Index

STATEMENT OF
BRIGADIER GENERAL ROBERT M. SHEA
Assistant Chief of Staff for Command Control Communications Computers and Intelligence,
HEADQUARTERS, UNITED STATES MARINE CORPS

Mr. Chairman and distinguished members of the committee, I am pleased to have this opportunity to discuss how the Corps is meeting the challenge of its role in information dominance and particularly the critical challenge of Information Assurance. 

Today I plan to provide you an overview of the Marine Corps approach to Information Superiority.  To achieve this goal, we must ensure that our approach to information technology (IT) and command and control supports our warfighting doctrine, that we focus on interoperability, that our processes provide the infrastructure to meet information needs, that we are protecting our information resources, and that we are actively addressing every challenge.

OPERATIONAL MANEUVER FROM THE SEA OVERVIEW

I'll begin with an overview of the conceptual warfighting framework within which we expect to operate in the future.   Today we have Marine Expeditionary Units (MEUs) deployed around the world.  At any time they may deploy ashore to execute any one of the many capabilities for which they are specially trained.  Success of those missions depends on our ability to provide the right information to the right place at the right time --  in a format they can use and understand.

If the situation warrants, the MEU becomes the base on which we build a larger operating     force -- a Marine Expeditionary Brigade (MEB) or Marine Expeditionary Force (MEF) -- to conduct a classic amphibious operation with the Navy or to conduct sustained operations ashore alongside the Army and the Air Force.    In any case, increased command and control (C2) capability is required to ensure operational success. 

That is how we operate today and for the near future. But as I say these words, we are in the process of revamping our doctrine to embrace and support the concept of operational maneuver from the sea.  Continued support to current operations while adapting for the future requires a holistic approach to information and command and control systems, as expressed to the committee last year by Lieutenant General Rhodes, the Commanding General of the Marine Corps Combat Development Command.

Operational Maneuver From the Sea, commonly referred to as OMFTS, is the Marine Corps capstone warfighting concept that, when coupled with its supporting concepts, serves as the basis for framing the capabilities the Marine Corps of the 21st century will need to achieve victory on the modern battlefield.

OMFTS envisions a future environment characterized by “crisis in the littorals.”   It describes a new form of littoral power projection in which the amphibious force focuses on the operational objective rather than building a large command and control capability ashore.  It makes extensive use of maneuver at sea as a means of gaining an advantage to deliver a decisive blow at a significant enemy weakness.   OMFTS offers the promise of extraordinary leaps in operational flexibility as the result of technological enhancements in such areas as sea based logistics, fires, and command and control systems.

When combined with a command and control system that is oriented toward rapid decision-making at all levels of command, the additional speed and flexibility offered by these new techniques produces a high tempo combat operation.  This tempo will lend itself to favorable conditions for decisive victory.  

With OMFTS, our inextricable link to the Navy grows tighter as we develop our emerging concepts of command and control afloat.  In the past, we have always exercised initial command and control of amphibious operations from Landing Force Operations Centers aboard ship.  Our concept called for movement of our command posts ashore as soon as we installed adequate infrastructure and were able to control combat operations.

As we look to our emerging concept of Operational Maneuver from the Sea and improvements in technology that are now available, we intend to exploit the advantages of keeping many elements of command and control afloat.  We have always concerned ourselves with operational momentum and force protection.  With OMFTS, supported by the technology available now or soon arriving, we can eliminate the disruption that previously occurred during the ship-to-shore movement of our various C2 functions.  Our C2 nodes are afforded enhanced force protection through the ability to stay at sea, and the logistics requirement ashore is reduced. 

It is the alignment of concepts and technology that allows this to happen.  We could not exercise this concept with yesterday's C2 systems.  Their limited range and capability required the commander and a large staff to move off the ship to position themselves where they could control the battle. The means are now available to operate a large portion of our command and control, particularly staff functions, while afloat.  As the Navy implements its Information Technology for the 21st Century (IT-21) concept, it is now able to support Naval operations with systems that better support our concepts through direct connections to forces ashore, as well as with reach-back.

