Mr. Tim Bloechl
Managing Director, Worldwide Public Safety & National Security, Microsoft

Technology Innovation in the Global Security Environment

Thank you for taking the time today to hear from Microsoft during your lunch at this great workshop. Most of you think of Microsoft as Office 2010, Windows 7, PowerPoint, Excel, or Xbox360, etc. That is not the Microsoft I know. The Microsoft I know is very focused on solutions for military and public safety customers. In fact, the largest customers in the world for Microsoft are military—11 out of our top 20 customers—and our number one customer in terms of size in our last fiscal year was the U.S. military. Many militaries have architectures based on the Microsoft platform. When our teams support you, they not only focus on architecture, but also try to figure out with our many partners ways to improve battlefield operating systems, to make your logistics operate more efficiently, and to help improve all the systems you depend on for operations. This year Microsoft will spend $9.5 billion a year on research and development, the largest investment of any information technology company. Although most of this funding is not focused on defense, when we obtain new technology, we look for ways to turn it into defense solutions.

We partner with all the companies here at the workshop. Sometimes they compete with us but for the most part they are our partners because most of our customers want solutions based on Microsoft software. Here are some examples of how we are helping to use commercial-off-the shelf or COTS technology to support your missions.
For NATO, the Civil-Military Cooperation Portal links together troop leaders, local officials, non-government organizations and other groups in Afghanistan. This has been a 24/7 operation for years since its creation by a Microsoft architect working at NATO Headquarters.

Our company created a research and development arrangement with U.S. Joint Forces Command several years ago to build a command center focused on IEDs on the battlefield. It is known as KnIFE, Knowledge Information Fusion Exchange, and today, before units go in harm’s way, they check into KnIFE to get the latest information on IEDs, where they have been sighted, and the types of explosives being used. KnIFE is saving lives on the battlefield.

Logica, a Microsoft partner company is deploying a document handling system for NATO.

Thales is deploying the new NATO Land Component Command and Control Information System (L2CIS) again based on the Microsoft platform.

I recently learned that the new NATO Air Command and Control Information System (A2CIS) was awarded to a Turkish partner, Havelsan, and Siemens of Germany, also based on a Microsoft architecture. So we at Microsoft are very focused on doing the right thing to support defense organizations and we are working with a host of partner companies to be able to help.

In their presentations, Admiral Fitzgerald and Louis Gallois mentioned that there is a blurring of defense and security in our operations today. I would agree wholeheartedly and what is nice about the business I lead is that I can see solutions across the whole space. We provide solutions down to local level, to police and fire, up to national level police and justice organizations, homeland security agencies, and to the largest intelligence and defense organizations. Through sharing best practices within Microsoft, we have visibility at the global level on all of these solutions and how they are used.

As another example, when we arrive at a solution in the world of police, we look to see if there are ramifications or transferability into the intelligence or military world. I was recently in New York City the day after a bombing attempt and had meetings with my team there who supports the New York City police department. They have helped build a counter-terrorism center known as the Lower Manhattan Security Initiative (LMSI). Microsoft is the lead company supporting NYPD as they continue to improve this counter-terrorism operation. Working with other companies, we have helped link together all of the surveillance cameras in Lower Manhattan, plus other electronic means located at bridges, tunnels and other access points into the city. From national level intelligence to local police reports, all possible information comes together under LMSI supporting counter-terrorism operations. We have also developed a similar capability called Fusion Core. Three U.S. states today use Fusion Core to support real time counter-terrorism situational awareness, and we are in the process of deploying this solution to other customers in the United States and beyond.

I am seeing an increasing prevalence of computer-aided dispatch for police and fire on our platform. Companies like Motorola, Intergraph, Unisys, and others are building solutions for police and fire based on the Microsoft product line. Another police solution we are proud of found its genesis several years ago in a letter sent to Bill Gates by a Toronto police detective sergeant. The police in Toronto were very concerned about people preying on children over the internet-child pornographers or sexual predators linking up with children over the Internet, setting up meetings with them, and then sexually exploiting these victims. The police had major difficulties analyzing the computer derived information to try to track these criminals down. Working closely with the Toronto Police and then the Royal Canadian Mounted Police nationally, Microsoft developed the Child Exploitation Tracking System (CETS), an intelligence analysis tool which has been used for years now to fight these horrific criminals. The solution has decreased analysis time by over 90% and has helped police and prosecutors put countless criminals behind bars. Microsoft has since deployed the CETS solution to twelve countries and is now in the process of creating a cloud-based computing variant of CETS so all police worldwide can benefit and take advantage of this technology.

