Q&A: RADM Elizabeth Hight
Net-Centric Sustainer
Ensuring Communication, Dialogue and Cooperation
RADM Elizabeth Hight
Vice Director, Defense Information
Systems Agency
RADM Elizabeth A. Hight is vice director of the Defense Information Systems Agency [DISA]. As vice director, she helps lead a worldwide organization of more than 6,600 military and civilian personnel responsible for planning, developing and providing interoperable, global net-centric solutions that serve the needs of the president, secretary of defense, Joint Chiefs of Staff, the combatant commanders and other Department of Defense components.
After joining the Navy in 1977, Hight’s first duty station was Naval Communications Area Master Station WESTPAC, Guam, where she was the high-frequency receiver site division officer. In 1979, she reported to NAS Pensacola, where she established the command’s first Human Resources Office, followed by two years as the base public affairs officer. In 1984, Hight reported to the CNO staff as the program sponsor for the UHF Satellite Communications Program.
In 1986, Hight reported to the U.S. Space Command Directorate of Plans as a plank-owner, and two years later was selected to serve as a member of the USSPACECOM Commander-in-Chief’s Group. In 1989, she reported to director, communications security material systems as executive officer, and in 1991 was assigned to the program executive officer for space, communications and sensors, where she served as the assistant program manager for operations.
After serving as commanding officer of the Fleet Surveillance Support Command, Hight reported to the Bureau of Naval Personnel as the assistant branch head, Fleet Support Assignments Office. Upon completion of that tour in 1997, she was transferred to the Joint Staff/J6, where she served as chief of the Current Operations Division and then as executive assistant to the director, C4 systems. In 2000, Hight reported as the U.S. Space Command Liaison Officer to the U.S. European Command.
In July 2001, Hight reported for duty as commanding officer, Naval Computer and Tele-communications Area Master Station Atlantic and program manager for mid-Atlantic region information technology. The following year, she was selected for promotion to rear admiral [lower half] and reported to OPNAV 6/7, where she was director, net-centric warfare.
Before being assigned as vice director, Hight served as DISA principal director for operations and deputy commander, Joint Task Force-Global Network Operations. Hight graduated from Huntingdon College as a triple major in psychology, sociology and social work. She is a graduate of the Defense Systems Management College, the Naval Post-graduate School with a master’s degree in telecommunications systems, and George Washington University with a master’s degree in information systems.
Hight was interviewed by Carol Scheina of the DISA Corporate Communications Division.
Q: Can you give an overview of what you see as your role as DISA vice director?
A: I think any deputy or vice director has a responsibility to carry out the director’s vision and strategy to meet the needs of the Department of Defense. At DISA, our vision is to be the provider of global net-centric solutions for the nation’s warfighters and all those who support them in the defending the security interests of the nation.
As the DISA vice director, I have two primary responsibilities. The first is to create and sustain an environment in which the very talented and creative people of DISA can thrive in their efforts to provide global net-centric solutions to the warfighters. In addition to sustaining an empowering and efficient workplace, I am responsible for limiting and removing barriers that prevent the workforce from being a high-energy, productive team.
Every organization has barriers that prevent it from being a highly effective team. Those barriers might be the inability to appropriately prioritize limited resources or funding; outside forces acting negatively on the organization; inability to limit the scope of its mission to achieve realistic user expectations; and difficulty in managing the seams and levels of coordination between different parts of the organization. My role is to eliminate those barriers to mission accomplishment to the greatest extent possible.
My second role is to foster open dialogue and mutual learning among and between our workforce and our mission partners within the U.S. government, with our allies and coalition members, and with our industry partners to create the most effective net-centric environment possible for the warfighter, decision maker and other stakeholders. Ensuring communication, dialogue and cooperation in this incredibly dynamic and complex environment is job number one. All those involved in building the net-centric environment to support our national security, both within DISA and throughout DoD, have a vital piece of this overall effort. It is through the orchestration of all of these efforts that we will ensure the transformation of our warfighting, business and intelligence capabilities to support the net-centric vision.
Q: What do you view as the hot topics for the agency this year?
