Outgoing DOD CIO says agility is key
Terry Halvorsen is stepping down as DOD CIO at the end of February. He says the department must push ahead with cyber and IT reforms with an emphasis on developing greater agility.
Terry Halvorsen is stepping down as DOD CIO at the end of February, and he says the department must push ahead with cyber and IT reforms with an emphasis on developing greater agility.
The outgoing CIO of the Department of Defense says the Pentagon is making progress on achieving Joint Information Environment goals, but technological change continues to outpace the ability to reform procurement and tech deployment.
Terry Halvorson will finish his 37-year government career on Feb. 28, but he expects continuity on the work being done at the CIO level under the next administration. At a press roundtable, Halvorsen said that other than his departure, the CIO team is staying in place as of now, with Dr. John Zangardi, DOD's principal deputy CIO, stepping up as acting CIO.
"I think strategically we'll see everything that we're doing continue," said Halvorsen. "Our dialogue with the transition team [and] everybody else seems to be that we are on the right track...the emphasis on mission effectiveness and efficiency will continue.
"Changing and getting more agile and relying more and more on our commercial capabilities, all of those things will continue," he said.
He briefed reporters on key initiatives, including the transition to Joint Regional Security Stacks. JRSS is a security suite of firewalls, intrusion detection, enterprise management and virtual routing capabilities that will replace locally based network security systems.
Halvorsen said the technology is commercially proven and effective, and is offering better cybersecurity than existing systems, but training users is the chokepoint that is slowing transition.
"That will be an ongoing problem for DOD," he said in large part because of the regular turnover of DOD personnel.
Halvorsen also said the DOD is making progress on the transition to Windows 10 and on the Mission Partner Environment, which is essentially a secure international cloud system for allies to plug into for coalition missions.
Where Halvorsen said the DOD is lagging -- and put much of the blame on himself -- is the closure of data centers. That process took a significant step forward last fall with the creation of the first data center consolidation team, which recently wrapped up its site visit to Charleston, S.C.
He hopes the closure and consolidation process will speed up, and he applauded Army Secretary Eric Fanning's December directive to accelerate efforts to close its data centers.
"Any time you get the senior leadership of any of the services involved, I think that is a really good thing," he said.
Halvorsen added that the effort to replace the common access card has entered a new phase with pilot programs underway testing new technologies with significant assistance from the Defense Innovation Unit Experimental.
"We're getting better and better, I think, understanding what the combination of answers will be," to replacing the CAC, he stated. The replacement will most likely combine biometrics and behavioral metrics with some amount of detailed data only the individual user would know.
Halvorsen stated that he is shooting for roughly 10 different security factors, five of which would randomly be used at a given time for a user to log in -- the random selection is designed to throw off would be intruders. The challenge, he said, is to add the security measures with the least amount of burden to the user.
The outgoing CIO also praised the clause in the 2017 National Defense Authorization Act that maintains the CIO and deputy chief management officer as separate positions.
"[In] industry and other government sectors, it is about strengthening the role of the CIO," he said. "I think we need to continue to look at what that means at DOD. We are a bit unique at DOD, the CIO here is the guidance for the services and agencies and we do have more enterprise authority then we did in the past -- I think there's a balance here.
"A lot of people will tell you, 'well you should just go to a single enterprise CIO.' I'm not there yet, mostly because of speed," he added. He said service level CIOs and operational IT controllers often have a better picture of what's happening on the ground and are positioned to make more effective decisions than an official sitting in the Pentagon. Halvorsen has looked at this issue from both perspectives throughout his career, as Navy CIO and in the top IT job in the Pentagon.
Halvorsen stated DOD should have centralized policies and certain enterprise functions.
"Right now we have kind of two big enterprise systems, we ought to get to one and that is part of the plan," he stated. "We ought to have some standard business capabilities that also will spill into the operational world -- things like Skype-like or other technologies… all the things that I think people would want in any big corporation.