Six Questions With the Pentagon’s New Principal Deputy CIO

 In Intelligence, Defense, Information

WASHINGTON — Across the U.S. Department of Defense, dig­i­tal mod­ern­iza­tion is a sig­nif­i­cant pri­or­i­ty. The depart­ment is moving to the cloud and trying to har­ness emerg­ing tech­nolo­gies to sup­port the war fight­er.

John Sherman, the new prin­ci­pal deputy chief infor­ma­tion offi­cer at the Pentagon, is four months into his new job after leav­ing his last posi­tion as the CIO of the intel­li­gence com­mu­ni­ty, where he led major cloud and dig­i­tal mod­ern­iza­tion ini­tia­tives. Sherman joined the department’s chief infor­ma­tion offi­cer in June after the retirement of his predecessor Essye Miller and serves under DoD CIO Dana Deasy.

Sherman broke down silos across the IC and expand­ed the use of cloud ser­vices — two areas the DoD is also work­ing to improve to able joint war fight­ing. Sherman recent­ly spoke with C4ISRNET about his first four months and what lessons he brings from the IC to the DoD.

This tran­script has been edited for clar­i­ty and brevi­ty.

C4ISRNET: You’ve been in this job for about four months. What have you been work­ing on?

JOHN SHERMAN: What is going on here in terms of cloud mod­ern­iza­tion, cyber­se­cu­ri­ty, C3, AI and data is noth­ing short of amaz­ing as far as I’m con­cerned. And this does track in many ways, but at much larger scale, [with] what I did in the intel­li­gence com­mu­ni­ty as the chief infor­ma­tion offi­cer over there. For exam­ple, in terms of cloud com­put­ing and soft­ware devel­op­ment on that front, with what’s going on with cloud here. Moving out at much larger scale, though, of course.

As we really put our shoul­der into the National Defense Strategy and make sure we’re able to deal with that threat envi­ron­ment, the cyber­se­cu­ri­ty steps that are being taken here are very much in line with what we were doing on the IC side. The AI area with the Joint Artificial Intelligence Center, or the JAIC, .… And I’ve worked with the JAIC from [the] IC side, but coming over here to be even more direct­ly involved with them has been a real priv­i­lege and learn­ing about what they’re doing on their national mission initiatives.

C4ISRNET: Is there any­thing else in your port­fo­lio you’re excit­ed about?

#nl-modal-dialog{ – header-text-color:#D2232A}

SHERMAN: One other area I’ve been very focused on is the Fourth Estate, or the defense agen­cies and field activ­i­ties (DAFAs). There’s 28 of them. I dealt with the four in the IC very close­ly, but the other 24, Defense Logistics, Defense Threat Reduction Agency, Missile Defense Agency … [I’m] their rep­re­sen­ta­tive and work­ing with them as both their advo­cate and inter­locu­tor, with their DAFA CIOs, the DAFA direc­tors.

Now a lot of great work had been done before on IT reform, Fourth Estate net­work opti­miza­tion, cyber­se­cu­ri­ty. On that IT reform, I want to give Ms. Danielle Metz, the prin­ci­pal direc­tor for enter­prise envi­ron­ment, a major shout out so I was build­ing on the great momen­tum they have. But I have stood up a DAFA CIO forum … where we talk about issues of mutual con­cern among the DAFAs, work­ing across and also look­ing at met­rics on which we’re hold­ing them account­able. But that’s an area I’m very excit­ed that Dana’s asked me to lead.

C4ISRNET: The DoD is making a major cloud push and has had a bit of trou­ble procur­ing two major cloud con­tracts. What did you learn in that area during your time as IC CIO?

SHERMAN: Moving to a cloud enter­prise is not just a tech­ni­cal ques­tion. It’s a ques­tion of cul­ture, making sure people think cloud first. As they do things like soft­ware devel­op­ment and DevSecOps, not just fork­lift­ing capa­bil­i­ties to the cloud, but really focus­ing on cloud native approach­es. That’s one big area and this is a major par­a­digm shift for agen­cies and enter­pris­es to get their head around.

Also moving from a cap­i­tal expen­di­ture to an oper­a­tions expen­di­ture, or a CapEx to an OpEx model. Of course, CapEx, is where you’re paying for the infra­struc­ture, the heat­ing, the cool­ing, the real estate, all that, where­as oper­a­tions expen­di­ture or OpEx, is where you’re just paying for the on demand, com­pute that you need. Much more focused, and, dare I say, effi­cient. But it takes some time to get our head around this for how do we budget for that? And how do you con­tract for that? So that was a major shift there.

