The U.S. Army defends and serves our nation by land, sea and air, protecting our nation’s most vital interests. Today that mission requires new, innovative capabilities to enable national security and defense strategies, primarily because the modern battlespace has adversaries waging information technology wars. Therefore, the Army’s modernization strategy identified digital transformation as imperative to achieving its goal of a lethal and modern force by 2028.
In Oct 2021, the US Army has announced that it will embrace digital transformation, releasing a digital transformation plan that aims to synchronize all of its technology and “better posture itself for multi-domain operations” according to the service’s chief information officer.
Digital transformation represents a shift in operations and culture that fundamentally changes how an organization delivers value through the adoption of advanced technologies such as cloud, data and artificial intelligence (AI). Digital
transformation is driven through innovation and new business and operating models, powered by a digital
workforce that is agile, adaptive, and tech-savvy.
“This is a new way of doing business for the Army,” Raj Iyer said at the annual AUSA conference, which was held earlier this month. “What digital transformation is all about is us operating better with industry, leveraging commercial technologies like we never have before. This is not one where we’re going to treat as an IT project. This is about changing culture, it’s about empowering our workforce to do things differently and for us to leverage better these commercial technologies.”
The U.S. Army said it embraced this strategy after increased threats against military networks and looked to find new ways of countering said attacks, especially ones that make use of technology. As the Army responds to the growing need for digital technologies through Army modernization programs, the cybersecurity attack surface area is growing exponentially, and the dynamic threat environment requires the Army to make fundamental changes to address security in all phases of the lifecycle to ensure the Army is poised for defensive and offensive cyber operations.
“The attacks that we’re getting in the Army are changing drastically. It used to be that perimeter defence would work well for defending our systems. Now a lot of those attacks have moved up the attack surface to the application level,” said Maj. Gen. Matthew Easley, chief cybersecurity officer in the CIO’s team. “That forces us to change the way we think of cybersecurity.”
As the Army marches toward its goals of being a more ready, lethal, and modern force by 2028, it faces unprecedented challenges in modernizing its platforms and weapons systems, but also its business processes and workforce to dominate adversaries on and off the battlefield in multidomain operations (MDO), writes Christine E. Wormuth, Secretary of the Army.
The Army must accomplish digital transformation in a fiscally constrained future. To accomplish this, reform
efforts are needed to continually assess the Army’s digital portfolio, explore opportunities for divestment of legacy
systems, re-engineer business processes, adopt greater automation, and find savings through consolidation and
better buying power.
Army will improve on how it executes institutional processes such as requirements development, acquisition,
Planning, Programming, Budgeting, and Execution (PPBE), and talent management. Digital transformation
requires an outcomes-based, metrics-driven mindset to measure activities and to continually seek efficiencies
The plan seeks to implement enterprise computing in a more centralized way, a stark difference from past administrations. It comes after the recently-released unified network strategy, which aims to link the enterprise and tactical nets in an omnichannel approach.
The Army’s current digital initiatives are siloed across mission areas, inhibiting the interoperability needed to support MDO and Joint All Domain Command and Control (JADC2). The Army must prioritize resources for digital modernization over current year operational readiness.
The Army will adopt a “cloud smart” approach that supports the migration of enduring applications in existing Army Enterprise Data Centers (AEDC) and Installation Processing Nodes (IPN) to Army’s cloud (cArmy) to achieve cost savings, interoperability, and information sharing across applications. The Army will establish the cArmy hybrid global cloud that is resilient, secure, and able to share computing and storage resources seamlessly for enterprise and tactical applications. All applications, as appropriate and excluding any Operational Technology (OT) systems, modernized to the cloud will adopt a DevSecOps methodology, enhanced to include non-traditional, but Army required security principles such as OPSEC indicator identification and data aggregation concerns, to shorten development lifecycles and build cybersecurity early in the design process.
Army will adopt common cloud services to achieve standardization in cloud architecture, security monitoring, and transparency in cloud spending. The Army will prioritize use cases to support Project Convergence and MDO including
tactical cloud pilots, threat capability red teams, and prototyping efforts across the Army and as appropriate with coalition and allied nation partners.
As adversaries continue to achieve greater sophistication in their offensive cyber capabilities, the Army must be able
to protect its ever-increasing attack surface area of both traditional IT and non-traditional OT assets connected to the DoD Information Networks (DODIN) while still adopting commercial technologies. To achieve this, the Army will implement Zero Trust (ZT) principles for IT and OT assets by completing a current state assessment of ZT capabilities for all of its systems, rapidly addressing gaps in capabilities, implementing policies to integrate ZT into all aspects of Army processes including supply chains, and continually evaluating and maturing ZT across the Army.
To enable Continuous Authority to Operate, the Army will rearchitect its networks, systems, and data to better take advantage of ZT principles and development approaches such as DevSecOps. The Army will fully implement Comply-to-Connect as part of the ZT Architecture to ensure that any device connected to the network is accredited and patched appropriately through compliance policies, and continually monitored to establish a trusted network.
To establish seamless user access through a single credential, collaboration with allied nation partners, and to support financial audit requirements through separation of duties, the Army will implement a standardized enterprise Identity Credentialing and Access Management (ICAM) system to meet both enterprise and tactical/disconnected requirements , as well as mission-based Need-to-Know for all users.
Finally, to proactively identify anomalous behaviors on the network, the Army must invest in and implement automated cybersecurity monitoring tools, automated red teaming tools, and big data analytics using AI.
This line of effort will result in the Army removing barriers to efficiently deliver data, applications, and services that are
needed to achieve multi-theater, multi-domain operations while at the same time establishing a predictable and
resourced lifecycle tech refresh model for the networks.
The Army will re-engineer its business processes to align with commercial best practices, threat mitigation best practices, and, where feasible, take advantage of commercial off-the-shelf (COTS) software capabilities. The Army will also establish an open technical architecture and open Application Programming Interfaces (APIs) for integration and interoperability in order to minimize vendor lock in and retain flexibility to adopt newer technologies in future.
The Army Digital Transformation Strategy (ADTS), established by the Office of the CIO, is the overarching framework that will set the vision, establish lines of effort (LOE), and implement strategic digital transformation initiatives prioritized and resourced as required to achieve this end state. Each LOE and initiative must be outcome driven
to ensure that it is operationally effective in a resource constrained future.
Secretary of the Army Christine E. Wormuth stated that “The Army must be manned, trained, equipped and modernized to be ready to fight today, but also to meet the demands of an uncertain and unpredictable future.” Coordinated, prioritized efforts supporting modernization, readiness, reform, and people and partnerships will make the vision of a digital Army of 2028 a reality. Building an Army mission-ready for the challenges of tomorrow requires adopting transformative technologies, efficient processes and a culture of continued education and innovation today.
To read the Army Digital Transformation Strategy, click here – Army Digital Transformation Strategy [PDF – 4.2 MB]