Using what we have learned from these experiences, we have created an Intelligence Framework analysis capability that we are sharing with our partners and Microsoft Services teams so they can build customized applications supporting military intelligence, homeland security organizations, and other police investigatory operations. Additionally, Microsoft R&D efforts led to a new tool called PhotoDNA. One of the basic child pornography problems facing law enforcement comes from the way criminals handle images on the Internet. Efforts to remove these images are thwarted when perpetrators change one pixel on an image making it a totally different image to find in searches. PhotoDNA now allows law enforcement to find not only the original image, but variants of these images across the Internet, thus making it possible to reach out to Internet Service Providers to ask them to remove these pictures from the Worldwide Web.

I wonder how we can use this technology for intelligence operations. Furthermore, how can we use it to support military operations, police criminal cases, or to find terrorists? This is the next hard problem in my opinion. For example, The New York City police commissioner responsible for information technology operations mentioned to me that their biggest challenge today is to search and find an individual when he/she only appears in a moving video. With PhotoDNA as a start, and adding in some of the work we have done on the computer gaming and visual recognition sides of our business, we have the opportunity to converge these technologies into a solution which may solve this tough problem.

Looking at a different challenge I now turn to disaster preparedness, response and recovery operations. My company has supported many disaster response efforts over the years and we came to the point after Hurricane Katrina in the U.S. where we felt we needed to form a more focused effort. We created a full-time disaster response team which now deploys whenever disasters occur. We learn from each operation, do after-action reviews just as we do in the military, and continue to evolve our technology responses to potentially place the right capabilities in the hands of governments and non-government organizations before disaster strikes.

Let me share a few more examples. I was recently in Eindhoven in The Netherlands and had a chance to meet with the police commissioner who is working with industry to solve a difficult problem. A stretch of highway from the Port of Rotterdam toward the German border was hit repeatedly by criminals who targeted trucks sitting by the wayside and hijacked their goods. Working with the police, Microsoft and our partner company Geodan helped build and deploy a surveillance system based on BING Maps, SharePoint, and our new Surface device as a new police command and control system. Once deployed, hijackings at these rest stops decreased to zero! The Dutch are now exploring an expansion of this technology in other parts of Holland to fight crime. And a little warning to those of you attending this workshop- if you go to Hungary you are vulnerable to an automated, Microsoft-based traffic ticketing system. Anyone caught speeding in Hungary quickly gets a ticket and can pay or refute the charge online. This system, which paid for itself in three months, is a money maker for Hungary. Be careful you do not add to Hungarian revenue.

When I think about counter-terrorism, disaster response, and the other operations Microsoft supports, I try to think about how to apply this technology to military missions. This is an ongoing, evolutionary process. We do a lot of work with SharePoint in the command and control space and support to logistics using Microsoft Dynamics software has also become a key focus for us. I was in Iraq recently and had the opportunity to see a military logistics system created on the Microsoft platform by a small company named Knowlogy. This half American/half Iraqi company has deployed a system now supporting the logistics for the Iraqi army. By extension, the solution is helping Iraqis improve their capability to handle their own security missions.

Cloud Computing

Other current and future technologies are going to have an impact on military operations, such as cloud computing. Most of us are used to using software we operate on our laptop, desktop or hand-held device, and we make sure we store all the data on these devices because we do not necessarily trust storing the data elsewhere. Times and technology are changing the way you and I will store data in the future. The world is now moving to the cloud and more and more solutions are going to be cloud based. As a company, we have made the shift in this direction. We will continue to provide personal computer and handheld software resources, but industry is focused on providing these same capabilities in the cloud so organizations and individuals can reduce storage, network and hardware costs and maintenance. Amazon is a great example of cloud computing and most of you probably have made an order at one time or another at Amazon.com. All kinds of different companies are linked together by Amazon. You as customers are linked in to all of these companies and the services they offer through an Amazon cloud-based capability. You place orders and miraculously, through the Internet and the cloud, you receive your goods.

Another cloud computing example was recently deployed in the U.K. by Microsoft. One of the challenges facing the U.K. Ministry of Defense, and by extension all militaries for that matter, is the high cost, administrative burden and mountain of paperwork facing personnel managers. Until recently military and civilian workers of MODUK had to physically visit personnel offices to file this or that form. To save time, money, and paper, MODUK decided to create a cloud-based solution for their human resources actions for both military and civilian workers. The solution built by Microsoft and partners has been in place now for a couple of years. It saves MODUK millions of pounds a year plus all the travel time normally experienced by their customers. Today, I am seeing a growing number of cloud computing solutions being considered by military organizations around the world and we are at the cusp of a great wave of change based on the benefits these type of solutions offer.