And then also on cyber­se­cu­ri­ty, get­ting our cyber­se­cu­ri­ty pro­fes­sion­als in the IC to get their head around that a cloud envi­ron­ment is actu­al­ly, in many cases, most cases, I would argue, much more secure than a legacy archi­tec­ture.

C4ISRNET: The DoD is expect­ed to release its data strat­e­gy later this year with data for joint warfight­ing as the top pri­or­i­ty. The ser­vices are also making a push on Joint All-Domain Command and Control. What steps does the DoD need to take on data to enable JADC2 and joint warfight­ing?

SHERMAN: We must be even more for­ward lean­ing in this area. So that’s what JADC2 or the joint war fight­ing is about is to be able to have our bat­tle­field oper­a­tional com­man­ders have every bit of knowl­edge they need that’s most com­plete, most timely, and most inter­con­nect­ed and inter­op­er­a­ble that they need at that point in the bat­tle­space.

So how do you make that happen? What does the CIO do about this? Data is prob­a­bly the most impor­tant foun­da­tion of this. The data at the point of use, the point of need. When I say data, not only from U.S. pro­duc­ers, but our coali­tion allies, the intel­li­gence com­mu­ni­ty at the proper clas­si­fi­ca­tion levels that are needed in a way that is dis­cov­er­able, tagged, iden­ti­ty cre­den­tial access man­age­ment, or ICAM is crit­i­cal to under­gird­ing this, things like APIs and inter­faces are going to be crit­i­cal to get­ting this. But it comes down to get­ting the data in order to do this.

C4ISRNET: Where does arti­fi­cial intel­li­gence fit into this?

SHERMAN: Part of this as well would be arti­fi­cial intel­li­gence, what the JAIC is work­ing on. As we move through mas­sive and mas­sive, ever-increas­ing amounts of data for intel­li­gence, sur­veil­lance, and recon­nais­sance and other types of data, you’re going to have to be able to sense-make at speeds of mis­sion that far more quick­ly than we have his­tor­i­cal­ly. And the JAIC is work­ing on those areas.

So that’s anoth­er crit­i­cal piece of this is to free up the human minds to be able to focus on those key deci­sions they have to make in the bat­tle­space to be able to get through areas of joint warfight­ing, and joint oper­a­tion cen­ters, and so on, which is actu­al­ly one of the mis­sion ini­tia­tives.

C4ISRNET: One of the things you had to do as CIO of the intel­li­gence com­mu­ni­ty was break down silos between all the 17 intel­li­gence agen­cies. How do you apply those lessons to the ser­vices?

SHERMAN: Leadership, plain and simple. Leadership. You need gov­er­nance, you need struc­ture. I found, back to my IC expe­ri­ence, this isn’t mali­cious or hoard­ing. I can go back to when I was an ana­lyt­i­cal man­ag­er in the intel­li­gence com­mu­ni­ty, and there would be times I would stum­ble over an ana­lyst who would have a lot of data on a key issue and the indi­vid­ual wasn’t trying to keep it out of the net­works and so on. They just didn’t know that they needed to sur­face it and I think if you ampli­fy that all across a large enter­prise, that starts to add up. As the con­gress­man or who­ev­er said kind of in a metaphor­i­cal way, ‘a mil­lion here, a mil­lion there, you’re talk­ing real money.’

Well think about a pocket of data here, a pocket of data there, sud­den­ly you’re talk­ing about a lot of data that deci­sion maker needs. So it comes down to lead­er­ship and engage­ment, having a strat­e­gy, and I men­tioned the data strat­e­gy and gov­er­nance. So [DoD CDO] Dave Spirk has stood up at CDO Council, and has strong buy-in on this. And that was some­thing we saw on the IC side, too, to have a CDO … who really put their shoul­der into this, and a lot of this is wear­ing out shoe leather. Building the net­works, trust build­ing with the data stew­ards — notice how we don’t say data owners any­more — the stew­ards of the data, to make sure that they can trust you as to what you’re going to do with that data and to under­stand where that’s gonna go into.

There are tech­ni­cal, where are you going to store the data, how you’re going to com­pute. But in my expe­ri­ence, a lot of it is pure lead­er­ship, and doing those struc­tur­al sort of things to make sure you can sur­face it in a timely and effi­cient way.

C4ISRNET source|articles

Recommended Posts

Start typing and press Enter to search