On Friday, February 13, 2009, Linda Mills, Corporate Vice President and President, Northrop Grumman Information Systems sector, addressed the Armed Forces Communications and Electronics Association (AFCEA) International West 2009 Conference in San Diego, Calif. Below are her delivered remarks.
National Defense Investment Strategies for a New Economic Era
I am honored to be here today.
And, of course, I am thrilled to have any reason to be in San Diego in February . Having grown up here, I still think of myself as a native, especially when I am this close to the ocean.
I am also flattered to be the industry representative addressing this year’s conference.
As many of you may know, I do so from a comparatively new position within Northrop Grumman—as President of our new Information Systems sector—which combines our former Mission Systems and Information Technology sectors into a new powerhouse of a unit with a $10 billion business base.
Our reorganization may have changed our internal structure. Northrop Grumman’s unwavering mission focus—our striving to serve the warfighter and our nation—remain as enduring as ever. That will not change.
The underlying theme of my remarks today is how we can adapt our investments and planning in defense for this new economic era. I specifically want to discuss how government and industry can deepen our partnership to make the right investments in capabilities like C4ISR and cyber-security. I also want to discuss how we must develop the people we need to create our future technologies in these areas.
Change is in the air in our defense business. Here’s just one straw in the wind: Defense Secretary Robert Gates recently testified that he will now pursue “greater quantities of systems that represent the ‘75 percent’ solution instead of smaller quantities of ‘99 percent,’ exquisite systems.”
At the same time, we face this change while still fighting two wars. Other security challenges come from stateless terrorists, rogue states with high-risk strategies, and some traditional powers. Increasingly, all three show growing sophistication in using cyber-tools to further their aims.
Now that is just about as formidable an array of threats as anyone can imagine. To make the challenge of the future even stiffer, we now have a new national security environment that blurs and almost collapses the old distinctions: between what is foreign and what is domestic, between what is defense and what is homeland security, between what is military and what is civilian.
One thing is clear: The new era will force us to abandon the incremental pace and linear approaches we used to address challenges in the past. This can only happen when government and industry partner to find new economies of scale: partner to extract maximum effectiveness from legacy systems and partner to develop strategies to meet changing needs.
Let’s start with the headlines. There’s no denying it: defense is going to be significantly affected by our current economic crisis.
By now we all know that the liquidity and solvency crisis in the U.S. financial sector has translated into a global slowdown. Solving this economic crisis will require bold ideas from a new administration dedicated to change.
Will defense face budget reductions usually expected in tough economic times? Or, will the defense sector figure in the economic stimulus plans of the Obama Administration?
This is exactly what Harvard economist Martin Feldstein recently urged in the pages of The Wall Street Journal. Dr. Feldstein wrote “A temporary rise in DOD spending on supplies, equipment and manpower should be a significant part of that increase in overall government outlays . . .” He noted that “almost all the equipment and supplies that the military buys is made in the United States, creating demand and jobs here at home.”
After the better part of a decade of hard fighting, we need to replace and replenish our armed forces’ materiel. Such a stimulus could certainly address many key military needs.
Dr. Feldstein’s argument reminds us that we shouldn’t discount the contribution of the defense industry to our overall economy. After all, defense spending is heavily domestic. It is high-tech and high-value added. It is distributed across our country. And it is often the catalyst for enduring benefits to the civilian economy that far outlast temporary economic conditions.
For example, consider how GPS and wireless packet technology, two technologies originally developed for military uses, have become thoroughly embedded in our cars, in our Blackberries and PDAs. What would we do without our Blackberries?
It’s now reported that the Obama Administration projects $527 billion for non-war 2010 defense spending—up from about 8 percent from 2009. If these reports prove correct, that would be reassuring news. But in economic times as turbulent as these, who can say for sure whether our industry will face more austere times?
I know I can’t.
I am confident, however, that whatever the economic and budgetary future, there will be ever greater demand for revolutionary C4ISR capabilities.
