Agility, Uncertainty, and Information Sharing
Dr. Linton Wells II
US Principal Deputy Assistant Secretary of Defense
for Networks and Information Integration
THE UNCERTAIN FUTURE
My goal tonight is to build on some of the things I have learned at the workshop and to cover some of the important issues leading up to the Riga summit. Minister Jung noted the changes in the international security environment since Germany’s 1994 White Paper. The U.S. 2005 National Security Strategy pointed to uncertainty as the key characteristic of the future national security environment, something that was reinforced by the so-called Quadrennial Defense Review. DOD plans on a six-year defense program and beyond that a 10-year defense planning projection, a total of 16 years though it is really 18, because we cannot get to the budget until 2008—and, as somebody pointed out, 18 years is longer than from the Wright Brothers’ first flight to the end of World War I. So we are basically asking people to estimate the need for military aviation before the first airplane is flown at the end of a war that nobody expects is coming.
Let’s go back 18 years, to 1988. Much of the Army is being sized and structured for armored warfare in the Fulda Gap; a key role of the Air Force is to win air superiority over the inter-German border; defense of the North Atlantic Sea Lanes is a key mission for the Navy; the Mujaheedin are loyal freedom fighters in the fight against Communism; we have a really strong buffer against the Islamic Revolution in Iran and his name is Saddam Hussein; and almost nobody has ever heard of the Internet. So I think the point about uncertainty being a characteristic of the environment is really important and that we need to factor it into everything we are doing. I have no clue what 2024 is going to look like, but I am sure it is going to be nothing like what we think it is going to be today.
Just think about what we heard at this workshop. We heard about the global war on terrorism, failed states; we talked about Africa as a key security issue for Europe; we talked about virtually global operations and interactions for NATO; the dangers of nuclear, chemical, and biological proliferation; avian flu; and the religious, social, and economic dimensions of security. In this context, SACEUR noted that the changes NATO will need to respond to in the 21st-century environment are expeditionary, rapid reaction, and wide ranging. I think that is pretty descriptive of what will be needed for the uncertainties we face.
THE NEED FOR NON-TRADITIONAL MISSIONS AND PARTNERS
These uncertainties and related changes mean that our forces need increasingly to emphasize non-traditional missions such as: stability, security, transition, and reconstruction operations; humanitarian assistance; disaster relief; and, increasingly, something called building partner capacity, which is trying to set conditions so that war does not happen—engaging before a war starts. Many of these are “indirect” approaches, in the sense of B. H. Liddle-Hart in that they leverage others’ actions to accomplish missions, not just our own.
Tom Barnett wrote a book called The Pentagon’s New Map that shows that most of our interventions have been in failed state “gap” areas, and it reflects pretty well what we are actually seeing. Regarding reconstruction, I heard a quote the other day that; “War is much simpler than the stabilization and reconstruction operations that are needed at the end of it. But if we fail in those reconstruction operations, we cannot achieve the goals for which we went to war in the first place.” In other words, it is not enough just to design our forces for military operations now. We have to train the people and design the support systems to carry the operations on long term—at low to mid-level intensity, but long term.
This implies that we will be dealing with non-traditional partners, for example, aid organizations, international organizations, non-governmental organizations, indigenous security services, commercial partners, people who will never get inside the firewalls of our network but with whom we need to share information. In the U.S., as an extra benefit, if we can communicate, collaborate, translate, in some cases, and engage with these non-traditional partners, it will strengthen our ability to work domestically with state and local first responders in the kind of disaster relief that was needed along the Gulf coast. But this then leads to Minister Jung’s construct of “Network Security.” Such security needs to encompass all aspects of national power, not just military. It involves diplomatic, intelligence, information, economic, and other aspects, and it is potentially long term. We need to begin thinking in terms of 10 years, and someone said in terms of generations. That needs to be part of the planning process.
The other thing that is absolutely critical is local knowledge. We have to be able to communicate with the recipients of our aid, stabilization, and transformation work in ways that make them feel that we are working on their behalf, not just trying to impose our system on them. That requires a whole different set of skills—people, language, and cultural skills—that by and large our forces do not have right now.
THE IMPORTANCE OF INFORMATION SHARING
There is a common theme to both areas I have talked about: information sharing is critical. That means we need to change “need to know” to “need to share.” We have to change from being owners of information to being stewards of information. But the information has to be interoperable, across all coalition partners, and has to come with appropriate security. It is not enough to pursue the Microsoft solution to information sharing or the Cisco or the Oracle or the American or the Portuguese or the Dutch solution. We have to be able to share appropriately throughout whatever coalition environments we are going to be in.
It is key, then, to recognize that information has become a strategic asset. It is not the province of techie geeks, it is a core element of national power. And to get the proper emphasis, at the right levels of government, this fact needs to be recognized by ministers and commanders. It is not enough for mid-level personnel to try to get this point across; it needs to be endorsed and acted on at senior political and command levels. The explanations also have to address domestic audiences. If the alliance is going into something which will engage people for 10 years or a generation, leaders have to tell that story up front to the people who will have to support it at home.
These changes reflect the fact that the information revolution is transforming our societies, our way of life, the way we do business, the way our children think. They reinforce the sense that information issues involve strategic political-military-social questions that need senior level attention. Speaking to that need, NATO has something called NATO Network-Enable Capabilities (NNEC), and I believe they are key to providing the Alliance with the agility it needs to meet the uncertainty of the future.