Information Technology for the 21st Century (IT-21)

The Navy and Marine Corps are making great strides in developing and streamlining the process for identifying and procuring shipboard C2 systems.  Many of these efforts fall under the umbrella of the Navy's IT-21 initiative.  We have made progress in ensuring IT-21 includes the systems of Marine Corps interest, as well as ensuring that we work towards common solutions, standards and systems that support the full range of Naval operations.  Integration between Marine and Navy IT-21 configurations continues to improve.  While there are pieces of this integration that require work, the progress to date has been very supportive of our deploying Marines. 

Marines currently deploying are seeing increased bandwidth for both ship-to-ship and ship-to-shore communications supported by a much more robust shipboard local area network.  We have passed the stage where it was sufficient to have a robust C2 system on one ship of the Amphibious Ready Group (ARG) and archaic manual systems on all the other ships. Forces dispersed across all the ships are able to share information and collaborate in operational planning and execution with greatly reduced decision cycle times.  Marine Expeditionary Units operating in places as diverse as Kosovo or East Timor are seeing dramatic improvements in their ability to conduct collaborative planning while in the split-ARG operations that are now common.  We will build on that success.  Continued progress in this area is crucial to our success in an amphibious environment and will become even more critical as the OMFTS force evolves.

Marine Corps War Fighting Lab/Extended Littoral Battle Field Technology Demonstration

We are evolving our C2 capabilities through experimentation.  The experiments conducted by the Marine Corps Warfighting Lab have been instrumental in highlighting deficiencies in our command and control systems, as well as steering us to technologies to solve these challenges.  Our experimentation has highlighted the need for a radio for our small unit leaders to exercise command and control of their forces in an urban environment.  We do not have this type of radio in our inventory in sufficient quantities today, despite the obvious need.  The Lab has pointed us to a low-cost intra-squad radio solution that has received high praise from our Marines.  

The Warfighting Lab continues with a series of battle experiments to determine solutions that will work in various operational environments.  In the command and control area, they are determining the information needs of small unit leaders and ways to deliver a scalable Common Tactical Picture (CTP).  The lab is also looking for technological solutions to support the over the horizon command and control requirements of OMFTS.

The ability to command and control forces when operating over the horizon has been always been a significant challenge for amphibious forces.  Through the combined efforts of the Office of Naval Research and the Warfighting Lab, a program called Extending the Littoral Battlespace has successfully demonstrated the employment of airborne hosted wireless wideband technologies from ships off the coast of southern California to the desert in the vicinity of Yuma, Arizona.  This experimentation allowed the small unit leaders in the desert to share a common understanding of the tactical environment with other members of the network.  This type of capability is essential for us to achieve the full potential of the OMFTS force.  

INTEROPERABILITY

We define our future warfighting environment to include Joint and Coalition operations.  When discussing Naval, Joint or coalition operations, the topic quickly moves to interoperability.  The Marine Corps is the model for interoperability.  Despite being the smallest of services, the Marine Corps is a combined arms force.  We train and fly in combat with the Air Force and the Navy.  Ashore, we fight shoulder to shoulder with the Army, and we move forward from the sea with our Navy partners. We are always in a Joint warfighting environment.  As you may have heard the Commandant testify, the Marine Corps provides 20 percent of the nation's active infantry battalions, 20 percent of the active fighter/attack squadrons, 17 percent of the attack helicopters, and one third of all ground combat service support in the active forces. Interoperability with our sister services and coalition partners receives the highest priority within the Marine Corps, and we often serve as an honest broker on interoperability issues. 

We are primarily a “buyer”  -- not a developer -- of systems, including information and command and control systems. Our Year 2000 (Y2K) operational evaluations illustrate this; 52 percent of our systems are developed by the other services.

