the pioneering spirit that made our country great, then there will be no foe we cannot vanquish.
Arleigh Burke was a hard-charger by nature, never content to rest on his laurels.
Thus at the Battle of Blackett Strait–a victory for the United States–Burke was unhappy. Commanding a Destroyer Squadron, he was on the bridge of his flagship, looking out for the Japanese destroyers Murasame and Minegumo. When his radar operator picked up a ship close to shore, Burke hesitated to fire at first.
Sure enough, the contact had been one of the Japanese ships, and Burke’s hesitation allowed them to get within weapons range. A battle ensued, thankfully resulting in the sinking of both enemy destroyers.
Burke, frustrated with himself, asked one of the Ensigns standing watch what the difference was between a good officer and a poor one. After listening to the young man’s response, Burke offered his own:
“The difference between a good officer and a poor one,” he said, “is about ten seconds.”
The Pacific Theatre of World War II tested the United States Navy’s resolve like no other conflict before or since. We look back on the battles memorialized as part of our culture and hold them as the gold standard for naval operations today.
But luminaries like Arleigh Burke knew those engagements could have been better. The same bug that struck him at Blackett Strait–hesitation–cost the United States many other opportunities throughout the theater.
If he were alive today, pacing the bridge wing, Burke might regard the culture of hesitation we seem to have built in our Navy with a more acute displeasure than he did 83 years ago. And he would demand we improve.
Burke and his crews were successful, in part, due to their understanding of the strategic calculus of World War II: kill or be killed. In a war of attrition, the goal is to inflict as much damage on the enemy as possible while staying afloat, or, in the immortal words of General George Patton, “to make the other bastard die for his” country.
Though the tasks of major war at sea, on land, and in the air were gargantuan, the strategic environment may have been a bit easier. It was the ability of every Sailor to understand this paradigm–down to the mess halls and deck plates–and their commitment to see it through that would catalyze American victory in the 1940s.
Today, the United States still maintains the most capable naval force in the world. We still operate at sea, on land, and in the air, in addition to the realms of space and the broader electromagnetic spectrum. Capitalizing on the ingenuity of our people, we have incorporated technological advances into our platforms that enhance our tactics, techniques, and procedures.
These accelerations in technology have led to a commensurate quickening of decision-making in the battlespace. Colonel John Boyd’s “Observe-Orient-Decide-Act,” or “OODA Loop” describes the process that each individual or unit must go through to learn and succeed. As Colonel Boyd famously proved, the ability to operate inside an adversary’s OODA Loop is often the difference between victory and defeat.
Yet, as we increase the pace of our tactics and decisions, we are doing so at the expense of the strategic proficiency of our junior sailors and officers. Worse, senior officers often exhort to subordinates to “focus on your tactics,” implying that the understanding of strategy and policy should be left to those with “experience.”
This growing lethargy in learning and understanding brings with it a creeping risk–a hesitation–that should be untenable to us as warfighters. We are doing a disservice to our service when we develop aviators who can “center the dot,” but cannot describe the geopolitical diversity surrounding their Carrier Operating Area (CVOA); when we develop submariners who can maintain a reactor within checklist specifications, but cannot debate the merits of improving personnel policy in the service; when we develop surface warfare officers who can stand on their feet for hours on the bridge, but cannot fathom how the position of their ship in the ocean impacts the global economy. We develop this risk across both our Restricted and Unrestricted Line communities.
Sometimes, this risk manifests itself in mistake: the bombing of a hospital instead of a legitimate military target, or confrontation with a tenuous regional actor. Often, however, the risk is in unmeasured opportunity cost: the option or consideration no one in the room brought to attention; the detail that goes unchecked because it wasn’t part of our rigid formula; the stakeholder we do not consider but whose reaction will impact our long-term success or failure. We build in a culture of hesitation to our systems when we make such a clear distinction between tactical execution and strategic understanding. Just as in Burke’s time, it is costing us opportunities.
In his book Team of Teams, General Stanley McChrystal describes the concept of “shared consciousness” by saying, “our entire force needed to share a fundamental, holistic understanding of the operating environment and of our own organization, and we also needed to preserve each team’s distinct skill sets.” Rather than developing bland generalists, McChrystal remarks that the goal for his organization was “to fuse generalized awareness with specialized expertise.”
We are a Navy full of essential skills and experts; we need these to fight. But in order to win, shared consciousness among all ranks and at all levels is required.
Above all, this is a leadership issue. Our service has no place for those who tell their subordinates to “focus on tactics” at the expense of strategy. We may win the battle, but we will surely lose the war. To increase the pace of our various OODA Loops–and mitigate a culture of hesitation– we must develop sailors who are both tactically lethal and strategically aware.
Discussion of strategy and policy should be encouraged at all levels. Many good commanding officers, both past and present, have fostered an atmosphere of questioning and discussion in wardrooms and ready rooms. This should not be mere serendipity; we should select officers for these positions who are capable of engendering this environment, and continue to promote those who have proven they can do so in a respectful, constructive manner.
These discussions should lead to action and writing–to white papers, articles, blog posts–that are read and in turn debated, rebutted, and written about. Moreover, we should not limit this activity to individual ships and units; this environment should exist at the Pentagon, at our Fleet Replacement Squadrons and Afloat Training Groups, with our peers on the Joint Staff and in classroom settings, and with our multinational partners around the world.
Separately, we must not allow our reliance on technology to institutionalize a culture of hesitation. With more information being consumed and analyzed at a much quicker pace than ever before, it is easy to simply complete the blocks in our checklist and make a voice or chat report, rather than developing a system of communication and execution that capitalizes on shared consciousness. We must return to our uniquely naval roots of the Composite Warfare Commander Concept and command by negation in order to build a better system, or else we will be doomed to repeat the kind of hesitation that Arleigh Burke so desperately wanted to avoid.
In the final analysis, we are not compartmentalized into separate tactical officers and strategic officers. We are naval officers and warfighters; there should be no difference.
Admiral Burke’s experience at Blackett Strait played out between ten and twenty knots. Our experiences today demand that, while our ships may still travel at that speed, our decision-making and understanding scales exponentially faster.
For this generation of naval warfighters and decision-makers, the difference between a good officer and a poor one may be ten microseconds. And we must make every one count.