The second objective is bringing about reform in the Army. We could do all of these things I just talked about, but there are some institutional processes that we need to change. If we want to adopt technology at the speed at which it’s changing, the way we budget has to change as well. We need to be much more agile and flexible to being able to resource new modernization programs. As the CIO, I certify an annual budget of about $15 billion. That’s a lot of money. And so, we have to make sure that we have good alignment of those resources against Army priorities and DOD priorities. If you don’t have that good line of sight, then in a fiscally constrained future, it’s going to be very difficult for us to accomplish this digital transformation.
The final priority is all about people, our No. 1 asset and our most important asset. So, we also have to look at how we are reskilling and upskilling our digital workforce for the future, and that includes the IT workforce on the civilian employee side. It includes the data and analytics workforce. The cyber workforce also includes the active duty, National Guard and Army Reserve. How do we need to shape career paths for the future when it comes to AI? What kinds of skills do people need to have? What hands-on experience do we want to give them? And how can we bring in new, fresh talent from industry? There are a lot of people, very passionate and smart and intelligent who want to work for the Army. We also want to establish a closer relationship with industry, to bring in talent for us and to send our people out to industry through rotations so they can gain the experience they need in an industry.
EXPLORE: How does the Army want to modernize its network?
FEDTECH: What lessons did the Army learn from the remote work experience that will translate into something useful in the future?
Iyer: Remote work, I think, is here to stay. From a changing culture perspective, remote work has given managers the trust and confidence that they can get their work done with their workforce being remote. There were so many naysayers in the Army before the pandemic. We’ve broken that culture, and I think we’ve broken it for good.
Now, having said that, how are we going to share our data and collaborate securely? How do we do that with our joint partners? When people work from home and use their own personal devices, how do we protect these endpoints that are no longer government-furnished equipment? And how do we make sure that we are educating our users about the cyber risks associated with working from home on open networks?
All of these home assistant devices have become so ubiquitous that we had to educate everyone that if you’re on a phone call that involves controlled unclassified information, and you have a home assistant device sitting next to you, it is recording your conversation. Educating our workforce on what those risks are and what they need to do has been big.
RELATED: How has the DOD enhanced its telework capabilities?
FEDTECH: It seems as though the military in general is a bit further along on the path to zero trust than the civilian agencies. Is that a fair assessment?
Iyer: National security clearly demands that we take extra protection over our data. I think the DOD definitely did move forward, rapidly. We actually created a reference architecture with all the capabilities that need to come together to establish these zero-trust principles. If we don’t do that, zero trust will become just another buzzword. The timing was really great, because then the White House executive order came forward on cybersecurity, and zero trust was all over it. We were ahead of the curve.
But the other part — and I think the Army is in a unique situation — is that we have information technology, but we also have operational technology. We have industrial control systems and facility control systems that are vulnerable to cyberattacks. We know from recent news and events like the Colonial Pipeline hack that our adversaries and nonstate actors are going after vulnerabilities in operational technology. There’s a lot of learning to be done in terms of how we establish zero trust when it comes to operational technology.
FEDTECH: What’s the oldest piece of Army IT that needs to be modernized?
Iyer: We still have analog phones, and it bothers us because they are end-of-life, decades old. We cannot find spare parts for them anymore. We have to go to eBay to find them and buy them at a premium — and, oh, by the way, we can’t find the people to fix them, either. We’re on a path to voice modernization using Voice over IP, but the Army’s huge. We have 288 posts, camps and stations worldwide. It takes time for us to do this at scale.