 We can't afford to develop -- nor do we intend to buy -- systems that don't fit into the established Joint architectures. Therefore, we zealously press for Joint solutions to our command and control systems and information systems requirements.  To that end, we have recently established a Systems Engineering and Integration (SE&I) Division within the Marine Corps Systems Command to ensure that our command and control systems acquisitions and developments do in fact comply with the DoD-designated Joint Technical Architecture and are interoperable.  The function of the SE&I activity is to establish and enforce an overarching plan to ensure that Marine Corps C4I systems work as a C4I 'system of systems' in the Joint and Allied arena.  The SE&I Division centrally identifies, manages, and enforces interoperability standards and integration engineering processes.

Complementing that effort is another Marine Corps Systems Command initiative, the Systems Integration Environment (SIE) at the Marine Corps Tactical System Support Activity.  Our developers will use this integration environment to test systems and network configurations, ensuring that our tactical command and control systems perform as advertised, before fielding.  The SIE also supports rapid acquisition initiatives since systems and configurations can be tested, adjusted, and retested in a realistic operational environment.

 

RECENT TACTICAL IMPROVEMENTS

We have made major strides in recent years in upgrading the Corps command and control systems posture, and we thank the Congress for its support in this improvement.  Our FY01 budget submission continues our emphasis on upgrading tactical systems.

We have purchased satellite terminals that operate across a broad range of the frequency spectrum to exploit both commercial and exclusive DoD satellite systems. MILSTAR terminals like the SMART-T permit us to operate our critical Marine Air Ground Task Force (MAGTF) command and control systems in a stressed environment.  The wideband STAR-T terminals, slated for acquisition starting in FY02, will provide us the flexibility to use both the Defense Satellite Communications System (DSCS), as well as commercial satellites for our long haul and reachback command and control systems requirements.  In the meantime, we are working to extend the service life of our current Ground Mobile Forces wideband terminals.

With the fielding of the Tactical Data Network (TDN) and Digital Technical Control (DTC) facility in the FY01/02 timeframe, we will have a solid digital backbone down to the regiment. Additionally, we procured the enhanced manpack UHF satellite terminals for our lighter, highly mobile Marines.  The combination of these acquisitions not only enhances our ability to command and control Marine forces, but it is fundamental to our participation in Joint operations.

A major Information Superiority challenge for the MAGTF lies below the regiment level.  We are fielding the Enhanced Position Location and Reporting System (EPLRS) to fill the gap down to the company level until a more robust and capable solution is developed. 

Our FY01 Budget requests funding to proceed with the development of a standard Unit Operations Center (UOC) for our warfighting forces.  This UOC program will incorporate elements of our present Common Air Command and Control Systems (CAC2S).  It will focus on providing our commanders with a relevant Common Operational Picture (COP) that combines, among other things, ground tracks, sensor data, and air command and control information.  UOCs will be scalable, using modular technology.  Our UOCs will allow commanders of any combat, combat support, and combat service support unit to make faster and better decisions through enhanced situational awareness and state of the art collaborative planning tools.

We heartily endorse the development of the Joint Tactical Radio System (JTRS) and are optimistic that it will provide the solution to our networked voice, data and video requirements below the Division, Wing and Group level.  When the JTRS is successfully fielded, it will allow us to “neck down” to a single family of combat net radios capable of meeting the requirements of the multiple families of radios that we currently employ.  We expect the JTRS to offer increased operational flexibility, efficiencies in training, and reduced logistics support for our operating forces.  

An emerging requirement for FY01 is our need for a ruggedized hand-held radio, such as the Multiband Intersquad Tactical Radio (MBITR), currently used by Special Forces in SOCOM.  This radio satisfies our Tactical Hand Held Radio (THHR) Mission Needs Statement.

SUPPORTING ESTABLISHMENT INFRASTRUCTURE

Over the past several years, the Corps has invested significant time and money in improving its base infrastructure to ensure it provides a seamless connection between our supporting establishment and operating forces.

The upgrade of the telecommunications infrastructure for our supporting establishment, the fifth element of the MAGTF, remains one of our most pressing priorities.  In the networked world we have entered, our bases, posts and stations are both literal and virtual extensions of our operating forces so we are eliminating the boundaries between our tactical and base networks.  We recognize that they are both inextricably linked to our current operations, as well as OMFTS.