We certainly face a growing clamor for the cyber-security and cyber warfare capabilities required to ensure that our networks—military, intelligence, and civilian—are there when we need them and secure enough that we can accomplish our missions.
I’m equally confident that our industry will change to attract, retain and get the most out of the next young generation of professionals who will carry our industry forward.
Across the range of national security challenges, one constant stands out. More of the situations we confront—in combat, as well as in other arenas—require the capability to find the proverbial “needle in a haystack.” Whether it’s finding and neutralizing plotters hiding in a cluttered urban landscape, or terrorists hiding in rugged terrain,or Al Qaeda hackers hiding in our computers in cyberspace.
In every case C4ISR is the critical enabler that permits us to counter the threat as surgically as possible while minimizing friendly fire, civilian casualties and damage to unintended targets.
In short, we have lots of precision weapons; but they’re no good if you can’t find the right target. Effective C4ISR is what makes finding the right target possible. In an overall sense, C4ISR does for military forces what the five senses, the brain and the nervous system do for the human body—providing awareness, facilitating decisions, and enabling the desired action or reaction, all with seamless integration. It allows complicated systems of systems to act as one—whether land-based, sea-based, space-based or cyber-based—for our operations or those of our allies.
Another way to put it is that we need C4ISR to turn data into intelligence, that intelligence into situational awareness, and that awareness into actionable knowledge that supports decision-makers at every level.
But the “i” – or “intelligence” – part of C4ISR is not just about gathering and analyzing data from the exterior world. Our growing dependence on networks is making the “i” part of C4ISR vital in monitoring that “interior world” of what our adversaries may be doing through our own networks. It’s becoming a vital tool in tracing their nefarious cyber-activities – to the point that “cyber-int” may merit designation among our classical list of “ints” or collection disciplines.
The brief but very successful career of a young man in Britain whose Arabic user-name translates into Terrorist 007 is a case in point. Before the police apprehended 007, he funneled millions of Pounds from phishing scams to support Al Qaeda. And he scrutinized home movies from U.S. soldiers to blueprint our bases in Iraq for terrorist attacks. Cyber applications of C4ISR can turn Terrorist 007s into big fat zeroes in this mixed civilian and military context.
On the purely military side, capabilities like Blue Force Tracking act as force multipliers in heavy combat operations in Iraq.
Whatever the budget constraints of the future, it’s a safe bet that we’re going to need more, not less, C4ISR. Our leaders will demand it. They will want as much actionable information as possible as quickly as possible.
And the C4ISR capabilities we build to support our combat forces are certain to have spin-offs that help us tackle a range of thorny, high-stakes national challenges outside the military arena: from port security to surveillance to securing our land borders against illegal crossings—to the cat-and-mouse game of counter-narcotics enforcement. Challenges like these will call upon technologies and capabilities that we must develop in the C4ISR arena.
Even in a field as remote from military operations as global climate change, a case can be made that our next great need is the capability to integrate, analyze, and interpret distinct climate data streams into a comprehensive picture of climate developments. Without this, how will we be able to operate the “cap and trade” emissions regime promised by President Obama? How will we assess the effectiveness of our adaptation and mitigation efforts? And without C4ISR-type capabilities, how could we ever produce the integrated, predictive, climate picture we need?
Creating tomorrow’s C4ISR capabilities will require, once again, a strong partnership between industry and government.
Just last month we saw the powerful results such partnerships can yield, when USAIR flight 1549 made its against-the-odds landing in the Hudson River. News reports highlighted the almost instantaneous arrival of rescuers and vessels from every direction. It was little noticed that the emergency responders—fire, police and the office of emergency management—were armed with a new tool to assist in their emergency response.That tool was a common, wireless, public-safety data network.
To surmount our challenges in national security, homeland security, and the civil sector, we’ll need interoperable communications with a shared common picture across federal agencies—between national intelligence and law enforcers, between federal and local authorities, and among emergency responders. These are among the next big challenges for our C4ISR developers.
