To consider the following nominations:
Francis J. Harvey
to be Assistant Secretary of
Defense for Networks and Information Integration
IV. Major Challenges and Problems
A. In your view, what are the major challenges that will confront
the ASD (NII)?
I believe there are four major challenges that will confront the
The first challenge the successful execution of the major communication
and information systems programs which, as a whole, are intended
to build the foundation of network-centric operations. Building
this foundation is key to the Secretary's strategic initiative
to fundamentally transform the way our forces fight and how the
DoD does business. The second challenge, which is closely related
to the first, is the successful integration of the programs that
are being developed and deployed to produce network-centric capabilities
to support network-centric operations. The third challenge is
the smooth and seamless transition of legacy systems to the future,
or " be", network-centric GIG. The final challenge
is to promote and support dramatic improvements in the efficiency
and effectiveness of DoD business processes.
My understanding is that the Under Secretary of Defense (Comptroller)
is leading the improvement initiatives and, if confirmed, I plan
to work very closely with him to ensure that this effort is highly
VII. Information Superiority
Many have described the major responsibility
of the ASD (NII) as "information superiority." Describe
your vision of information superiority for DOD, including any
to information superiority facing the Department.
In the general area of information superiority,
a major responsibility of the ASD(NII) is to enable the Information
of the DoD by building the foundation for network-centric operations
which primarily involves the development and deployment of the
future, or "to be", Global Information Grid. On this
basis, I envision a Department of Defense that is second to none
in its ability to leverage Information Age concepts and technologies,
creating an organization that has superior situational awareness,
the ability to collaborate as well as to self coordinate and
is both interoperable and agile enough to meet the challenges
uncertain future. Providing each and every individual with access
to the information he needs, ensuring that he has access to the
individuals and organizations with whom he needs to interact,
and facilitating and supporting these interactions with a rich
environment will enable our warfighters to employ new concepts
of operation and command and control approaches that are and
will continue to emerge to meet the challenges of that uncertain
At this time I believe the major impediments to progress are
1) our inability to quickly field emerging information related
and 2) cultural barriers to information sharing, collaboration,
and experimentation that impede facilitation of these essential
If confirmed, I will devote my energies and focus the ASD(NII)'s
efforts to make each and every individual throughout DoD fully
network-enabled, make information accessible, and foster collaboration
while simultaneously ensuring that our information and information
processes and systems are adequately protected and assured.
VIII. Information Operations
Joint Vision 2020 describes "information superiority" as
a critical element of success in 21st Century conflict. Disrupting
the information systems of adversaries, while protecting our
own systems from disruption ( i.e., information operations) will
a major element of warfare in the future.
A. Describe your vision for the role of information operations
in the conduct of military operations.
As discussed in the previous question, information superiority
requires robustly networked forces that share global, secure, reliable,
real-time information. Obviously, any disruption to the network
or the ability to share information would significantly decrease
or neutralize a position of information superiority relative to
an adversary. Likewise, adversely affecting an enemy's communications
and information systems will improve our relative position and,
therefore, enhance our capability to efficiently and effectively
conduct network-centric operations.
On this basis, my vision is that information operations plays a
critical role in the effective and efficient conduct of network-centric
operations and that a major emphasis should be placed on developing
a first class capability to conduct these types of operations.
IX. Information Assurance
The protection of the Department of Defense's critical information
infrastructure has become a high priority. Training and retention
of personnel in this developing profession of computer security
and infrastructure protection has been challenging.
A. Are you satisfied with the Department's current level of effort
to protect critical DoD information infrastructures? Have sufficient
resources been allocated for this task?
Like other organizations in which I have been involved in the
past, DoD appears to be constantly in a race to stay up with technology
and to balance growing IT demands with the required security. While
I believe the Department has made significant progress over the
years in improving its ability to protect information and defend
the network, DoD must continue to evolve and strengthen its ability
to defend its networks, computer and information systems. If confirmed,
I will assess our progress to date and determine what additional
actions and resources may be required.
B. What are your views on the professional development and retention
of the highly skilled personnel required to ensure the security
of our Department of Defense information systems?
In DoD, as in most organizations, development and retention of
skilled people is critical and one of our most challenging tasks.
It is my understanding that DoD has made strides in identifying
and improving the management of these critical personnel. For example,
I understand that DoD is making progress with its widely successful
IA Scholarship Program, the implementation of Centers of Academic
Excellence, and the introduction of a much more security relevant
curriculum in DoD professional military education.
C. Given DoD's growing dependence on commercial networks and systems,
what role, if any should DoD play in ensuring that the private
sector sufficiently addresses information security issues?
By leveraging its important position in the information security
market place, DoD needs to make security a priority mandate via
its procurement policies and its configuration control requirements.
X. Conversion to Internet Protocol version 6
The Department has mandated a transition of DoD networks to technologies
based on Internet Protocol version 6 (IPv6). However, there are
concerns that conversion of systems from either IPv4 or asynchronous
transfer mode (ATM)-based systems could result in additional costs
to critical service programs (such as the Army's Future Combat
Systems) and potentially reduce the performance of critical networks,
by limiting encryption speeds and reducing network quality of service.
If confirmed, what role do you expect to play in ensuring that
cost and performance considerations are appropriately considered
by DoD during the transition to IPv6 systems? It is my understanding
that in order to accomplish the Information Age Transformation
of DoD, a transition to IPv6 technology is necessary. As the DoD
CIO, I would ensure that this transition is necessary and fully
justified as well as recommend to the Secretary efficient and effective
investments to achieve that transition. If confirmed, I plan to
stay closely involved in the planning and implementation of the
XI. Open Source Software
What are the current challenges facing DoD as it develops strategies
for the development and use of open source software?
My understanding is that the challenges facing DoD with respect
to Open Source Software (OSS) are similar to those facing any government
organization or industry. The principal challenge is to maintain
XII. Global Information Grid
A. If confirmed, what would your plans be to ensure adequate test
and evaluation of components of the Global Information Grid (GIG)?
It is my understanding that the ASD(NII) development approach
to test and evaluation of the GIG involves an end-to-end testing
capability. If confirmed, my plan would be to ensure that this
approach becomes a reality.
B. If confirmed, how would you assess the current and potential
future threats to military forces dependent on the GIG?
If confirmed, I will work in partnership with the Joint Staff,
the relevant Combatant Commanders, the Intelligence Community and
the Information Security Community to protect the GIG by implementing
a risk management based approach. This approach would address current
and potential threats to network-centric forces and develop measures
to effectively deal with those threats.