Our Base Telecommunications and Infrastructure Upgrade Plan has been the bedrock of our garrison network, allowing us to procure and install a variety of network components and applications resulting in the implementation of a centrally managed and defended enterprise network -- the Marine Corps Enterprise Network (MCEN).  It has also allowed us to expand connectivity to critical command and control facilities.

With your funding increase last year, we are continuing this expansion.  We are reaping significant dividends upgrading the cabling systems and structured wiring at 21 of our 32 bases. This capability increases the bandwidth available at the desktop, improving data flow for graphics, imagery, and video -- a capability that will support reach back for our deployed forces.

There is no doubt when we finish upgrading the supporting establishment telecommunications infrastructure, we will have developed a true force multiplier through our ability to move information rapidly and seamlessly.  Examples of this abound.  Imagine the ability of a deployed commander to reach back to one of our bases for the functions that can be adequately performed there, thus reducing the lift requirements for his command and/or adding an additional capability of his choosing.  For example, a forward deployed Marine Expeditionary Unit, our smallest MAGTF, might be in need of special maintenance support and conduct a video teleconference (VTC) with a subject matter expert at our logistics depot in Albany, Georgia in much the same manner that telemedicine is performed.   Or, a Marine Expeditionary Brigade commander could reach back to Quantico to model and simulate his operation plan before going into combat.

The potential advantages are boundless, and there is no technical reason to preclude exploiting this capability.  When completed, these upgrades will permit us to enhance and exploit our integrated logistics capability (ILC) and provide for adoption of E-commerce and Corps-wide process improvements.  These telecommunications upgrades will also allow us to leverage advances in distance learning.  

We appreciate your past support and we seek your continued interest and assistance to complete this initiative at our bases.  We continue to strengthen and refresh our network resources to meet the needs of the Corps. 

 

 

INFORMATION ASSURANCE

The recent, well-publicized distributed denial of service attacks on Yahoo and other commercial websites highlight the inherent vulnerabilities associated with our rapidly evolving network-centric world.  They also serve to remind us that we must continue our aggressive efforts to secure our networks and information stores.  If these events are any indication of the maturity of coordinated cyber-assaults, then we should feel lucky it was undertaken in the commercial sector. Although we have made substantial progress in this area, our present ability to counter such a threat is minimal. The picture grows even more sobering if we accept that this attack was not the deliberate, malicious work of a nation-state, but rather the effort of a loosely coupled coalition of hacker groups. 

Although the Marine Corps denied these hackers the ability to use Marine Corps sites as jumping off-points, neither we -- nor any other service -- would have been immune to the flood of traffic that choked some of the world's largest, best-constructed web-sites, had the attack been directed at us. 

Further, we have learned a great deal from this event. This was a single thread assault: one adversary, or group of adversaries, employing a single attack method.  A multi-thread attack -- one that combines, for example, a distributed denial of service attack, the broadcast of a Melissa virus containing a destructive payload, and the synchronized implanting of Trojan Horse 'sniffers' -- has not been conducted to our knowledge.  As a result, we have not been forced to test our ability to respond to a coordinated, well-orchestrated attack of this nature.

When a multi-thread attack occurs, our Information Assurance posture must allow us to control the tempo of the cyber-battlefield.  To do this, we must have invested sufficiently to ensure our defensive positions are reinforced and all avenues of approach are covered.  Our ability to detect intrusions must be multifaceted.  Whether it be a frontal assault, such as that experienced by commercial sites, a slow probing of our boundary layer security architecture, or an internal threat to our information integrity, we can not lose the situational awareness provided by a robust intrusion detection architecture. With this capability in place, we can conduct an active defense of our networks and react decisively, effectively, and rapidly to possible intrusions.  Only through a combination of these can we hope to stay one step ahead of our adversaries.  

