22 May 2015

DISA Director LtGen Ronnie Hawkins takes a last look ahead


Barry Rosenberg, Editor 
May 19, 2015 


Lt Gen Ronnie Hawkins, Jr., is the director of the Defense Information Systems Agency (DISA), a job he has held since early 2012. He said 2015 will be his last year on the job, and in written responses to questions from C4ISR & Networks Editor Barry Rosenberg, he discusses cloud, cyber, the agency's reorganization, as well as his legacy as DISA director.

With support of the war fighter a given, what's at the top of your to-do list?

HAWKINS: Enabling mobility in its many forms is always at the top of DISA's to-do list. We have made great progress in establishing mobility for DoD, and we still have a lot to do. DISA's top priority when it comes to secure mobile technology is producing enterprise capabilities that the entire DoD, as well as other federal agencies, can leverage.

DISA is focused on enabling the secure and effective use of commercial mobile technologies that encompass all DoD missions and support any environment — from tactical support for the front-line war fighter to maintenance on the flight line to business operations in an office, or individual telework, or continuity of operations best practices. It is essential that we secure not only the device, but the data that device uses.

The other area at the top of my to-do list is defensive cyberspace operations. With the establishment of the Joint Force Headquarters-DoD Information Networks, we have taken on a new operational role in securing the DoD Information Network [DODIN] through defensive cyberspace operations.

DISA's role has changed a good bit in the past year, especially when it comes to cloud. How do you see DISA's role continuing to evolve? What new/different future roles do you see for the agency?

HAWKINS: Our role continues to be to assure secure implementation of cloud capabilities for DoD. To that end, we developed the Cloud Security Requirements Guide. We incorporated significant input from industry to be certain that the Cloud Security Requirements Guide is workable, precise in language and creates the environment through which DoD can take advantage of the cloud capabilities that industry brings to the table, in order to save money and be more efficient and effective in providing IT capability and capacity.

DISA [recently] granted a Department of Defense provisional authorization to 23 cloud service offerings to host DoD mission data up to Impact Level 2 in a cloud environment. Our DoD mission owners can leverage the DoD provisional authorization to grant an authority to operate for the acquisition and use of the cloud service offering at the defined impact level.

A major part of our role in assuring secure implementation of cloud capabilities for DoD is providing the Cloud Access Point [CAP]. The DoD CAP is a system of network boundary protection and monitoring devices, otherwise known as an IA stack, through which [cloud service provider] CSP infrastructure will connect to a DODIN service; the Non-secure Internet Protocol Router Network, or Secret Internet Protocol Router Network. In general, the CAP will:

Protect the DODIN and its network services. 
Protect other DoD missions from incidents that affect a particular CSP's supported missions. 
Provide perimeter defenses and sensing for applications hosted in the commercial cloud service. 
Provide a point at which boundary computer network defense sensing will occur. 

The other major change for DISA is the stand-up of Joint Force Headquarters-DoD Information Networks [JFHQ-DODIN]. The agency is essential to the establishment of JFHQ-DODIN, and the manning comes from the DISA staff. I am the DISA director and the commander, JFHQ-DODIN.

Creation of the JFHQ-DODIN puts the command and control of our defensive cyberspace operations under the authority of one commander. JFHQ-DODIN has the appropriate authorities within a defined larger C2 framework to effectively exercise command and control across the full scope of the DODIN to ensure we can secure, operate and defend DoD information networks.

That provides us command and control and visibility all the way through the DODIN to be able to understand what is going on, what it is that we need to do, how we need to maneuver, how we need to operate in a concerted effort [in order] to operate the DODIN like a weapon system.

How have DISA's collaborations with other agencies/organizations changed or evolved? How do you, as the leader of the agency, ensure cross-agency collaborations are successful?

HAWKINS: One of the major goals of our recent reorganization is to ensure we are focused on the needs of the commands, services, agencies and organizations that we support.

The new organization of DISA includes the Development and Business Center, which is primarily focused on understanding the capabilities that our mission partners require, assessing those requirements, and determining the way ahead for obtaining those capabilities, and developing those capabilities to implement at the enterprise level.

The heart of the collaboration portion of that effort is within our Development and Business Center in an organization called the Mission Partner Engagement Office, which is specifically designed to incorporate mission partner requirements into our business process. We assess the requirements using a business case analysis process and examine the capability for deployment across DoD.

What kind of benefits are you seeing from the recent reorganization? What benefits might continue to come from the reorg in the future?

HAWKINS: Along with an enhanced focus on mission partner requirements, we are seeking to be more agile and dynamic in achieving IT efficiencies on behalf of the Department of Defense. That caused us to rethink the way we were organized and build the new organization in a way that facilitates agility and rapid integration of emerging technologies into the DODIN. If you look at what we call the left side and right side, the Development and Business Center and the Implementation and Sustainment Center, you can see right away how much more integrated and forward-thinking our structure has become.