A: I see four primary programs as being important for the agency this year: Net-Centric Enterprise Solutions [NCES], Net-Enabled Command Capabilities [NECC], network and enterprise computing, and information assurance solutions. These four areas are part of an enterprise transformational approach critical to supporting military forces engaged in both traditional and nontraditional warfare.
Other hot topics are the agency’s initiative to transition to a “capability on demand” acquisition environment. One of our preeminent efforts is to move away from government-operated services that require long acquisition timelines to acquiring commercially managed capabilities that can be upgraded by the vendor without interruption to the user. This includes emulating the commercial environment to provide computing as well as network and satellite communications services on demand. Information assurance products and capabilities are now available. We are creating overarching contractual agreements so that DoD users can simply come to DISA and buy a service that is tailored to their needs.
This is in line with the DISA philosophy of “ABC,” which reflects a fundamental change within the agency with respect to the acquisition and procurement of products and services. The ABC concept— adopt or adapt before you buy, buy before you create—represents a cultural change not only with our industry partners, but with our service and agency partners as well. Because of the diversity in our customer base and the dynamic mission environment in which we live, the ABC concept will result in an enterprise solution set that is much more responsive to a variety of operational, business and intelligence needs than what a single organization could provide to a subset of users.
The partnerships that we have developed among the services and defense agencies are an indication that the acquisition change that we’re driving for is a win-win situation for all of us. Everyone now recognizes that the ABC concept will result in less expensive, more integrative capabilities delivered to the field in a much faster manner. DISA may have been the first to explore the ABC concept on an enterprise basis, but it has become a cooperative effort among many people and organizations to make it happen.
Q: What are the challenges that you see DISA facing as DoD attempts to modernize the way wars are fought? How will those challenges be overcome?
A: The challenges we face in DISA are similar to those of other information system and network organizations in both government and industry. There are two essential facets to the role we play. One is providing a high level of confidence and assurance for information delivery, network availability and information protection. DoD recognizes the network as a critical component of our warfighting, business and intelligence processes rather than a tool of convenience. We must provide systems and capabilities that meet those expectations. We must also work toward information sharing across diverse boundaries in order to leverage the strength of our many information providers, at home and abroad. In a global, interdependent world, assured information for decision superiority is the only way to preserve our national interests.
The second facet is maintaining a balance between technology and technique, system development and system employment, and operational risk versus operational necessity. This balance affects everything we do. In a networked environment, what I accept as risk or what I employ as a technique may have cross-cutting impact on others residing on the same network. What I require in a technological solution might best be solved in a procedural way.
As we increase our partnerships, both in and outside of government, we must continue to learn how to find the right balance among the many factors impacting operations at the same time. This ability to evolve our thinking as we recognize environmental changes requires a commitment among all stakeholders to inclusion, teamwork, partnering and taking advantage of strengths that each organization brings to the table for the good of the department and the nation. DISA’s role is to champion the discovery of that balance.
Q: You served as the deputy commander of the JTF-GNO and the principal director of DISA’s Global Information Grid Operations Directorate prior to becoming DISA’s vice director. As someone who has been heavily involved in the defense of DoD’s networks, how far away would you say DoD is from a completely secure network, if such a thing is possible?
A: I think network security and information assurance are ongoing processes, and they will change and evolve based on how the threat changes and evolves. It’s very similar to other endeavors. For instance, the United States protects the economy through constant attention to monetary regulations and policies. The United States protects its financial sector against theft and infiltration on an ongoing basis. We protect our homes by putting locks on our doors and windows and installing security systems.
I think complete protection of the network against security threats is a wonderful vision, but it’s not achievable. The real questions become how much network security is enough based on what you expect the network to do, and what are other ways to protect information that is critical for decision-making and warfighting? How many locks do you put on your door and what other methods do you employ to protect what is important to you?
Q: What are the most important computer network defense initiatives being taken right now?
A: There are five areas that encompass our most important computer network defense initiatives. The first is culture; we are changing the user mindset to thinking of the network as a critical component of the fight, just as a weapons system is considered essential to success. The second is identifying and understanding the threat. What is the threat? How do I identify the threat as it changes its attack vector or methodology? How do I prevent the threat from affecting the network? What is the avenue of attack that might cause the most pain?
