Defense IT Investment to Focus on Big Data, Cloud
Of the Defense Department’s $496 billion budget for fiscal year 2015, approximately $30 billion is dedicated to IT.
The Navy’s IT budget request of about $6.7 billion is down from the $7.2 billion requested last year, but it reflects the service’s aggressiveness about finding cost savings. The Air Force’s 2015 IT budget request came in at around $6.4 billion. This is the only branch of service that upped its IT budget request, with a 20 percent increase in capital expenditures. The Army’s request of $7.5 billion is the largest IT budget of the services, though smaller than the request from 2014. Existing systems will need to be improved incrementally, and as such the Army will need help managing applications and IT portfolios.
The combination of a shrinking force size and technological advances are driving the importance of data and analytics. Advances in sensors, wireless networks, and unmanned aerial vehicles have resulted in a flood of new data. Despite the need to rely more heavily on data for situational awareness and predictive analytics to give them the edge over the enemy, defense leaders are concerned that they will not have the people or time to deal with all this new information. Technology will need to bridge the gap.
Additionally, on the business side of the house, the military is looking at its data for new ways to increase efficiencies and make more informed decisions.
Just as with big data and analytics, the military will rely on information from its enterprise systems to help streamline operations and identify places where they can be more efficient and save money. The military is reducing overhead and personnel at headquarters, and needs to rely more heavily on technologies for outsourcing services and automating processes.
The Defense Department is looking to the fiscal year 2017 audit to give it more visibility into their finances and to drive better cost management. The department has spent billions upgrading its financial enterprise resource planning (ERP) systems, and will need better data management and interoperability solutions to improve the accuracy of financial reporting.
The Pentagon also is relying on technology to increase its use of shared services. For business operations, the Army and Air Force are making the Defense Information Systems Agency their go-to service provider for shared services including email, data center hosting, and moving voice/video/data applications over the internet. Outsourcing business services to DISA or other commercial providers, for example, allows the military to focus more on its core missions and not on managing IT systems.
The department is slow to embrace cloud computing because of security standards that have limited the playing field. Some other reservations include ensuring real time visibility into cloud activities, continuous monitoring, data management and access in remote locations.
Defense is broadening its work with commercial cloud vendors. For example, DISA is exploring ways to lease data centers or co-locate commercials ones with private facilities, like milCloud. Both of these options would allow a commercial service provider to host classified data.
In 2015 there will also be further consolidation of operational programs and applications into 10 of DISA’s data centers. The department believes these core data centers will lead to significant savings by cutting down on wasted IT infrastructure. This consolidation is supposed to be finished by the end of fiscal year 2018, although the final number of data centers and the deadline will probably change. The Navy and especially the Marine Corps tend to chart their own path, so it remains to be seen how broadly this core data center plan has buy-in.
Mobility is an area where the government often struggles to keep up with the pace of commercial technology, but it is absolutely critical to the future of its operations and workforce. With fewer personnel in the field and the office, agencies and departments are going to be heavily dependent on technology to communicate with each other to accomplish their missions.
In particular, DISA wants mobility to be central to everything it does. One of its core tasks is providing mobile device management to the military. The more mobile capabilities DISA can provide to the services, the more it will help with interoperability, security and centralized management for cost savings.
While some agencies have been piloting bring-your-own-device, this strategy is still a ways off. Right now the Defense Department is nearly ready to allow users to have personal space for email and apps on government-owned BlackBerry devices. In terms of smartphones moving to the secret network SIPRNET, the department is working with the National Securuty Agency to develop a device called defense mobile classified computing, which should be in the production phase by the end of the year.
The military services and agencies are actively consolidating and modernizing their networks with some of the biggest programs in the Navy, Army and the Defense Health Agency all aimed at collapsing or replacing legacy networks and systems.
When officials talk about IT infrastructure modernization, they typically refer to the Joint Information Environment. JIE is centered on consolidating the department’s infrastructure and how to view IT as a “weapons system” while reducing costs.
Pentagon officials are still defining which activities fit under the infrastructure improvement umbrella. For example, the Joint Regional Security Stacks (JRSS) initiative is a big piece of what the Defense Department is doing to consolidate its security posture across its infrastructure. JRSS gives leaders the ability to see what is going on inside the networks and will greatly enhance big data and analytics efforts. JRSS is also prompting a massive effort to increase bandwidth across Army and Air Force bases.
Cyber security will remain a protected area in budgets. The 2015 cyber security budget will be around $5 billion. Consolidating infrastructure and data is meant to give the enemy less surface area to attack, though it’s important to note that a homogenous attack surface could make successful breaches more devastating.
JRSS will work with the defense enterprise operations centers to manage user access on the defense information network. This is meant to bring together cyber defense in an integrated architecture for the department to align with the JIE. Identity management also plays a huge role in cyber security. It will be part of everything from mobile device management to insider threat detection.
With regard to security standards, the Defense Department seems to be lightening up a little bit, and that’s good news for vendors. It recently announced that National Institute of Standards and Technology will replace the DoD Information Assurance Certification and Accreditation Process standards for information assurance certification. The department doesn’t want unique standards anymore. It wants to move to a common and unified framework to simplify and save money.
Stephanie Meloni is senior analyst for immixGroup. She can be reached at Stephanie_Meloni@immixgroup.com. Lloyd McCoy Jr. is a consultant with immixGroup. He can be reached at Lloyd_McCoy@immixgroup.com.