DISA’s sweeping new plan takes aim at data silos, mistagged info

U.S. Air Force / Staff Sgt. Clayton Lenhardt

Find opportunities — and win them.

The Pentagon’s IT agency has policy and culture ideas to encourage freer, more secure info-sharing.

The first data strategy implementation plan issued by the Pentagon’s lead IT office seeks nothing less than to break down the myriad and storied walls that keep information from flowing freely and securely between DOD programs, military branches, and battlefield units.

“Some of the unattractive data management practices that we are seeing right now is that we're working in silos instead of working collaboratively. Especially within the Department of Defense, we've always kind of been institutionalized that your data in your program is yours,” said Caroline Kuharske, the acting chief data officer of the Defense Information Systems Agency.

That’s not going to fly in an era where battlefield victory will turn on the ability to share data—and crunch it with a new generation of artificial-intelligence tools.

“When it comes to our data management, we have to be able to posture that data as close to the source as possible to be able to share” securely across organizations, Kuharske told Defense One in an interview.

“One of the things that my office is really honing in on are data pipelines and data flow architecture, so that we can ensure that that data set from that authoritative source is not being spread into multiple different data repositories. So that we can really contain that data set to ensure the integrity of it throughout its lifecycle,” she said.

The strategy, dated in July and publicly released in late August, lays out four lines of effort: data architecture and governance, advanced analytics, data culture, and knowledge management. These echo the data decrees issued last year by the deputy defense secretary and the strategy that preceded it.

The agency’s first data strategy implementation plan arrives less than a year after it created a dedicated data office. Kuharske, the office’s first chief, said the biggest challenge is to convince everyone that the flow of information needs to be considered much earlier in the acquisition process, and indeed, as part of any proposed change.  

“Sometimes change is hard,” she said. “Data—in the use of data and the management of data—is typically an afterthought when it comes to solution-building, requirements-gathering services to our warfighter. So we need to make sure that we're giving them the best data possible.” 

To do that, DISA wants to add data-centered training and certification offerings and create an analytics lab where people can practice what they’ve learned. 

“We're really wanting to retain and recruit a workforce that focuses on data early in someone's career. And also those that want to perhaps change and look at different areas,” she said. 

Kuharske walked through the importance of the strategy and what’s next for the agency: 

This document seems to be both a new strategy and a detailed plan for implementation.

Right, it's not just the strategy. The strategy is obviously built in there, but we wanted a plan behind it so that we can make it an operational type of document so the DISA workforce can see themselves in this strategy, in their part that they're playing in the data culture of the agency...

The plan mentions creating a  “data catalog” solution by early fiscal 2023. Can you explain what that means?

The catalog will really serve as a critical reference toward understanding how DISA assets are created, consumed, exchanged, and exploited. Now, we are reaching [initial operating capability] on that at the end of September. So very exciting to get the DISA workforce using that solution and pulling the metadata into that data catalog and then enforcing that governance and policies so that we can mature the data that we currently have. It's going to elevate that digital landfill that we have and clean it up quite a bit. 

There’s also plans to create an “advanced analytic lab” later that year? 

A lot of individuals, you know, they have all this data and are not quite sure what to do with it. So they just store it. We're really wanting the workforce to have a place where they're able to do some analytics and predictive modeling on the data so that we are ahead of the game. So we're working closely with a lot of the DISA threat-hunter groups to evaluate that data and how it's being received from the infrastructure.

How are you working to change the culture? 

We created the DISA Data Council, and that's really going to help that culture to work collectively and together to drive that innovation. If you see somebody doing something in one area that looks like it'll work in yours, you'll have more of a buy-in of doing that when you see that proof of value. 

What is “knowledge management” and why does it matter? 

We found that knowledge management was really just seen as “we're going to put documents together.” Well, what we really want to do with knowledge management is help drown out some of the noise so people can focus on key data so that the end user—our warfighter, our mission partner—really gets that valuable data and not everything else. That they're out there able to create information articles, store it, so that when we do have people that [have a permanent change of station, or] PCS or maybe move from one organization to another organization, that knowledge isn't lost. 

Do you have any particular bad practices that you want this strategy to eradicate?

You can have great data, data hygiene, great data practices as far as collecting data in one repository, tagging it with best practiced characteristics. But if you are not making it visible, making it accessible, making it understood, it's all for nothing.

Just because you have that one piece of data, that does no good when eight other people need it. We do have quite a bit of data that mission partners need. Look at [Joint All Domain Command and Control]; look at Advana. Look at, you know, ADA, [DOD’s AI and Data Acceleration initiative]. DISA is a huge stakeholder in providing data to those platforms. But if we don't have it, if we don't have it organized, if we don't follow the DOD [Chief Digital and AI Office] strategy of VAULTIS, the data is not going to be any good.

And also just redundant data storage. Having the same thing in 18 different places is going to lead to some confusion and it's also going to lead to resources being used in areas that it doesn't need to be.

What new data-governance policies are needed?

One in particular is, like, the DISA data sharing instruction. It will help to mandate the need to democratize data across the agency and to our mission partners, while also having a focus on [application programming interface, or] API enablement. So it really goes back to [understanding that] you have your data and you're owning it and you're curating it and you're ensuring the security of it. But if it needs to be shared, it needs to be shared. And that's okay. 

This interview was edited for clarity and length.