But in order for C4ISR to be the force multiplier we need, the networks over which it operates must be reliably, predictably available—and secure. For that matter, the networks on which our entire civilian economy depend for finance and commerce, transportation and power, record-keeping and payments must also be reliably and predictably available—and secure.
Our networks—military, intelligence and civilian—must be there when we need them. If they are denied to us at critical moments, it could be more devastating than many kinds of physical attacks could ever be.
Secretary Gates noted that the: “full spectrum of U.S. military capabilities on land, sea, and air now depend on digital communications and the satellites and data networks that support them.” Add to these military networks the intelligence networks so vital to our ability to anticipate and react to threats. As well as civilian networks vital to our economic health.
For all these reasons, the Obama Administration is expanding federal leadership—declaring our cyber infrastructure a strategic asset that must be protected.
Recently, President Obama ordered an immediate 60-day review of federal cyber-security efforts and named a top U.S. intelligence official to oversee the effort.
The new administration is right to emphasize this area. The problem of cyber security is urgent enough to be a presidential priority. Just consider how easily Georgia’s Internet servers and computers were disrupted with denial-of-service attacks just before the war with Russia began. The nations of the world took note of this event. They are now integrating computers into a new and different concept of what constitutes warfare.
The magnitude of the cyber threat to American business is hard to overestimate. In just one case this year, as many as 100 million identities were potentially compromised in an attack on a large credit-card payment system.
Nor is our national security establishment safe from cyber-attack. Air Force Major General William Lord estimates that a foreign government has stolen 10 to 20 terabytes of information just from unclassified DoD networks.
In military terms, when it comes to our public and private IT infrastructure, an honest examination can only conclude that America represents a huge target to the rest of the world. Our systems are widely infected with malware that steals data, monitors our systems, and could easily disable us at any time.
In national security, we face an especially acute dilemma. Information Technology gives us the means, in the midst of a conflict, to do something commanders have wished for down through the ages—to get the right information to the right people at the right time. It can also give it to the wrong people.
Our vulnerability is made even more acute by the host of web services, PDAs, and wireless networks that we all use today. Each of us carries in our pockets and our purses a portal into our home-office servers that the wrong people could exploit.
Developments like cloud computing, service-oriented architectures, virtualization, and other technologies all present fresh security issues. In each case, it will take time to understand the full implications of these new approaches, and to deal with the resulting security issues.
In such a complex and interdependent realm, the attacker will always have the advantage. Even the most conscientious defender will never be able to keep up. After all, defenders need to protect every portal; the attackers need to gain access to just one.
How should we assess the total cyber threat? I see three big questions we need to address. First, exactly how do our enemies get into our systems, live among our systems, and pervasively exploit our networks? Second, how can we even know when we’re under attack?And third, how can we defend ourselves?
Perhaps one way to answer all three questions is to develop our understanding from the attacker’s point of view. The expansion of “cyber range” capabilities and more cyber ranges can strongly support that approach.
We also need to calibrate our capabilities to acceptable levels of risk. We need a program of relentless testing and validation to detect vulnerabilities. We need to train people in cyber-security. We need to help them interoperate across the services and agencies. We need to give them a common, operating picture. If we can give them more rapid, fully interoperable communications—a better ability to warn and predict—we will make synergistic cooperation the norm, not the exception.
Above all, we must do the easy things—configuring systems properly, loading security patches in a timely manner, encrypting data at rest, and monitoring networks.
If we liken our vulnerability to disease, our system is somewhat like the 19th Century American tenement, a breeding ground for infection. We could accomplish a lot with the cyber-equivalent of basic sanitation.
If we do all this, we will still have to cope with a system in which all the risks due to flaws in software are borne by the users and not by the software companies. Is there adequate motivation for industry to protect the end users?
Some might ask if we even have the political will to move forward on cyber security, given that national security makes up only seven percent of the computer market. Our challenge is to energize and work with the other 93 percent, who also have a lot at stake.
Building a partnership between all industries and government will be vital to protecting us all. Only government can give us a common focus and incentive for addressing these long-ignored problems. Only united industry can harness the level of creativity and innovation to develop long-term solutions.
