The DOD's $38.4 billion fiscal 2012 IT budget, up 4.9% from the previous year, represents 5.7% of the $670.9 billion total defense budget. The Army will consume the biggest chunk of those IT funds (26%), followed by the Navy and Marines, which manage their IT operations jointly (20%), and the Air Force (18%). About 36% of the budget goes to IT activities that span the military branches and to agencies such as the Defense Advanced Research Projects Agency (DARPA) and DISA.
It's significant that the DOD is increasing IT spending at the same time it's cutting billions from the overall budget. That's partly a spend-to-save rationale, but it's also a realization that DOD's more than 2.1 million employees need new and better technologies to do their jobs. The biggest line items in the defense IT budget are IT infrastructure ($16.5 billion); air, land, sea, and space networks ($5.7 billion); logistics ($3.1 billion), and cybersecurity ($2.8 billion).
Spending will increase this year on IT infrastructure, networks, command and control systems, and "battlespace" intelligence. It will decrease on logistics, HR and financial management, and training. The DOD is looking to optimize its IT spending through increased oversight by investment review boards, broader use of enterprise architecture, improvements in tech acquisition, and a focus on energy efficiency.
The CIOs of the military branches and agencies have been instructed to leave no stone unturned. Not long after the fiscal 2012 budget was released, Air Force CIO William Lord outlined $1.2 billion in savings to be gained over five years by consolidating data centers and telephone switchboards, optimizing networks and bandwidth, and combining the Air Force's purchasing power with other branches. But Lord's ability to drive such changes is limited by the nature of the business. More than half of the Air Force's IT budget is spent on technology that goes into weapons systems that are outside his control.
Navy CIO Terry Halvorsen last month issued a memo to his staff outlining the steps taken to improve IT efficiency at the Navy and Marine Corps. Tech purchases of $1 million or more must go through a business case analysis, then be approved by the CIO or deputy CIO. The Navy has a moratorium on purchases of data storage until it determines whether the needed capacity already exists. And it's looking to centralize enterprise licenses, telecom, and training, while evaluating services shared across military branches.
The DOD wants its tech providers to get with the agenda. For example, the manager of the Naval Enterprise Program Office instructed bidders for the Navy's multibillion-dollar Next Generation Enterprise Network contract to "be innovative to lower costs." RFPs are due in December.
The overall defense budget is subject to further cuts, including hard-hitting measures that would kick in should a congressional "supercommittee" fail to reach agreement on federal deficit reduction. "We're going to have continuing pressure on our FY 2012 and FY 2013 budgets," Takai says.
Research firm Deltek expects the DOD's IT budget to keep growing, albeit at only 1.3% annually over the next few years. The Pentagon "will have to reprioritize on need to have rather than nice to have," says Deltek analyst Deniece Peterson. "Budget constraints are definitely coming."
The DOD's spending on cybersecurity, budgeted at $2.8 billion in fiscal 2012, is flat compared with a year ago. That's surprising given the DOD's intense focus on cyber defenses and its recent decision to develop offensive cyber capabilities. However, that $2.8 billion doesn't tell the whole story. The DOD's budget includes an additional $119 million for Cyber Command and $50 million to be spent by DARPA on cyber research programs.
In testimony before Congress in April, Takai identified where some of that funding will go: public key infrastructure-based identity cards for access to the classified SIPRnet; new investment in an existing intrusion-detection application called the Host-Based Security System; expanded continuous monitoring capabilities; and improved identity management.
More has been piled on since April. In July, the DOD introduced its Strategy for Operating in Cyberspace, which identifies a handful of strategic initiatives and defines cyberspace as an "operational domain" around which it organizes and trains. That puts critical IT infrastructure on par with land, sea, air, and space when it comes to the military's attention and resources.
Last month, Army Gen. Keith Alexander--who's both commander of Cyber Command and director of the National Security Agency--took that strategy a step further. Alexander disclosed that "rules of engagement" for cyberspace have been submitted to the Pentagon's Joint Chiefs of Staff for approval. For the first time, military planners are contemplating what constitutes a cyberwar and the circumstances around which the U.S. would go on the offensive.
Takai's relationship with Cyber Command will be pivotal to the execution of these new initiatives. Based on the revised job description that awaits approval, the DOD CIO will provide "civilian oversight" and collaborate with Cyber Command on its tech investments.
"She sets policy, we do operations. I think that's the key," Alexander said a few weeks ago, when InformationWeek talked with him at an Information Systems Security Association event. "That's also part of the complication, in terms of how do we set that up." He credited Takai with facilitating dialogue among the military branches and Cyber Command about how to work as a team. "Teri has been a great person for collaboration," Alexander said.
The DOD still has work to do in articulating roles, responsibilities, and lines of communications between Cyber Command and other defense units. The Government Accountability Office, in a July report, pointed to "confusion" over command and control authorities when a major computer virus infected a DOD network. And it said the DOD faces "capability gaps" and a cyber skills shortage.
Such issues are sure to factor into planning as the military's CIOs put in their requests for next year's fiscal budget. "We have to make some decisions around where we may need expenditures from a cyber perspective," Takai says.