The Navy’s information technology is antiquated and unable to provide sailors, Marines and civilians with basic resources that any private sector employee with a computer can access, according to a report issued Wednesday by the sea service.
The 15-page report “Information Superiority Vision” offers a prescription for how the Navy can cure its IT and cyber security woes.
It also details how one of the world’s most advanced fighting forces fell so far behind other large enterprises, at least when it comes to technology.
Basic functions of modern networks are not currently available in the Navy systems, forcing many users to work around the system to get their jobs done, according to the report.
“Simple capabilities such as file sharing, cloud collaboration, chat, voice, and video are not available to users,” the report states. “Forward-deployed (sailors) and Marines must manually contextualize raw data from multiple unintegrated systems.”
Designed in the 1990s, the Navy’s “antiquated network structures” open lanes of vulnerability for adversaries who can get into the network through simple phishing attacks and then wreak havoc.
“As technology changes, our network no longer forms a linear battlespace simply defended by a Maginot line of firewalls,” the report warns.
The Navy and Marine Corps have also been stymied in recruiting, developing and retaining a modern day information workforce.
“Our checklist-based security culture, outdated information systems, and industrial age processes stifle innovative thinking and give a false sense of security,” the report states.
Sailors, Marines and civilians often head out the door and into the IT private sector where they are better paid, work with more newer technology and hone their skills, the report warns.
To fix that, the Navy hired industry veteran Aaron Weis last fall as its chief information officer. Weis helms the sea service’s information management reform efforts.
He told Fifth Domain last month that he was shocked by the “day-to-day technology” provided to sailors and Marines to do their jobs.
“I would say on a broad basis, as compared to industry, what we provide to sailors and Marines and civilians is about 15 years behind where private industry is at,” Weis said.
The plan comes after troubling reports in recent years about the vulnerability of Navy networks to hacking and intrusion by foreign adversaries such as Russia and China.
Last March, an internal audit presented to Navy leaders and leaked to the Wall Street Journal revealed that the Navy and its industry partners face a “cyber siege” by hackers who have in past years stolen vital national security secrets after exploiting critical weaknesses.
“We are under siege,” the Journal quoted a senior Navy official as saying. “People think it’s much like a deathly virus — if we don’t do anything, we could die.”
This week’s release of the unclassified public plan — first reported by the Journal — doesn’t fully detail how the service is addressing deficiencies.
But a key reform involves embracing artificial intelligence to analyze and curate vast troves of data, freeing sailors and Marines from the repetitive drudgery of machine-oriented tasks.
As AI algorithms continue to learn and develop, the Navy’s future networks will change some aspects of fighting wars, moving “from humans identifying and classifying every target to approving target classifications…and finally to verifying automated classifications,” the report states.
“This automation increases the speed at which warfighters can absorb information, make decisions, and act.”
The report emphasizes that automation won’t remove a human from the loop when choosing to engage a target.
In the meantime, unclassified, classified and top secret networks must be revamped to exploit two decades of technological advancements, and everyone from a warship’s crew to Marines in battle will use flexible networks that can adapt to the available bandwidth in a contested environment, or no bandwidth at all, according to the report.
The Navy must avoid its “rich history of building duplicative information systems,” and everyone with a common access card, or CAC, should have a single user identity from “hire to retire,” the authors added.
Digital innovation centers will allow teams of nimble sailors and Marines to develop and share new solutions across multiple teams so that others don’t find themselves “’relearning’ the same lessons.”
Sailors, Marines and civilians also should expect regular red team testing of their cyber security knowledge.
“If we find vulnerabilities, we take corrective action, no different than grounding an aircraft or welding a ship to the pier,” the report states. “Security becomes a state of being and readiness.”
Those who show aptitude for IT will be fast-tracked and promoted, and everyone in the force will have IT tenets drilled into them at all levels of their career, the report states.
“Our future leaders need to come from within,” the report adds. “The future (Navy Chief Information Officer) is a junior Sailor, Marine, or civilian today.”
The report offers no timeline for reaching these goals but the authors acknowledge all modernization efforts will be paced by the resources provided to fuel them, with other government agencies and the defense industry enlisted to help.
And the process will constantly evolve to respond to new technologies that give adversaries an edge.
“Transformation for competitive advantage will never be ‘done,’” the report warns.
Read the full report here.
Fifth Domain reporter Mark Pomerleau contributed to this report.