Implicit in the previous discussions is the lack of boundaries in this new realm of electronic warfare.  We know 'thin red lines' do not exist, and the enemy does not have a most likely avenue of approach. Our adversaries are not constrained by traditional boundaries, so they are able to treat the world as a cyber free-fire zone.

We believe that a robust Information Assurance architecture is built upon seven (7) critical elements.  These include:

·       A robust network infrastructure;

·       Enterprise Information Technology Standards;

·       Enterprise Information Technology Policy;

·       Centralized control of Information Technology resource acquisition;

·       System Administrator training and user education;

·       Centralized enterprise network management and configuration control; and,

·       Enterprise Defense-in-Depth Strategy.

I'll address each of these elements briefly.

Network Infrastructure.  At the core of our Information Assurance architecture is a robust network infrastructure.  As noted before, we have been pressing forward aggressively to modernize our bases, posts, and stations.  More needs to be done and once again, we seek your support to continue our modernization investment.

Technology Standards.  Key to implementing and sustaining a robust Information Assurance architecture is the adherence to enterprise information technology standards.  The Corps has a single entity, the Marine Corps Combat Development Command that develops and promulgates internal, as well as external, IT standards.  This includes those standards associated with OSD's Global Information Grid (GIG) and the Department of the Navy's Chief Information Officer's (DON CIO) Information Technology Standards Guideline (ITSG) initiatives.  These standards govern the hardware and software fielded to our warfighters and supporting establishment.  Moreover, these standards cover the spectrum of functionality, from the desktop to the DISN service delivery node.

Policy.  Service-level responsibility for developing and promulgating IT policy is central to the establishment of processes necessary to effect Information Assurance on an enterprise scale.  The Corps has assigned this authority and responsibility to the Assistant Chief of Staff for Command, Control, Communications, Computers and Intelligence (C4I).  Because the Assistant Chief of Staff for C4I both develops policy and has operational control of the MCEN, he has the direct authority to enforce all Information Assurance policies.  This tight coupling ensures the focus on information that is essential to ensuring a secure network.

Centralized Acquisition.  Leveraging the foundation provided by centralized standards and policy development processes, the Marine Corps has centralized its acquisition of all IT resources in a single entity. Routers, servers, switches, and other network-specific resources have been procured centrally since 1992.  At the beginning of this fiscal year, the Marine Corps Systems Command extended this centralization and began procurement of all end-user workstations, software and peripheral devices. By controlling the process that acquires end-user components, we have taken a major step towards strengthening the end-to-end configuration control of our network -- a mandatory function if an enterprise Information Assurance architecture is to be implemented successfully.

Training and Education.  Education and training ensure that policies and practices are understood and exercised.  User education is vital to the protection of our networks and mission critical information. Although our focus has been on protecting the transport mechanism, it is just as important to protect the information that traverses these networks.    This protection starts at the user level.  Regardless of the technology employed, without an educated, disciplined, engaged user community, the security of our networks and information will always be suspect.   In response to this challenge, we have instituted a Corps-wide program where all Marines receive annual training designed to raise their level of awareness and emphasize the critical role they play in this network-centric world.  In the future, we see the user's role becoming ever more important as new technologies, such as Public Key Infrastructure (PKI) / Smart Card, are deployed throughout DoD.  If we fail to leverage our personnel resources at this critical juncture in the development of network functionality, it can only increase the Information Assurance challenges we are certain to face in the future.

Training our information system professionals is critical, too, if we hope to implement a viable Information Assurance architecture in both deployed and garrison environments.  Specifically, the Marine Corps is establishing a new MOS within our enlisted ranks that focuses on information security.  Marines with this Military Occupational Specialty (MOS) will be specifically trained in security policies, plans and procedures, network security measures, network certification, and information system security analysis.

Additionally, mobile training teams, provided by our Network Operations Center (NOC), are immediately dispatched when a new security technology is fielded before the establishment of a formal training pipeline.  Providing 'just-in-time' training in this fashion not only meets our warfighters' operational requirement for security technology and provides a Marine capable of sustaining that technology, it also eliminates the time technicians have to be away from their units at a formal school, thus reducing training and travel costs.  This responds to the dynamics of our changing technology environment. 

