Navy begins 500-day IT campaign

When Robert Carey, the Navy’s chief information officer, discusses information technology, he doesn’t speak from an ivory tower perspective. He spent eight months in Iraq, where he served as a reservist with a naval construction regiment from July 2006 to March. That experience gave him a front-row seat to observe the use of IT in a war zone.   Now the Navy has released a battlefield-informed campaign plan document that details the service’s major IT plans for the next 500 days. “The campaign plan was born out of my time spent in Iraq, which has given me a greater sense of urgency to do what makes sense right now to help the warfighter,” Carey said.  In addition to the campaign plan, which lists seven major objectives and multiple tactics, the Navy earlier released its Information Management/IT Strategic Plan for fiscal 2008 and 2009. That plan describes information management and technology goals for the entire Navy Department and performance indicators that the Navy will use to measure how well it is meeting those goals. “The strategic plan ensures that the entire department is aligned from the secretary of the Navy down to the deck-plate sailor,” Carey said. “The campaign plan is tactical, whereas the strategic plan is visionary.”The campaign plan’s primary objective is securing the Navy’s IT infrastructure.Since January 2006, the Navy has experienced more than 100 incidents involving the loss of personally identifiable information. Information about more than 200,000 military employees was potentially at risk because of those incidents.  IT vulnerabilities can be attractive targets for adversaries unable to overcome the United States’ weapons superiority, said Ivan Eland, a former principal defense analyst at the Congressional Budget Office. He is now a senior fellow at the Independent Institute.    “In some cases, rogue states, potential peer competitors like China and terrorists could develop asymmetric means of targeting IT systems,” Eland said. “They do this because they can’t build better weapons than the U.S.” Because of that threat, the Navy lists protecting personal information as the No. 2 objective in its campaign plan. Navy officials hope to reduce personal data breaches by 90 percent by fiscal 2009. The Navy has begun addressing the problem by increasing its use of identity management tools, including biometric thumb drives and Common Access Cards.  “U.S. systems are usually improving faster than the threats” are proliferating, Eland said. In its Information Management/IT Strategic Plan, the Navy set six primary goals. The top three are establishing a global network-centric information infrastructure, defending it from attack and maximizing its efficiency.“While IT can be a strength, it can also be a vulnerability, especially in an economy that is increasingly dependent on IT connectivity,” said Navy Secretary Donald Winter in a statement accompanying the strategic plan.  In working toward the first goal of establishing a global net-centric infrastructure, the Navy aims for a seamless transition from the Navy Marine Corps Intranet to the Next Generation Enterprise Network (NGEN), the document states. It emphasizes building a naval networking environment in which data and services are available to all warfighters and those who support them. Navy officials said they will begin moving to NGEN Oct. 1, 2010. The service already has begun formulating its NGEN requirements.