A recent cyber review of the Navy found major holes in the service’s cybersecurity, and recommended the branch should organize differently to address the threat. Leading that effort is Aaron Weis, who was just named special assistant to the secretary for information management and chief information officer — a new position that will oversee four directorates: chief technology officer, chief digital strategy officer, chief digital officer and chief information security officer.
These directorates have all been established with their directors all reporting to duty effective Oct. 14. Speaking to reporters at the Pentagon Oct. 1, Weis explained how he will manage a structure and approach ripped right from an enterprise IT industry organization chart.
“Having data, digital, technology and security aligned under the CIO is really where industry is at in terms of best practice, because it recognizes that information in all of its forms whether it’s cyber, digital, technology, etc., is really the lifeblood for how organizations operate,” he said of the four directorates.
“It’s how business runs today and really it’s how the Department of Navy is running whether we’ve fully embraced that or not; it is the blood that pumps through our veins and enables us to learn and understand and fight.”
Weis said he will lean on his 28 years working in the private sector, as well as his experience over the last year in the Department of Defense CIO office as an adviser, to lead the Navy’s IT efforts.
He said industry helps to drive accountability regarding performance in IT and cyber, not just compliance or operations, which is typically how DoD has done business. He also explained it’s about driving strategy to help guide the Navy to where it needs to go, which he noted has been lacking within the service to date.
“I think it’s accountability along with the ability to move the levers around funding and operational elements along with a guiding vision strategy that we need to be able to apply here,” Weis said.
Weis also explained how his most recent experience with the DoD CIO was a good primer for his work ahead with the Navy.
“Being able to operate at OSD ... to shepherd the development of the digital modernization strategy that came out of DoD CIO, as well as the enterprise cloud strategy — lot of that is timely and I think it’s relevant context for what we’re going to have to face and deal with here at [the] Navy," he said.
Undersecretary Thomas Modly explained that he is going to give Weis enough flexibility to begin to institute reforms within the department.
“We have such a long way to go in so many areas that it’s my intention to give Aaron a lot of ability to enforce standards and to devise strategy and start implementing strategy,” he told reporters.
No longer will he simply accept the excuse given by some that changes will cause operational risk, noting that most times, the changes won’t.
Those making those arguments typically “just don’t want to do it because it’s different from the way they’ve been doing things for a long time,” Modly said.
“I think we’re a long way off from getting it to big decisions that are going to create big operational risk for us, we’ve got a lot of basic blocking and tackling we’ve got to do first.”
Modly did, however acknowledge that there might need to be further structural, organizational or authority changes depending on what Weis needs to do his job.
“That’s what I’m asking Aaron to do. He needs to let me know and the secretary know what are the obstacles that he can’t get over for whatever reason whether it’s cultural, legislative, policy, regulation, whatever,” he said.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.