Enterprise Network Management.  The Marine Corps exercises centralized operational, technical and configuration control of the 32 bases, posts, and stations that make up the MCEN. As previously stated, the Marine Corps Network Operations Center manages the enterprise network under the direction of the Assistant  Chief of Staff for C4I.  To ensure consistency across the Marine Corps network, the Center uses the same set of standard DoD-compliant software tools for our supporting establishment networks as those employed by our Marines in the field.

Centralized configuration control is reflected in our implementation of a contiguous enterprise IP addressing scheme, a standard network operating system, a single electronic messaging system, a single global directory that is capable of reflecting changes world-wide instantaneously, and a common router operating system.  We are currently implementing an enterprise resource inventory, configuration management and software distribution system.  When completed, the Marine Corps will have 100% visibility of IT resources connected to the enterprise network.  Our focus on the warfighter and commitment to interoperability is further reflected in our acquisition of long haul service solely from the Defense Information Systems Agency (DISA).  This approach to effecting command and control of our networks allowed us to transition 68,000 seats to a new network operating system and electronic messaging system in less than 14 months. 

This network management architecture is the foundation for our enterprise Information Assurance architecture.

Defense in Depth.  We have based our Information Assurance architecture on the 'Defense in Depth' strategy.  This strategy calls for the implementation of 'layers' of protection. 

At the boundary layer, where the MCEN joins the DISN, we are fully covered with firewalls and screening routers.  At each of our bases, posts and stations, we have implemented, and centrally manage, screening routers, firewalls, intrusion detection devices, and virtual private network devices.  Our firewalls and screening routers are the 'locked front door' --keeping out unwanted visitors.  Our intrusion detection devices let us know when someone is trying to break-in – feeding information back to our central enterprise NOC where immediate action can be taken and correlation analysis conducted.  Of note is that each Marine Forces (MARFOR) command element is given a 'feed' of intrusion detection data to provide them situational awareness of the enterprise network that falls within their Area of Responsibility (AOR).  Our most recent initiative, installation of Virtual Private Network (VPN) devices, has created a Marine Corps Intranet that allows non-secure and legacy applications to communicate without jeopardizing the security of the enterprise network. 

We have duplicated this boundary layer security functionality, and along with the network management capability previously addressed, packaged it in "fly-away, " or deployable transit cases, for our Marine Expeditionary Forces (MEFs).  The Deployed Security Interdiction Device (DSID) is currently being fielded, with Full Operational Capability (FOC) targeted for June, 2000.

Three additional layers of defense are encountered as we move deeper into the base, post, or station.  One of these layers calls for implementing security devices that support segregating an organization from other entities on the same network, based on mission requirements. 

The layer below this supports isolation of user groups within an organization -- again, based on mission requirements.  We feel the jury is still out when it comes to answering the question, “How much security is enough?”  We must never forget that the information needs of the warfighter remain preeminent.  We must continuously review our choices when it comes to balancing security against service and performance.  We can never inhibit the flow of information to the warfighters when they are in, or intend to go, in harms-way. 

The final layer encountered focuses on the end-user.  In this area, we have implemented virus-scanning software on all workstations and application servers.  Additionally, we are pressing forward with pilot-site implementations of PKI at Marine Forces Pacific Headquarters and at the Marine Corps Systems Command. 

Our Information Assurance architecture is not a static entity.  It is a living, dynamic body that must have the flexibility to respond to a wide range of attack methodologies, the capacity to withstand a brute force attack, and the resilience to speed reconstitution.  Through the unique combination of centralized network management and the array of security assets described above, we pursue active defense of the MCEN.  The Marine Forces component to the Joint Task Force for Computer Network Defense (JTF-CND) is co-located with our Network Operations Center, and is charged with defending the enterprise network.   This synergistic relationship provides the framework within which active computer network defense is integrated with network management.  In many cases, delay is minimal to non-existent when responding to direction from the JTF-CND.