Take, for example, the special operations force soldier on horseback in Afghanistan who is receiving close air support from a 40-year-old B-52 via precision-guided munitions over a digital network using navigation from global positioning satellites. These involved many changes to original concepts of operations, but because the components are flexible, because they are agile, and because they are networked, commanders could put them together on the fly and produce great effects. Network-Enabled Capabilities are important to the Alliance’s transformation. The United States reached several conclusions in the Quadrennial Defense Review. Networks do transform the way we do business, the way we collect intelligence, the way we fight our wars. Net-centric concepts also support the point that General Jones made that you need to make more rapid decisions in order to support distant operations.
THE CHANGING FOCUS OF NET-CENTRICITY
Two important evolutions of net-centric concepts have taken place over the last year about which we have to reorient our thinking. The first is moving from a focus on information—information superiority, information dominance, information whatever—to a focus on knowledge. The Quadrennial Defense Review reinforced the importance of net-centric operations but it also talked about moving from data-to-information-to-knowledge-to-decision-to-action as quickly as possible. So it is not enough just to have information; you have to turn the information into effective decisions and to turn those into actions.
The second evolution is that NATO’s network-enabled capabilities have to apply to a range of contingencies. It is not enough that these capabilities can help us fight armored combat in the open desert or fight naval warfare at sea. They have to be able to work in urban warfare in Fallujah, in counter-insurgency operations, in stabilization operations with the Afghan military, in tsunami disaster relief, in building the capacity of partners in Africa.
The U.S. will be investing about $27 billion in the core programs of the global information grid over the next several years. When NATO goes into Afghanistan, as soon as the commanders feel ready, the Alliance will deploy a command and control information exchange data system that is built not on American standards but on NATO standards. The developers went out of their way to build to international standards, not just the American way of doing business. Serious efforts are underway to support the network-centric concept of providing information on demand to people when they need it where they need it.
Security is also key. But it has to be under a different paradigm, a different way of doing business. The globalization of the IT sector and the expansion of the network boundaries mean that the perimeter defenses alone just do not work anymore. You cannot put a big firewall around the network and expect it to protect you. You need, instead of defense and depth, “defense in breadth,” from where the software begins to who is using it, and you have to assume that there will be antagonists inside the network—you cannot assume that all the bad guys are going to be on the outside.
Another piece that is really important is something arcane called Identity Protection and Management, because we will have a very diversified system with all sorts of people in it. In order for security to work, you need to know who those people are, and that leads you to all sorts of approaches such as biometrics, identity tokens, and role-based access; things that most people do not think about but that are critical in their environment.
Let’s talk about resources for a moment. SACEUR expressed concern that NATO’s role is expanding but without an increase in resources. In fact, the resource constraints, at least in the U.S. Department of Defense, are going to become even tighter in the years ahead. People have referred to the fiscal 2006 budget as the “tunnel at the end of the light.” From 2008 on it is going to be even tougher for a variety of reasons: the top line is not going to grow as fast; many new military health care benefits have been approved by Congress; there is a lot of equipment in Iraq and Afghanistan that will have to be refurbished; and the supplemental budgets that have been supporting operations eventually are going to go away. This tightened resource environment will have a particular impact on discretionary funds—acquisition and research and development—which of course is a concern to the defense industry.
It is therefore critical that these tightened funds be focused on the needs of the new environment. We have to use them, not to prepare for comfortable, traditional missions, but to support a broad range of possible contingencies in an uncertain future. Conventional conflict cannot be ruled out, even as capabilities are built for irregular warfare, but we cannot just keep buying stovepipes and stand-alone platforms and point-to-point communications. Perhaps there are ways, which General Wolf talked about, to use the NATO Response Force for tactical network building and then have units cycle through it—they will get trained and improve as the NATO Response Force is used.
The sociology of this work is as important, if not more so, than the technology. If you have not seen the brochure about Multinational Experiment (MNE) 4 by the Joint Force Command in Norfolk, I strongly recommend you look at it. This work, which has gone on for two years and involves stabilization and reconstruction in Afghanistan, makes a very important contribution to preparing for the future security environment. MNE 5 is now being planned and I recommend that any of you who are interested in it contact Joint Forces Command, because the concepts are being designed to work with industry partners and alliances. Multinational Experiment 4 involved the U.N., the EU, Sweden, Australia, and Finland—not just NATO countries. So there are many opportunities here.
Another important event that is in planning is Strong Angel 3 (www.strongangel3.org). It is looking at the technology, Conops, and sociology of reconstructing a society after all key networks and services—power, water, communications, transportation—have been disabled. This demonstration is looking at how to help restore the functions of a society using communications, and collaboration, and how to re-establish the trust of people in their government.
What is the way ahead? Again, I encourage every interested party to become involved in MNE 5 and Strong Angel, but the very important Riga summit is coming up, so I offer two issues for ministers and commanders to consider.
The first is the critical need for information sharing as a core approach to a wide range of scenarios. We do not know what those scenarios will be. We do know, though, that we are going to have to share with many non-traditional partners in any scenarios that arise and that information will be a strategic asset.
The second is that network-enabled capabilities really are critical to the Alliance’s transformation and help give it the agility it needs to face the uncertainty of the future. But these capabilities are not based on technologies alone. Technologies and material must co-evolve with the full range of doctrine, organization, training, leadership, personnel, and facilities to truly be transformational and to build greater security.
If I were to ask industry for one area of emphasis, it would be to give us more security in networks and commercial network-related systems. We cannot continue to work in isolated enclaves or stovepipes, but the insecurity of much of the software and hardware, being developed today is a source of genuine concern.