Lt. Gen. Ronnie Hawkins Jr. addresses DISA's full plate of enterprise initiatives
The Defense Information Systems Agency director discusses enterprise services, encryption for mobile devices and new communications challenges coming from China and Asia.
Air Force Lt. Gen. Ronnie Hawkins Jr. is director of the Defense Information Systems Agency (DISA), a job he assumed in January. Previously he spent about six months as deputy director of C4 at the Joint Staff. Before that he was DISA vice director for just under two years, where he worked closely with the Army on the plan for the services e-mail migration to DISA systems.
He spoke with Defense Systems Editor-in-Chief Barry Rosenberg about enterprise services, security and encryption for mobile devices, and new communications challenges coming from China and Asia.
DS: After a number of stops and starts related to migration of Army e-mail accounts to DISA systems, it appears that you’ve cleared most of the congressional and other hurdles related to the project. What would you say are some of the lessons learned?
Hawkins: The biggest lesson learned continues to be to make sure that we have what would be called the pristine environment when we migrate a user. And what that usually entails is making sure that the user has done their part to get ready for the migration.
I happen to have just migrated over to enterprise e-mail myself, and it was incumbent upon me to make sure that my e-mail box, which typically runs rather high in volume, was a certain size.
What we have found is that the migration runs incredibly smooth when we go into a post or location where people have done the preliminary work. The counter to that is we run into problems when the preliminary work is not done.
DS: Army CIO LTG Susan Lawrence has said that the network is “dirty” and needs to be cleaned up. Is that part of what you’re talking about, or is it strictly an issue related to e-mail boxes?
Hawkins: That’s not related to the migrations, but they are complementary to each other.
Mine is more process and procedure [oriented]. What LTG Lawrence is talking about is—and I am not throwing stones at the Army because everybody is in this boat, for the most part—the spaghetti network…firewalls behind firewalls, and routers, switches and hubs behind routers, switches and hubs. We’re cleaning that up.
DS: With DISA managing enterprise e-mail for the Army and other military organizations, I’m wondering if DISA is also interested taking over their desktop support, as well. Is that in the back of your mind?
Hawkins: It’s in the back of our mind, but in all actuality we have got to work what’s on our plate right now: enterprise e-mail, enterprise services and the enterprise catalog that we have. Those are the areas that we are working right now. The truth of the matter is that the boundaries that are there from an earlier age of networking are dissolving, for all intents and purposes. But as we get there and start looking at who manages the desktop, that is an area we have got to still work with all of our mission partners on.
DS: Staying on the subject of enterprise e-mail, the other services like the Navy and Air Force are watching the process, but are still keeping it at arm’s length. They don’t necessarily think they have to follow the Army’s route in developing a single identity by partnering with DISA on enterprise e-mail.
Hawkins: In talking with senior officers within the other services, as well as within the Army, yes, they are taking a wait-and-see attitude. However, everybody is also lining up and saying that they are ready to move when it’s time. And, in all actuality, that’s goodness for us. We can’t take everybody at the same time. As we synchronize our efforts, I believe you will find the Air Force, Navy and Marine Corps moving over to enterprise e-mail as we improve the capability and increase the number of people we have on it.
DS: How has the introduction of smart phones changed the way you think about encryption and different levels of security such as the need for Type 1 versus Type 2 security?
Hawkins: I think the [primary] level of security that we need is wrapped around the data versus the device. We focus on making sure that the data is secure, and that we have one source for the data. That does not take away from the requirements that are tied to different handheld devices and/or instruments. So security is important to us.
The biggest area is to try to decrease the footprint for an attack against the enterprise. I would rather not get into the types of security because usually when that gets out that engenders another level of probing that’s just not smart.
DS: Sure. When you say reduce the footprint, the footprint of what specifically?
Hawkins: I said the footprint; it’s really the attack surface. So what we are doing there is, in essence, trying to minimize the areas that an adversary could come and attack the enterprise.
DS: And the introduction of smart phones only makes that harder, I would imagine.
Hawkins: Smart phones are an area of concern…just simple applications are an area of concern for us. When we go out to the app store we have got to make sure those applications are secure, whether they are on a smart phone or not. So the answer to your question is, yes, all of it is an area of concern and focus, and that’s why we have got to work with our mission partners, vendors and industry on the front end to make sure that we have the security where we need it.
DS: Let’s shift gears and talk about some of the new threats maybe coming from China and the Pacific. The Obama administration is certainly ramping up its interest in the area by looking at new bases, for example. I am wondering how DISA and your counterparts respond to kind of such a geopolitical shift in needs?
Hawkins: That’s an interesting way you put that. Having lived out in the Pacific in another life as the A6, the tyranny of distances is incredible there. [At the same time], the capabilities that are there to move information are important to us, as well as our allies and coalition partners. Ergo, we are going to have to work together to make sure that the communication capabilities are there for all of us to be able to operate in the Pacific region area of responsibility.
I think we do a very good job right now, and that was proven somewhat with the tsunami and earthquake that took place in Japan. The resiliency and the robustness of our communication architecture proved itself. That’s not to say that we didn’t have areas of concern that we need to work. We are still working those, as well as working with our field offices in the Pacific and in Korea to make sure that we deliver the capabilities that were identified in the strategic communications that our president and SecDef listed out for us.
DS: The military has never been more dependent on smart people to design, build and operate networks, but at the same time there’s never been a greater talent drain due to retirement. With DISA, the go-to agency tasked with addressing many of the military’s communications requirements, how are you positioning the agency for what I’ve heard some describe as a bow wave of retirements in just two to three years.
Hawkins: I will tell you that we have a very aggressive program for bringing in folks who are still in college. Our intern program is, in my opinion, second to none. We are working with various universities across the country to make sure that we have access to their best talent, as well. I will tell you that our personnel folks ... our strategic engagement organization…is doing a great job in making sure that we are bringing in new talent.
And then also we have got an aggressive training program, as well, internal to DISA. I say unashamedly that I believe it’s the best I have ever seen in DOD in my 30-plus years. That not withstanding, we’ve still got to focus on how we repurpose our workforce to [address what is] required from us in the defense of cyber. There is a constant requirement for training, and [everyone] is expected to keep up.