The Commander of the MARFOR-CND is the Assistant Chief of Staff for C4I.  Combined with his operational control of the enterprise NOC, this gives him direct control of the two organizations responsible for defense of the network.  As such, the Marine Corps is uniquely postured to respond decisively, effectively and in a timely manner to intrusions and network attacks.

 We continue to add to the capabilities of the MARFOR-CND component.  Staffed completely with Marines from our Reserve forces, we have established a Web Risk Assessment Cell.  The mission of this cell is to test the vulnerability of our web-sites.  Through 'virtual drilling,' these reserves check our web-sites for inappropriate content and assess them for vulnerabilities that might leave them open to compromise.   

I am confident that the FY01 budget will further strengthen our Information Assurance architecture.  Related steps that we are undertaking include:

·       Continued implementation of PKI;

·       Stand-up and staffing of an alternate network operations center;

·       Continued expansion of the SIPRNET down to the battalion/squadron;

·       Acquiring more – and dynamically allocating --  bandwidth;

·       Continued integration of Reserves into the NOC and MARFOR-CND;

·       Instituting a quarterly vulnerability assessment program;

·       Implementing host level intrusion detection; and

·       Leveraging the security functionality of biometric technology. 

However, our ability to resource all these initiatives is limited and not fully funded in the current budget.  Your continued support of our infrastructure and modernization efforts will enhance our ability to exploit our information systems to their fullest, knowing that they will be available when needed and the information resources protected from inadvertent or malicious compromise.

Successful implementation of information dominance as envisioned in Joint Vision 2010 is founded on the existence of secure, robust and seamless network connectivity.  If we view the aggregation of our networks as a weapons delivery system, then effective, timely, and decisive command and control is the 'round' that must be fired if we are to succeed on a battlefield governed at the 'speed of thought.'  Our Information Assurance efforts will ensure we can hit the target.

CHALLENGES AND THREATS TO INFORMATION SUPERIORITY

You have heard many of us speak to the changing military environment -- and nowhere is that more apparent than in the information technology arm of the military.  We are faced with a number of challenges and threats.  I would like to present some of the more pressing of these today.

Personnel -- The Key Resource

Our tactical, shore and Information Assurance interests are only successful if we have the right people -- an adequate number of trained, motivated Marines -- in place to operate and maintain our systems.

First and foremost, we must recruit and retain Marines with appropriate skills to install, operate and maintain the technology we are employing.  As you are aware, our Marines with information technology skills are leaving the Corps at a much too rapid rate.   This is true of both our officer and enlisted ranks.  The Corps has always been a source of skilled personnel for the civilian work force. However, the boom in technology has increased the civilian sector demand for skilled IT men and women and has rapidly driven commercial salaries well beyond our competitive range.  The shortage of skilled personnel in selected technical occupational fields leads to increased personnel tempo and the associated quality of life issues. 

 

 

Dynamic Technology Environment 

The rapid evolution and turnover of technology is another challenge we face.  In the past we were able to field a C2 capability with the reasonable expectation that we would be using that solution for ten to fifteen years.  The long life cycle of our systems enabled us to establish a systems configuration baseline, develop sound principles for policy and doctrine, and establish our recruiting and training pipelines.  We no longer have that long life cycle.

Today, technology can change within a budget cycle.  The correct technological solution for today's requirement may require a new approach 24 months from now.  While we are actively implementing acquisition reform initiatives and streamlining our processes, adjusting to the need for such rapid procurement and fielding of systems is truly a challenge we all must face. 

Spectrum Management

Spectrum management continues to be one of the most challenging and least understood issues with which we are confronted.  The global economic benefits derived from the sale of the frequency spectrum are placing major restrictions on the use of what were heretofore exclusive military frequency bands. 

