Army enterprise chief sets course for IT modernization

Editor's Note: This article first appeared on FCW.com. 

Brig. Gen. Patrick Burden is facing the challenge of modernizing Army networks and reducing the cyber attack surface. 

The Army's IT management has taken a beating in recent weeks for failing to keep with the times. But the branch's head of Enterprise Information Systems said it's past time for the Army to build more adaptable networks.

"I don't know if we can't get it right or [if] we built a system we thought we needed at the time," Burden said, referring to the Army's battlefield IT backbone WIN-T. The Army wants to shift funds away from that system to develop a replacement, a move that has some on Capitol Hill asking tough questions of Army IT executives.

"I think we've known all the time that there are other threats around the world; now we're beginning to pay more attention to it.… The network we have today was focused on a different environment," Burden said. "We need to make sure we have the network to be able to provide us what we need in a highly contested environment -- and the network that's in the field is not that network."

Burden, who won Fed 100 honors in 2014 for his work as a project manager on the PEO EIS General Fund Enterprise Business System and was promoted to PEO last year, said "agility" was key to modernization, being battle-ready and building a strong network. That means pushing "capabilities out a little more rapidly.… Because if it takes longer than we think it should take to deliver something and the threat changes, those requirements become obsolete."

In the IT space, he said, the goal is to "make sure that we're building systems that we can make immediate modernizations to in order to be able to address those threats as they change," by focusing on using software updates that can neutralize those threats rather than costly replacing devices.

Part of that means involving end users with the development of the systems. But not just any end user, Burden said. It has to be someone with experience who has lived in a military environment and can provide the specific feedback developers need.

"That will help us speed up the cycle and help us with training as well," Burden said. For example, the PEO EIS has some new training programs, such as the Cyber Warriors, or cyber force, to help fine-tune tools to be delivered to the cyber protection teams.

Overcoming threats and building better platforms

One goal of modernization is reducing the number of vulnerable spots within the enterprise network worldwide.

Burden said there are currently about 600 possible entry points that need to be whittled down to a more manageable and defendable number.

"Our goal is to reduce those attack vectors within our Army network," he said. Partnering with the Defense Information Systems Agency, the Army is working to centralize its architectures away from individual bases and camps through Joint Regional Security Stacks to prevent and detect intrusions, perform enterprise management and take advantage of other security capabilities. The end result will reduce those hundreds of entry nodes to 25 points of presence.

Cyber NetCom, under PEO EIS, is creating network monitoring tools that could pick up possible insider threats. "If you're going through another node that's through a country of interest, like our friends in Asia, that would be an indicator that maybe someone has discovered a vulnerability on the network and may have access they shouldn't have."

With a newly released plan to create a new modernization command to make the Army's network more mobile and battle-ready, Burden said that while he's not sure where the PEO EIS fits in in the Army's new modernization command slated to stand up in 2018, he knows that it will take a cross-functional team effort.

"Our PEO powers our Army," he said. "I don't know how the modernization command is going to affect the PEO to be blunt, but … we will play in that cross-functional team," that looks beyond the tactical requirements to include strategic and enterprise needs across the board.