Dave DeVries is the deputy chief information officer for Joint Information Enterprise at the Defense Department. After serving in the Army for nearly 30 years, leading the creation of enterprise information sharing and IT capabilities to the Army leadership, DeVries joined DOD in 2009.
He has been involved in multiple working groups, focused on realizing secretary of defense IT efficiencies. DeVries has also been involved in forging a path for a joint DOD-Veterans Affairs Electronic Health Record capability and establishing key enabling capabilities to achieve the DOD Information Technology Enterprise.
DeVries spoke to WashingtonExec about his role at DOD, how the Mobile Device Strategy helps alleviate network challenges, security concerns, big data and the department’s IT priorities.
How has your military service/experience tied into your current role as DoD’s Deputy CIO?
Serving in the Army for nearly 30 years has allowed me to build a “ground-up” view of the Department of Defense, which has proven especially helpful in my current capacity. Each of the military services by themselves are huge enterprises, so the decisions and policies made at the top have a profound effect throughout the organization, and sometimes permeate in ways you didn’t anticipate.
What are DOD’s top IT priorities for this year?
We want to ensure that Command & Control maintains full funding to support secure mobile communications. We intend to continue efforts within the Joint Information Environment, in terms of data center consolidation and fostering more contracts that fit the recent mold of the joint enterprise licensing agreement with Microsoft. This effort translated into tens of millions of dollars in savings.
Cyber defense remains a priority, and we’re advocating an “all hands on deck” approach through a robust and rapidly growing public-private partnership with the Defense Industrial Base expanding the DIB Cyber Security/Information Assurance program from 34 to 65 companies. Our mobility efforts have yielded a defensewide Mobility Strategy & Implementation Plan, which we plan on following through on. Finally, endeavors in spectrum are forging remarkable collaborative outcomes allowing us to share this critical resource with the private sector and other federal partners.
What challenges do you face most often in securing networks and how does the DOD Mobile Device Strategy and the CIO’s 10-Point Plan for IT Modernization alleviate this?
Our networks are under constant cyberattack, but we cannot afford to let these attacks adversely impact or degrade our networks as our global warfighter workforce requires unfettered 24/7 access to our information systems, resources and data. Our overall IT Enterprise Strategy and Roadmap Plan set strategic goals and were developed in concert with federal initiatives (e.g. Federal Digital Strategy), while achieving the goals of improving mission effectiveness, increasing overall cyber security and realizing efficiencies. The DOD Mobile Device Strategy and the 10-point plan provide greater guidance and clarity in achieving these goals. DOD, like many large organizations, is challenged with shrinking budgets while the speed of technology continues to accelerate. The department must continue to modernize our IT infrastructure in order to meet the challenges of the current threat environment while preparing for the future.
What kind of initiatives can the government roll out to complement the Mobile Device Strategy?
The DOD Commercial Mobile Device Implementation Plan executes the goals of the Mobile Device Strategy by establishing a framework to advance and evolve the DOD information enterprise infrastructure to support mobile devices, institute mobile device policies, and promote the development and use of mobile applications. A key objective in the implementation plan is to establish a program office for procurement and operation of enterprise-level mobile device management capabilities and mobility services.
One goal in the Mobile Device Strategy is to institute mobile device policies and standards. What is the timeline on this?
This is very active area with all the major players updating mobile security policies and standards. For example: NIST is updating SP 800-53v4 (Recommended Security Controls for Federal Information Systems and Organizations) and 800-157 (Derived Credentials). DoD is modifying DoD Instructions 8500 Information Assurance (IA) Implementation and 8100 (Use of Commercial Wireless Devices, Services and Technologies) to the NIST’s Risk Management Framework objectives.
In addition, DOD is working with the Federal Digital Strategy to develop a government-wide mobile and wireless security baseline. All of these products have different timelines, but the general goal is to have the policies published by May 2013.
How does big data affect defense missions, versus a business or other government enterprise?
The main difference is too much information and too little time to analyze it in situations where lives, not profits, are at stake. The department is deploying UAVs and other sensor platforms at an increasing rate. In addition, our new sensors are collecting a tremendous amount of information. For example, DARPA is developing a new airborne sensor that produces 1.8 billion pixels per frame at 12 frames per second. This single sensor can produce more than a petabyte of data per day.
Our emerging big data capabilities are focusing efforts at what data to keep, how long, and then how to execute business intelligence on the data. But, storing the large volumes and variety of information that we’re now able to collect is just the start. The value is only realized when commanders are able to effectively utilize all this information to support their mission. Big Data tools enable us to move from traditional decision support applications to predictive analysis and complex event processing, giving commanders greater insight into the battle space and its emerging threats.
What is your biggest security concern when it comes to defense IT enterprise?
In addition to the daily occurrences of attempts to gain access to information and systems on the DOD networks, an acknowledged concern is the inappropriate use or loss of information within the DOD networks, categorized today as insider threat. There is a federal-level interagency task force actively addressing this issue. The National Counterintelligence Executive, Mr. Robert Bryant, recently noted that, “Insider threats remain the top counterintelligence challenge to our community.”
How does DOD currently deal with big data, and what are some ways to improve?
Most of the department’s use of big data is happening within the defense intelligence components, but interest in the capabilities is increasing within other areas. To this point, defense organizations have been developing big data capabilities to meet their specific missing need and specific type of data.
Moving forward, I believe that we need to put in place a more strategic approach to establishing big data capabilities for the defense enterprise. While individual organizations can benefit from their own implementations, greater benefit will be realized by establishing a fully integrated and synchronized big data infrastructure across our DOD networks.
After all, the value that can come from big data analytics increases as more and more data can be accessed and analyzed within the particular big data environment. As we move forward, we need to incorporate to big data capabilities that support multiple types of missions and incorporate data from a wide range of sensors and collectors.
With so much talk about budget issues and cutting military spending, how should DOD prioritize big data management?
Not only are big data implementation complex and expensive, but there’s a tremendous shortage of people with the skill set necessary to develop the complex analytics and end user visualizations that are necessary for decision-makers to effectively leverage the data being collected. This creates a huge challenge in an environment of decreasing military spending.
So we’re caught in a situation where we’re deploying more and more sensors that are able to collect more and more information, but at the same time, we’re limited in our ability to effectively store and process this information. We need to be able to balance our investment in new sensors with our investment in the information processing infrastructure needed to leverage these new platforms. We will continue to work cooperatively across the department to leverage existing and emerging capabilities.
What do you see as the next big IT innovation for the 21st-century workforce?
High-functioning, affordable and resilient tablet computing devices, combined with secure cloud computing services can revolutionize the workforce of the 21st century. These devices further expand the potential for WHERE, WHEN and HOW we work, as well as WHO we work with. Affordability and security will be key, in order to broadly push devices (either business or personally-owned) and mobile applications to all component personnel, whether at home, or abroad, and to enable the future workforce engaged at academic institutions. Affordability is also important due to the rapid pace of technology innovation (Forrester estimates that the majority of tablets will be retired within three years of original purchase).