These restrictions have significant readiness impacts.  In some areas of the world, including the United States, we are not permitted to train on the equipment we will use in combat.  In other cases, we cannot develop adequate solutions to our command and control requirements because there is no clear set of internationally approved frequencies for a specific capability.  Yet in other instances, the use of the frequency spectrum is uncontrolled and consequently we are confronted with serious radio frequency interference problems.

Warfighting versus Business

For years now we have loathed the “stovepiped” systems we developed.  They were excessively costly, manpower-intensive and inefficient.  We are rapidly moving away from this approach.  While I certainly don’t endorse going back to stovepipes, we need a thorough understanding of the consequences of going to a network-centric world where all our IT services and command and control systems, including secure voice, video and data, ride over a single path to the  warfighter or the desktop.  While this may be efficient from a business perspective, it doesn't always make sense from a warfighting perspective.  We must be careful not to confuse efficiency with effectiveness, nor can we afford the single points of failure inherent in many commercial solutions.

A clear distinction needs to be made between business and warfighting.  While some principles apply to both, they are different in key areas.  As you all recognize, warfighting is not clean nor neat; and one need only look at recent events in Grozny for evidence of this.

Underestimating the Threat

We must acknowledge that our potential foes are learned and thinking adversaries -- not some benign, static entity.  In a warfighting context, for most of the leaps we have taken in command and control systems technology, there is a small, relatively inexpensive, yet effective countermeasure to that technology. Our potential adversaries recognize this -- it is the asymmetric threat with which we must be concerned. 

For example, a multi-million dollar wireless network could be rendered irrelevant by the use of a very inexpensive, hard to detect expendable radio frequency jammer.  Disruption of the electromagnetic spectrum and network attack are a major Information Superiority concern for Marines.

Computer network attack has the potential to be the poor regime's asymmetric counter for our Information Superiority thrust. It requires very little in the way of resources; can be launched from virtually anywhere in the world; and has the potential to mask the originator.  It is recognized globally as a force multiplier.   Over two years ago as the Director for Command, Control and Communications for the U.S. Pacific Command, I hosted a conference of several Pacific Rim nations to discuss areas of mutual interest.

The one topic that was on every nation's agenda was that of Information Operations.  Even the least developed nations had interest in this item and were highly conversant on the topic.  They had studied the topic extensively through the Internet, and while many nations didn't have the depth and breadth of computer expertise, they all had a cadre of experts.  This area of warfare and study is quickly expanding and is receiving serious foreign military thought as evidenced by the article Unrestricted Warfare written by two People's Liberation Army (PLA) colonels in the People's Daily.  

The article highlights how real Information Warfare is -- and how seriously many nations are taking it.  The authors advocate planning for Internet insurgency, manipulating a stock market crash, a computer virus attack, destabilizing exchange rates, and spreading rumors on the Internet as part of unrestricted warfare.  

SUMMARY – MEETING THE CHALLENGE

We have just successfully overcome perhaps the most significant challenge we have faced since the dawn of the information age.  The Y2K Challenge taught us many lessons, as well as taught us more about our systems than we previously knew.  How we develop and deploy systems and the extent of the commander's dependence on IT has never been as clearly defined as it is today -- thanks to our Y2K experience.  The fact that we transited the millennium rollover without a single operational impact attests to the degree that we learned our lessons and applied the proper tool to our benefit.  Our challenge now is to focus this same attention to the issues I have just addressed to achieve our goals in attaining and sustaining Information Superiority to support Operational Maneuver from the Sea. 

Your support has allowed us to provide a very effective command and control capability.  I am convinced that today we have Information Superiority over any challenger and are focused on the Information Assurance elements that will maintain this lead.  But with technology changing rapidly, we cannot become complacent.  As technology changes, we must change as well.

Given the combination of dynamic changes in technology, the increased complexity of the systems we are fielding, and the loss of technically skilled Marines, it is clear that we are facing a significant challenge. 

We must address this challenge, and it is my belief that our Fiscal Year 2001 budget submission is on target.  We can use your continued help with our investments in both tactical systems and base infrastructure.  This will allow us to develop the capability needed to provide Information Superiority to “America's 911 Force.”