The third area is our people. People are the most important aspect of defending the network. We need to ascertain how to appropriately train and certify information professionals in the department and DoD agencies, as well as determining the best way to educate the users of the network to help protect it
The fourth initiative we’ve undertaken involves technology and tools. This initiative comprises a triad of network security capabilities that are provided to the entire DoD enterprise:
• Identity management tools, such as public key infrastructure [PKI] and common access cards [CAC].
• Automated network management tools such as the Secure Configuration Compliance Validation Initiative [SCCVI] for system patching and the Secure Compliance Remediation Initiative [SCRI]
• A host-based security system that involves intrusion detection, identification and prevention, as well as configuration compliance and other security capabilities.
The fifth computer network defense initiative we’re working on is network design. We’re building security into the network as it is designed instead of trying to overlay security after it is built. Security is a fundamental component of the network that must be part of the original requirements set. Let’s look at what we have learned from the past. The Internet was born from an academic interest in sharing information and research. The original creators did not build the Internet with security in mind—it was all about information sharing. As we have evolved from that original design, security has taken on a greater importance. Now that we rely on the network as a foundational component of net-centric warfighting, security has become a fundamental consideration.
Q: How would you describe DISA’s current efforts to create a more interoperable environment across the department?
A: There is certainly a technical component of interoperability and information sharing, but there is also a very real human component. DISA is actively involved in both of those. In the technical world, DISA is working to make information sharing work effectively across geographical and national boundaries. We are right in the center of efforts to deliver new and innovative computing and networking capabilities. We are developing a network similar to the Unclassified but Sensitive Internet Protocol Router Network [NIPRNet] and Secure Internet Protocol Router Network [SIPRNet] to make coalition information sharing more widely available and more responsive to the demands of dynamic events around the world.
However, there is a human component to interoperability, and that involves how people speak to one another; in other words, people need to understand data in the same way, regardless of the source or destination of the data. It must mean the same thing to multiple users. If one organization categorizes information one way and another categorizes it another way, then the two organizations will find it difficult to discover, much less use, the information in a cooperative engagement. People need to know how to label an event, an object, or a thing, so we understand it in the same way. We need to consider:
• What is this event, object or thing?
• What do we call it?
• How do we make it accessible?
• How do we know it is out there?
• How we find it?
We are part of the larger DoD enterprise developing standards for these and many other issues surrounding “data.” Our focus is on data transport, computing and information management, while other communities of interest focus on global strike options, logistics and time-critical planning. That is what makes information available and useable by all who need it in the era of Internet protocols and information-sharing imperatives. I believe the information technology world has a lot more to do with people arriving at solutions that meet both their process needs and their cognitive requirements than it does with advanced technology when it comes to the interoperability needs of the future.
Q: What is DISA’s contribution to the information assurance environment across DoD?
A: DISA is in a position to look across the services, defense agencies and combatant command organizational units to understand the enterprise relationship among all these requirements. Our role is to aggregate those very diverse and heterogeneous requirements into a capability that serves the enterprise and department goals— not necessarily a single segment of the department. By doing that, we can save money and provide a capability with the same degree of consistency across the board, regardless of whether the user is Army, Navy, Air Force, Marines, DoD civilians or other mission partners.
In today’s networked environment, the most important thing to remember is that we no longer traverse single agency or service networks. Information may flow from the source to the user over networks developed or provisioned by many organizations in either the government or commercial world, and that path is almost always transparent to the user. Because of that, we are working to ensure the same high level of information delivery, system availability and information protection from one end of the network to the other.
In addition to these solutions, DISA can also bring situational awareness, visibility and understanding of an entire mission thread across many diverse networks. Because we rely on net-centric warfare today—meaning that we rely on the networks to achieve a massed effect—we can no longer worry about who owns what part of the network. We must understand a mission thread without concern over organizational equity. Today, the name of the game is mission assurance and the way we fight is in a joint, coalition environment.
Q: Any parting thoughts?
A: Just one. I have known and worked with my predecessor, Major General Marilyn Quagliotti, for over 10 years. She is one of the finest DoD IT professionals I’ve ever partnered with. If I can come close to filling her shoes, I’ll be very lucky and so will DISA. We will miss her strategic perspective and warfighter instinct. ♦