Social Networking

How many of you have a FaceBook page? Quite a few of you I am sure. The current Supreme Allied Commander, Europe has his own FaceBook page. On my last check, he had 4,721 friends. He uses FaceBook as a means to pass information about what NATO is doing and shares it with the world. Twitter, Linked-In, Blogs-these are the technical social networking tools of the present. This evolution in information sharing brings two questions to mind. First, how do you use this technology to support your mission or should you? I suspect your soldiers will anyway, so it is important to think about the ramifications and potential benefits. Secondly, what are the operational security issues involved with using social networking? As a simple example, I recently gave a speech to 1500 students at my high school alma mater in Wisconsin. I warned them that sharing information on FaceBook is great, but one must be careful about the content one puts on the site as some future employer may look at the information out there on the Internet and one’s future job may depend on one’s discretion.

Unified Communications

When I was a CENTCOM intelligence war planner ten years ago, we used a highly expensive video teleconferencing system for planning operations in the Middle East. Today I can accomplish the same functions from my desk with a small camera linked into Microsoft Office Communications software. Furthermore, I can monitor the status of all the people I work with, whether they are online or not, whether they are in a call or in a meeting, and I can click a button and link them all together by voice or instant message. From my office laptop and camera in Redmond, Washington, I have given defense briefings to military leaders in other parts of the world using a device called Round Table placed in the conference room on their end. The device allows me to see and hear all the people in the room and also a close-up of the person speaking at the time. And they can see and hear me and view my PowerPoint slides as if I was physically there. Such is the nature of the technology we have today and because it is in mass production, it is cheap. So we need to figure out how to secure it properly so we can all take advantage of these capabilities in the defense environment. While I do not think we will ever hold one of these forums in this new virtual world, the technology to do so is present if we wanted to.

Changes in User Interfaces

As a young officer, I remember using map boards and lots of overlays with acetate and grease pencils. Today this work is all computerized. We now have a device called Surface which is shaped like the top of a desk and is potentially a replacement for the map boards of the past. It was built for home entertainment but today police are using Surface for command and control, moving images around with their fingertips, pulling up data reports, manipulating maps, and even using push-to-talk on the device to contact operators in the field. It is a great technology and some of our big defense system integrator companies are experimenting with the technology to create military operation center versions. Down the road I see the potential for a Surface-like device to be a flexible piece of plastic which can be rolled up like a map and deployed in tactical operations centers for C2. In addition, while you use touch on computer screens and other devices today to do many things, in the near term you will be able to use gestures instead of touch to achieve the same outcomes. My children have this capability today using a Kinect device attached to their Xbox 360. Soon we may have this technology for military exercises, training systems, or even in command centers. We need to think about whether we want to use such technology and how to use it.

Now I think it is important to briefly touch on operational risks associated with these technological advances. Industry is going to continue to innovate and build new capabilities. These solutions will be mass produced and the world’s population will use them, so it is important for militaries to think about how to use these new devices and technologies and, if they decide to use them, how to best incorporate the technology. A major risk we face is, if defense organizations do not choose to use these technologies but potential enemies do, what will be the effect on friendly and threat operational capabilities?

Secondly, what are the right security certification standards and practices we need to put in place to ensure these capabilities when put on a network or used for military operations will not cause an opposite effect? Clearly the world today is riddled with stories of cyber espionage and cyber-attacks. We have heard previously from Minister Aaviksoo about the attacks against Estonia in 2007, and when I visited Georgia last October, Vice Prime Minister Baramidze described how the Russians attacked Georgia and how for probably the first time in the history of warfare, cyber-attack was the main initial effort before the start of ground and air operations. We really need to spend more thinking about cyber operations from defensive and offensive perspectives. We must consider the security ramifications involved and this will be the main point of discussion this afternoon. However, if we work together and focus on cyber, we can stay ahead of the criminals and threat forces; we can take advantage of what the world’s industries are producing; we can save defense budgets in the process and improve our military capabilities and operations.

This concludes my remarks today and I look forward to the discussions this afternoon on cyber security. I hope you now have a better picture of Microsoft’s involvement and potential in the defense and national security arena and why we have been such a stalwart supporter of this workshop over the past five years.