The Need for A Strategic Pivot in DoD R&D

This CTOvision Pro produced analysis focuses on the technological needs for DoD in order to ensure a modern infrastructure while enhancing DoD ability to defend itself. It specifically calls for a shift in R&D spending in DoD.

The Need For A Strategic Pivot in DoD R&D: A concept piece for enhancing DoD cyber security posture

Speeding technology acquisition is a key goal of the department’s “Strategy for Operating in Cyberspace” and we found strong support for this tenant throughout our study.  There is wide-spread agreement that technology innovation is at the forefront of national security and that DoD must enhance its ability to speed its acquisition processes, especially in support of cyber operations. We have found, however, a significant difference in what is being called for in technology innovation and what is being done. The department is investing R&D in cyber projects for defense and offense, but these activities too frequently assume a high degree of customization will be allowed before systems will be fielding into DoD. This runs contrary to the stated cyber strategy, which seeks to replicate the dynamism of the private sector to harness the power of emerging computing concepts. DoD must be willing to sacrifice and defer customization to achieve speedy incremental improvements. Remaining wed to expensive long-term customization activities is a key reason why much of the department still operates on an operating system that is over a decade old and now unsupported by the vendor community. We believe a strategic pivot of DoD R&D spending on IT can mitigate this and other weaknesses and turn our IT infrastructure into a much more resilient one.

 

The Pivot: Shift Cyber R&D To The Tracking And Influencing Of Commercial IT.

The information technology in use in DoD today is based on commercial off the shelf IT. Commercial IT is now in use globally, and it is also produced globally. It ubiquitous, intertwined, and so powerful and contributes so much to humanity that it is being invested in and improved upon everywhere. IT is no longer solely under the control of any one organization or even any one nation. The globe’s IT is moving by autonomous market driven forces and an advancement of science.

This means a system of techno-assemblages so complex that no one individual or group could possibly understand and never control is now forming the basis of DoD’s infrastructure. Enhancing our trust in our IT and mitigating threats to resilience will require new approaches. No longer can we invest as if we can shape an understandable stand-alone system that can be evaluated in isolation. We must invest in ways that recognize the limits of our influence and focus on those prioritized factors we can change.

This calls for a pivot in our cyber related R&D. We must pivot our R&D to raise our awareness of where the cyber market is going and focus investment on the things we can influence.

 

We Recommend the Following Guidance in Execution of this Pivot:

Technology developments, including developments in Hardware, Software, and Concepts, are moving so fast that a greater apportionment of resources must be spent on tracking both the capabilities of existing IT and the mega trends of the IT industry. Under existing policies and acquisition regulations, procurements are to be conducted in ways that take into account “market assessments” but in practice it has become impossible for any procurement official to understand current capabilities in the IT marketplace, let alone coming changes to the market. It has become intractable to optimize evaluations of engineering trades in procurements. Traditionally R&D is focused on creating capabilities far into the future but pivoting to studies closer to the present will aid in the continuous procurement decisions DoD professionals must make every day. Additionally, R&D focused on IT mega trends that we can hardly influence will also inform procurement strategies and decisions since items being planned for today must be relevant and resilient in a future being impacted by these mega trends.

R&D should also accelerate our wisdom on creation of new solutions from existing hardware and software. This is a pivot from an approach that seeks to focus R&D on creation of new hardware and software. The pivot is towards influencing things we can influence. For example, our study revealed eight new technology requirements that we believe will make significant, positive change in the resilience of DoD systems, and each of these eight could be more rapidly fielded by R&D focused on development of systems based on existing IT. None of the below require new science. All can be based on capabilities the IT industry provides today.

Technology

Benefit

Cyber “Thin Line” providing survivable out of band C2 including ability to reach into IT industry while in attackEnhanced deterrent, resiliency, recovery
Non-signature based detection of threatsDetect while under attack vice after
Secure collaborative environments with visualizations spanning all cyber mission areasLink communities of interest together enabling more rapid coordination of action
M&S tools for cyber mission rehearsal, exercise planning, mission planningEnhanced mission effectiveness
Enhanced COA development, BDA, Situational Awareness and C2 toolsEnhanced mission effectiveness
Enhanced Root of Trust, including purge to zero state and BIOS attestationIncreased system resiliency, recovery, restoration after attack
Integrated Automation Suites including continuous vulnerability assessment and mitigationSupport to automated hygiene, enhanced defense and more rapid restoration after attack.
Technology for cyber audit and forensics, including reverse engineering toolsAssessment of damage from attacks and continuous hygiene monitoring

 

More CTOvision Reporting:

For more on these topics see the CTOvision Guide to National Security Technology and

Connect Here

What do you think?

Target Post Mortem: Exposure of the Soft Underbelly of Point of Sale Systems

Drone Strikes and the Lessons of Nonlinear Science