By Bob Gourley
The Intelligence and National Security Alliance (INSA) has released a white paper documenting the vision and approach for enhancing enterprise information technology in support of intelligence and national security missions. This paper, titled ”Doing in Common What Is Commonly Done” provides insights based on interviews of government leaders including CIOs, CTOs and other agency leadership.
The goal of the IC ITE approach is to move to an IT posture that is more integrated and service based (with 10 common service offerings across the IC for primary IT functions). IC level portfolio management will also be done enabling IT decisions to be made by more informed IT leaders across the enterprise. And enhancements will be made to the IC enterprise IT acquisition process, including more centralized and synchronized IT acquisition and more progressive models for procurement (like SOA and Agile instead of typical procurement).
From the paper:
The IC ITE focuses on greater integration, information security, and information sharing while seeking substantial cost reductions through shared infrastructure and service models. The IC recognizes that each agency has particular strengths or core competencies that can be better leveraged by designating IC elements to act as Service Providers for specific capabilities for the entire Community. The DNI designates the IC Service Providers who are responsible for determining investment requirements and using their respective acquisition and contract authorities to execute their IC ITE responsibilities. Currently identified common services and their respective providers include: the Desktop Environment, DIA and NGA; IC Cloud Services, NSA and CIA; Applications Mall, NSA; and Applications Stores, all agencies.
The IC ITE will be delivered in increments with Increment 1 (Initial Operating Capability, or – IOC) in FY13 and achievement of Full Operating Capability (FOC) planned in FY18. Increments for the IC ITE will include all activities required to plan for and implement IC ITE services, including scaling services across the IC enterprise, transitioning relevant legacy data and applications, and retiring legacy capabilities as appropriate. The initial IC ITE services focus on delivery of a common IC desktop, common back office tools, broader and standardized access to analytic tools and applications, and data-centric computing using complementary government-developed and commercial cloud architectures. Development of Increment 1 began in 2012 and ultimately intends to deliver enterprise capabilities for the IC Cloud Environment, the IC Desktop Environment, and the IC Applications Mall services. Future increments propose to deliver additional ITE services and capabilities based on mission needs, and will further define/refine governance, cost recovery business models, and additional efficiency opportunities. In five years, the IC expects all agencies to be leveraging this shared services platform with each providing or paying for enterprise services. This baseline platform and new Community IT ecosystem is expected to enable and encourage innovation to occur and to spread rapidly.
For industry, especially the IT vendors, one of the most important paragraphs follows:
The IC will lean heavily on industry to conduct R&D on enterprise solutions – COTs technology will likely predominate. Acquisition will be deliberate to provide some stability in enabling organized change. Outsourcing may be considered as long as vendors can meet service needs on a sustainable basis without sacrificing mission agility. Vendors depending on revenue streams from cost-prohibitive long-term license fees will likely find themselves disadvantaged as the IC ITE moves forward. Integrators who specialize in specific agencies may also be disadvantaged when the IC is seeking enterprise-wide solutions.
I encourage all technologists from all enterprises, even totally commercial enterprises, to review this INSA document for lessons learned for your particular organization. And for those who serve the national security community I encourage you to read closely both so you can see what is coming next and so you can provide input where you think it is necessary.
I have heard from IC IT leaders directly on this activity, and they genuinely want continued feedback. I’m working up thoughts for IC leaders myself on this. My inputs so far will probably be minor but my view is I must show friends in government that I care so I will provide input. I encourage you to do that as well.
One piece of input I’ll publicly state just for continued dialog: I found this summary of IC ITE views and vision to be overly simplistic in how “industry” is thought of. I think that may be because most IC CIOs and CTOs come from life-long careers in government. Or maybe it is because the document is just a summary and it doesn’t reflect the real nuanced views of IC IT leadership. But to try to summarize all that is not government under the term “industry” just falls flat with me. In the views of many who were interviewed for this summary, there is the government and there are vendors and it is that black and white. In the real nuanced world, there are many segments to American industry and to assume they are all the same weakens your ability to work with and influence and get the best from these many segments.
When it comes to IT, a useful segmentation of “industry” for national security decision makers might be: Systems Integrators, Service Companies/Consultancies and IT Vendors. Considering “industry” this way instead of as just one big blob can help inform and produce a more impactful strategy.
Here is how this sort of segmentation of IT related firms might look:
- Systems Integrators (SIs): Northrop Grumman, Lockheed Martin, Boeing, SAIC, Raytheon, CSC, Harris, GD
- Services Companies and Consultancies: the SIs do some of this but many firms specialize here, including CACI, BAH, ManTech, Camber, the FFRDC (Mitre, Aerospace) and many others
- IT vendors: Microsoft, IBM, Oracle, Google, Amazon, Cisco, SAP, HP, EMC, RedHat, Cloudera, Thetus, MarkLogic, Cleversafe, Terracotta, Fixmo, Recorded Future, Sitscape, Triumfant, Invincea, WayIn, etc etc.
I’d be the first to admit this segmentation of the IT industry is not perfect (some companies do not fit this model), but it has a bit more fidelity than lumping all industry into one term, and if it were used in the IC ITE it would allow a more meaningful expression of intent. For example, the INSA articulation of the IC ITE makes it seem that the IC views all of industry as traditionally embedding themselves in an IC element for years to provide all holistic IT support. Clearly this is not talking about all of industry, it must refer to the systems integrators. In other parts it talks of industry needing to change software license models. This makes more sense if it is aimed at the IT vendors segment, not services firms and usually not systems integrators. And portions which talk about the need for new educational and training for commercial workforces are probably focused on the Service companies. Lumping all kinds of industry serving IC IT needs into one term is sub optimal for many reasons which I will leave to readers to consider.