Consolidating the assessment and development processes in the Development and Business Center creates synergy in the development of new capabilities and applies a business model to ensure we are developing capabilities our customers want at the best value.

Concurrently and just as importantly, the Implementation and Sustainment Center takes responsibility for integrating the newly developed capabilities across the Department of Defense, so that we maximize the benefits as well as providing the long-term sustainment and support for capabilities that either already exist or have passed the development phase.

What are the key things that need to go right in the coming months to keep JIE on track?

HAWKINS: The key first step to the Joint Information Environment is the implementation of the Joint Regional Security Stacks. In the next few months, we expect to complete the main JRSS capabilities with the full capability deployed by the end of fiscal year '17.

In September 2014, Joint Base San Antonio became the first of what is projected to be more than 20 geographic locations to host unclassified JRSS equipment.

By the end of this fiscal year, we will have activated JRSS in Alabama and Oklahoma, plus two CONUS regions, Europe and Southwest Asia. Additionally, 25 SIPRNET JRSS sites will be implemented into the same locations over the next year. DISA and our mission partners will complete the NIPR and SIPR JRSS rollout in FY16.

JRSS includes failover, diversity and elimination of failure points in cybersecurity capability as a means to assure timely delivery of critical information to war fighters around the globe. Implementation of JRSS reduces the number of access points to the DoD network, minimizing exposure to potential threats and providing highly secure and better monitored and controlled access points.

Network operators and defenders will be able to use the sensors within JRSS to see through the entire network with better fidelity, providing better, more precise and timely information about what's happening on the network so responsive action can be taken when there is an anomaly in traffic. In the long run, JRSS makes the DoD network more robust, secure and defendable and therefore more reliable.

What do you think are your major accomplishments while at DISA? What do you want your legacy as DISA director to be?

HAWKINS: The accomplishments DISA achieved in the past three years are not my accomplishments; they are the accomplishments of the many men and women, both military and civilian, who make up the DISA workforce worldwide. Together we have achieved much, including the important ongoing work we are doing in collaboration, cloud, cybersecurity, and command and control. We have reached major milestones in mobility, virtualization, spectrum, implementation of the Joint Information Environment, and the establishment of JFHQ-DODIN, just to name a few.

I hope my legacy is that I leave DISA better off than when I came. I believe we are better, more agile and more customer- and business-oriented. We are focused with laser-like intensity on cybersecurity and defensive cyberspace operations. No other workforce in the Department of Defense is better postured to deliver cyberspace sovereignty effects across the entire cyber battlespace continuum, from peace to conflict, than the men and women of the Defense Information Systems Agency.

What are your thoughts on how successful the DoD will be going forward to prevent that cyber Pearl Harbor?

HAWKINS: It's very difficult to predict what form cyberspace attacks will take. Will there ever be a major surprise attack that you would consider the cyberspace parallel to Pearl Harbor? Or will there be smaller, more insidious attacks that could cause long-term damage to our security as a nation?

At DISA we are focused every day, in every way, on defensive cyberspace operations and Defensive Cyberspace Operations-Internal Defensive Measures. We are evolving the capacity and capabilities to meet and exceed the challenges of today's dynamic cyber battlespace.

One of the biggest challenges we face is in recruiting and training a workforce with the ability to meet the threats in cyberspace head on. To that end, at DISA we have developed a training and assessment program that supports the DoD Cyberspace Workforce Framework, which defines seven categories, 32 specialties and 55 unique cyberspace roles that are performed within DISA.

In order to increase skill of our cyberspace professionals, each work role will have a defined set of required knowledge, skills and abilities for each proficiency level (entry, intermediate, and advanced). DISA will establish a training plan and supporting curriculum for each work role and proficiency level.

The agency is also in the process of developing cyber training assessments. These assessments will be used to increase competency in the cyber domain. This will provide a means to measure DISA's cyber readiness. All of the content developed for the DISA Cyber Workforce will also be made available across DoD for the military services and components, avoiding duplication of effort and reducing costs.

Where should industry be putting its efforts regarding development of technologies/capabilities to secure networks?

HAWKINS: Technology is developed at such a fast pace that we need industry to be our strategic partner. That's especially true in the area of adoption of new technologies.

We need our industry partners to invest in providing technology that is ready to implement. It's great to point out new technologies to us, but more importantly we need them to help us to implement the new capabilities. That's the challenging part. Being our partners in implementation of new technology will mean we can keep pace with changing technology and keep ahead of cybersecurity threats at the same time.

We are constantly searching for technological advancements that enhance our ability to provide services to DoD in all our priority areas: collaboration, cybersecurity, cloud, and command and control.■

No comments: