The U.S. Army defends and serves our nation by land, sea, and air, protecting our nation’s most vital interests. Today that mission requires new, innovative capabilities to enable national security and defense strategies, primarily because the modern battlespace has adversaries waging information-technology wars.
Therefore, the Army’s modernization strategy identified digital transformation as imperative to achieving its goal of a lethal and modern force by 2028. The strategy arrives as the Army conducts a massive overhaul of its virtual footprint and computer infrastructure in order to better prepare for potential conflicts with China and Russia.
As the Army marches toward its goals of being a more ready, lethal, and modern force by 2028, it faces unprecedented challenges in modernizing its platforms and weapons systems, but also its business processes and workforce to dominate adversaries on and off the battlefield in multidomain operations (MDO), writes Christine E. Wormuth, Secretary of the Army.
In Oct 2021, the US Army has announced that it will embrace digital transformation, releasing a digital transformation plan that aims to synchronize all of its technology and “better posture itself for multi-domain operations” according to the service’s chief information officer.
Clean, plentiful data is increasingly the lifeblood of U.S. military endeavors, especially as the services work to achieve the Pentagon’s Joint All-Domain Command and Control vision of seamless coordination across land, air, sea, space and cyberspace. The Army’s contribution to JADC2 is Project Convergence, a weekslong evaluation of cutting-edge kit in demanding conditions. The service plans to test artificial intelligence and machine-learning capabilities as well as systems that quickly shuttle data.
Decision dominance is driving the digital transformation of the U.S. Army, which is one of the world’s largest employers and a top strategic organization. The Army is not just focusing on technology transformation but also on using data as a strategic asset to become battle-ready. Part of the transformation strategy includes what the Army is calling data centricity — making information available to the right people “and not locking it in the systems,” Swanson explained.
Digital transformation represents a shift in operations and culture that fundamentally changes how an organization delivers value through the adoption of advanced technologies such as cloud, data and artificial intelligence (AI). Digital transformation is driven through innovation and new business and operating models, powered by a digital workforce that is agile, adaptive, and tech-savvy.
The old way of developing software began with requirements developers laying out what they want, and then having the software development community, usually through a contract award, take over to create something to satisfy the requirements. By the time the Army developed a solution years down the road, the software wouldn’t work well in the systems for which it was initially tailored.
Now, industry follows “agile software development,” Swanson said, which means the requirements developers, testers and cyber experts are all part of the development team. Working from a needs statement, the group starts coding in a sprint, which takes several weeks. Then, requirements developers review it to see if, in reality, it’s hitting the mark. At the same time, as software undergoes development, it can run through an automated pipeline for testing and cyber scanning to check for vulnerabilities.
The thought is that a few sprints’ worth of code equates to a minimum viable product, Swanson said, “which is actually a delivery that you can start putting capabilities in the hands of users.” This can shrink development time down to weeks and months, rather than years.
“This is a new way of doing business for the Army,” Raj Iyer said at the annual AUSA conference. “What digital transformation is all about is us operating better with industry, leveraging commercial technologies like we never have before. This is not one that we’re going to treat as an IT project. This is about changing culture, it’s about empowering our workforce to do things differently and for us to leverage better these commercial technologies.”
The Army must accomplish digital transformation in a fiscally constrained future. To accomplish this, reform efforts are needed to continually assess the Army’s digital portfolio, explore opportunities for divestment of legacy systems, re-engineer business processes, adopt greater automation, and find savings through consolidation and better buying power.
Army will improve on how it executes institutional processes such as requirements development, acquisition, Planning, Programming, Budgeting, and Execution (PPBE), and talent management. Digital transformation requires an outcomes-based, metrics-driven mindset to measure activities and to continually seek efficiencies and effectiveness.
The Army’s acquisition branch is developing a data mesh reference architecture as part of the strategy, Swanson noted, which “is kind of a new concept.” And while the Army will continue to use data fabrics, “data mesh will federate those fabrics.”
The plan seeks to implement enterprise computing in a more centralized way, a stark difference from past administrations. It comes after the recently-released unified network strategy, which aims to link the enterprise and tactical nets in an omnichannel approach.
The Army’s current digital initiatives are siloed across mission areas, inhibiting the interoperability needed to support MDO and Joint All Domain Command and Control (JADC2). The Army must prioritize resources for digital modernization over current year operational readiness.
Along with modernizing next-generation combat systems, the Army also wants to do away with its legacy information infrastructure and introduce cloud computing at scale to phase out its 250 data centers, which cannot sustain the requirements of the mission.
The Army will adopt a “cloud smart” approach that supports the migration of enduring applications in existing Army Enterprise Data Centers (AEDC) and Installation Processing Nodes (IPN) to Army’s cloud (cArmy) to achieve cost savings, interoperability, and information sharing across applications. The Army will establish the cArmy hybrid global cloud that is resilient, secure, and able to share computing and storage resources seamlessly for enterprise and tactical applications.
The Army has also signed a $1 billion transformation project that will involve large hyperscalers and cloud service providers to modernize and migrate more than 5,000 of its applications in the cloud.
All applications, as appropriate and excluding any Operational Technology (OT) systems, modernized to the cloud will adopt a DevSecOps methodology, enhanced to include non-traditional, but Army-required security principles such as OPSEC indicator identification and data aggregation concerns, to shorten development lifecycles and build cybersecurity early in the design process.
Army will adopt common cloud services to achieve standardization in cloud architecture, security monitoring, and transparency in cloud spending. The Army will prioritize use cases to support Project Convergence and MDO including tactical cloud pilots, threat capability red teams, and prototyping efforts across the Army and as appropriate with coalition and allied nation partners.
The U.S. Army said it embraced this strategy after increased threats against military networks and looked to find new ways of countering said attacks, especially ones that make use of technology. As the Army responds to the growing need for digital technologies through Army modernization programs, the cybersecurity attack surface area is growing exponentially, and the dynamic threat environment requires the Army to make fundamental changes to address security in all phases of the lifecycle to ensure the Army is poised for defensive and offensive cyber operations.
“The attacks that we’re getting in the Army are changing drastically. It used to be that perimeter defense would work well for defending our systems. Now a lot of those attacks have moved up the attack surface to the application level,” said Maj. Gen. Matthew Easley, chief cybersecurity officer in the CIO’s team. “That forces us to change the way we think of cybersecurity.”
As adversaries continue to achieve greater sophistication in their offensive cyber capabilities, the Army must be able to protect its ever-increasing attack surface area of both traditional IT and non-traditional OT assets connected to the DoD Information Networks (DODIN) while still adopting commercial technologies. To achieve this, the Army will implement Zero Trust (ZT) principles for IT and OT assets by completing a current state assessment of ZT capabilities for all of its systems, rapidly addressing gaps in capabilities, implementing policies to integrate ZT into all aspects of Army processes including supply chains, and continually evaluating and maturing ZT across the Army.
To enable Continuous Authority to Operate, the Army will rearchitect its networks, systems, and data to better take advantage of ZT principles and development approaches such as DevSecOps. The Army will fully implement Comply-to-Connect as part of the ZT Architecture to ensure that any device connected to the network is accredited and patched appropriately through compliance policies, and continually monitored to establish a trusted network.
To establish seamless user access through a single credential, collaboration with allied nation partners, and to support financial audit requirements through separation of duties, the Army will implement a standardized enterprise Identity Credentialing and Access Management (ICAM) system to meet both enterprise and tactical/disconnected requirements , as well as mission-based Need-to-Know for all users.
Finally, to proactively identify anomalous behaviors on the network, the Army must invest in and implement automated cybersecurity monitoring tools, automated red teaming tools, and big data analytics using AI.
This line of effort will result in the Army removing barriers to efficiently deliver data, applications, and services that are needed to achieve multi-theater, multi-domain operations while at the same time establishing a predictable and resourced lifecycle tech refresh model for the networks.
The Army will re-engineer its business processes to align with commercial best practices, threat mitigation best practices, and, where feasible, take advantage of commercial off-the-shelf (COTS) software capabilities. The Army will also establish an open technical architecture and open Application Programming Interfaces (APIs) for integration and interoperability in order to minimize vendor lock in and retain flexibility to adopt newer technologies in future.
The Army Digital Transformation Strategy (ADTS), established by the Office of the CIO, is the overarching framework that will set the vision, establish lines of effort (LOE), and implement strategic digital transformation initiatives prioritized and resourced as required to achieve this end state. Each LOE and initiative must be outcome driven to ensure that it is operationally effective in a resource constrained future.
Secretary of the Army Christine E. Wormuth stated that “The Army must be manned, trained, equipped and modernized to be ready to fight today, but also to meet the demands of an uncertain and unpredictable future.” Coordinated, prioritized efforts supporting modernization, readiness, reform, and people and partnerships will make the vision of a digital Army of 2028 a reality. Building an Army mission-ready for the challenges of tomorrow requires adopting transformative technologies, efficient processes and a culture of continued education and innovation today.
References and Resources also include
To read the Army Digital Transformation Strategy, click here – Army Digital Transformation Strategy [PDF – 4.2 MB]