If we do it right, a cyber-security partnership between government and the defense industry will create the layered defense America’s IT needs. The resulting solutions can serve the economic and social well being of the entire country.
These twin challenges of providing C4ISR and Cyber Security will certainly require a strong partnership between government and industry.But it will also require something additional—a critical ingredient all too easily overlooked.
It will require the right people—the best and the brightest of the next generation who will create our defense and national security capabilities. If we are going to attract them to our industry, we are going to have to retool the way we manage the people side of our business.
Consider that both the government and the defense industry are led by baby-boomers set to retire within the next decade. Who will replace them?
President Obama’s campaign website recalled the Sputnik era, noting that this time the “threatening ‘ping’ in the distance” is not a satellite in space but “instead from millions of malicious computers over the Internet.”The solution President Obama proposes, much as Eisenhower did in his time, is to invest in math and science education “vital to protecting our national security and our competitiveness.”
This is the right priority.
In Germany in recent years, 36 percent of undergraduates received their degrees in science and engineering. In China, the corresponding figure was 59 percent, and in Japan it was 66 percent. In the U.S., the share was 32 percent.
We will need to do more than just educate our young people for defense work. We will also have to educate ourselves about how to engage them, motivate them and even to follow them as well as to lead them.
Today’s younger adults have worked together in teams since they were toddlers. They are also the first generation to grow up in a fully digital age. Little wonder that they often see work as a collaborative, social experience. Many of them have also seen combat, but in a radically transformed environment where warfighters communicate with instant messaging tools, receive intelligence updates on PDAs, and watch airborne video surveillance of enemy positions in real time.
In time, I believe these young Americans are ultimately going to demand more change than any economic crisis or new administration. I believe that the young adults of today will have no patience with things as they are, either in business or government.
Take the defense acquisition system as a case in point.
Secretary Gates testified to Congress that acquisition has, quote, “a risk-averse culture, a litigious process, parochial interests, excessive and changing requirements, budget churn and instability, and sometimes adversarial relationships within the Department of Defense and between DoD and other parts of the government.”
Now I ask you, does that sound like an environment any young person you know is going to want to embrace?
What about the defense industry, which perhaps has lost glamor to Google and virtual-game companies? Will any bright young engineer go into defense, given an alternative?
I believe the answer for both industry and government will be “yes,” if we are smart about this—if we are ready to change.
At Northrop Grumman, we are trying to do our part, mentoring promising college students, partnering with the National Board for Professional Teaching Standards and developing curricula with the Earthwatch Educator’s Institute. Our Foundation even takes teachers up on zero-g flights, generating enthusiasm about aerospace to share with students.
The basis for developing these students, however, begins with secondary education, not college. We must somehow impart to students a love of science and technology. Only then can we have adequate numbers of young people prepared to manage large-scale engineering projects. If we succeed at this, I believe generational change will drive progress in defense.
I believe younger workers in defense are going to demand a system that focuses on transparency over paperwork and process. They are going to seek the right metrics. And they are going to insist on a level of government and industry partnership that is every bit as effective as the splendidly joint operations of the services in the field.
In industry, they are going to continue to help the defense industry team up with other high-tech leaders and a host of smaller innovative companies in unconventional partnerships on fascinating projects.
In government, they will bring to this sector the same sense of quiet patriotism that so many of them have already shown in the field of battle.
This is already an era of tremendous change and uncertainty. It is also a great opportunity to assert leadership—for industry and government leaders, and for our nation as a whole. This is the time for us all to step up and demonstrate innovation, courage and reinvention.
America’s detractors today are only too happy to point out that our country is stuck in a cul-de-sac. But this dead-end street need not be our final destination.We have been in tough places before. And every time America has been deeply challenged, Americans have devised a new way forward.
We will develop C4ISR to enhance and extend our networks.We will make sure that all our networks are secure, so that they will always be available when we need them.
And we will mentor the next generation to take over from us.
The world is looking at us to do all this. And I believe we will.