25 June 2000. Thanks to Richard Lardner, Inside the Air Force.

See also InsideDefense.com

Inside the Air Force, June 23, 2000

Hayden creates new offices, plans to hire acquisition chief


Richard Lardner

The National Security Agency has revamped its corporate hierarchy, creating several posts that defense officials believe will substantially improve business operations and allow the signals intelligence organization to better manage its highly stressed information processing infrastructure.

In a series of unpublicized moves made during the past six months, NSA Director Lt. Gen. Michael Hayden has moved key management support, business and budget functions from the Ft. Meade, MD-based agency's various directorates into newly established offices. The goal is to allow the directorates to concentrate on their day-to-day assignments, which range from information assurance to signals intelligence operations to technology development, while eliminating bureaucratic bottlenecks that prevent the agency from running at peak efficiency.

"There is a fiscal component to recovery. There is a technological component to recovery. But the proximate and the underlying cause of this is how we do business," Hayden said during a June 13 interview.

Below Hayden, NSA now features a chief financial manager, a chief information officer, a senior acquisition executive and a transformation office, which is responsible for requirements and systems engineering. A subset of the CIO shop is a division called Information Technology Infrastructure Services that has the authority to reject operational requirements if they would overwhelm the agency's IT infrastructure.

NSA handles the nation's signals intelligence duties and provides security for classified information systems. Hayden's reshaping comes as the intelligence oversight committees on Capitol Hill have, once again, expressed concern the agency is relying on antiquated business methods and equipment to deal with a world in which technological innovation is moving at a breakneck pace. Of major concern is the agency's IT infrastructure, an aging collection of intelligence processing and distribution systems. In January, a software anomaly caused serious problems with the systems and compromised NSA's operations for nearly three days.

Additionally, NSA has been criticized by lawmakers for employing a weak budgeting system, a preference for internal solutions to technical challenges, and a compartmented approach to capability development that has led to what the House Permanent Select Committee on Intelligence, in May 1998, referred to as the "bubbling up" of disparate ideas and programs.

The establishment of a chief financial manager's office -- first reported by Inside the Air Force last December and formally announced by NSA in early January -- was necessary because NSA was "making decisions that were more based on intuition and instinct rather than hard fiscal data," Hayden told ITAF.

"It wasn't a question of ethics, or legalities -- we could account for every penny," he said. "We were very good at that. What we couldn't do [was] use money as a management tool.

"I knew exactly how much activity X cost. I knew when we spent the money, I knew what it cost, I knew when it was appropriated. But we didn't really have the ability to aggregate all activity Xs and portray them to the agency as, 'Hey, by the way, do you realize this is what activity X cost you around the world and do you really want to be spending [this] percentage of your budget on activity X as opposed to activity Y?' We couldn't do that. We couldn't pull the thread and aggregate what it was we were doing as an enterprise in order to make strategic decisions on direction.

"You're never able to answer the question 'How much does a pound of SIGINT really cost?' But you can get better than where we were, which is, 'I'm not so sure what we get out of activity X globally but I know activity X at that location costs this amount of money.' You can run an enterprise on that, but you can't strategize an enterprise on that. You can't make judgments about strategic direction based on that kind of information."

Hayden hired Beverly Wright to fill the chief financial manager's slot (ITAF, Dec. 10, 1999, p1). An "outside" hire, Wright spent 26 years in the financial management industry before coming to NSA. She reports directly to Hayden and serves on his executive leadership team. "She owns all the financial managers on campus," Hayden noted.

Since coming to NSA, Wright has been working to set up a budget system that defines various activities so each NSA directorate has a clear understanding of how costs are being aggregated. "What's been done to date . . . almost has been done by hand," Hayden said. "We don't have the financial management system to do that automatically."

The acquisition executive has yet to be hired, although Hayden is interviewing several candidates while continuing the search (see related story). According to the House intelligence committee, NSA's shortcomings in the acquisition field are significant and must be repaired quickly. In particular, the agency can no longer allow "multiple subcomponents to decide what capabilities to build, because the result today can be wasteful duplication and crippling gaps in capability," the committee said in its FY-01 intelligence authorization report.

Once a requirement for a system is defined, a key responsibility of the NSA acquisition executive will be to decide whether to buy it or have NSA's engineers and technicians build it. "The historical instinct for NSA has been to make," Hayden said. "That's based upon good historical reasons, like [the products] weren't available elsewhere -- only NSA did this stuff. Well, that's no longer true. Far more of what it is we need, we have the opportunity to buy it rather than make it."

The House intelligence committee urged the committee to "position itself to make ruthlessly honest assessments about in-house development or contracting out." The agency's recent decision to move ahead with a major deal to outsource much of its IT support work was cited by Hayden as a step in that direction.

The prospective $4 billion contract, which NSA plans to award next year, is known as Project Groundbreaker (ITAF, March 3, p2; Jan. 28, p5). The agency earlier this month called the effort a "dramatic change in NSA's longstanding IT operations" that will "refocus agency assets on core functions that directly support its national security missions."

"There's a real planting your right foot and cutting hard to the left here," Hayden said. "We made a decision to put ourselves on a path that will have us buying most of our information technology. Now, there are off-ramps here: What do the contracts say? What is the nature of the specs?

"But essentially, we wouldn't go down this path if we weren't confident this is worth doing. So now, we'll look carefully, we won't do anything stupid, but at the end of the day I would expect us to do exactly what we set out to do, which is a significant portion of stuff we used to do in-house will be done for us by contractors.

"The phrase I used with the workforce and others is that then 'narrows our front' -- it's stuff we don't have to do, we don't have to worry about it. We have to write a check for it, and we've got to hold [vendors] to standards and we're going to do that. But now the agency can concentrate on things that industry can't do for us, that we've got to do ourselves."

Working closely with the acquisition executive will be the National Security Agency/Central Security Service Transformation Office headed by Mike Green, a career NSA employee. The NTO will help drive the agency's modernization effort with an emphasis on ensuring that security management and information assurance "are built-in from the ground up," according to a description of the NTO provided by NSA.

"The office will be specifically responsible for end-to-end systems planning, authorization, and oversight of all SIGINT modernization activities," the description reads. "This office will not do the hands on work of modernization itself, but instead will see that the right work is planned and done in the right order."

NSA's chief information officer is Ray Holter, a longtime NSA executive who has been given a "very strong" charter, Hayden said. According to an agency statement, Holter provides advice and guidance "on all issues pertaining to information technology and information systems." More specifically, Holter is responsible for IT/IS strategy, cryptologic architecture and standards, security of NSA networked information systems, IT/IS policy and external partner agreements, and implementation of IT/IS performance management.

The Information Technology Infrastructure Services (ITIS) office under Holter is a significant addition, according to Hayden. To staff the ITIS office as well as other elements of the CIO structure, Hayden took IT personnel from the agency's directorates, a move he acknowledges caused a bit of "angst."

The ITIS shop is run by Hal Smith, an NSA alumnus who rejoined the agency after a long career in the private sector. Most recently, he served as president of SSDS Enterprise Network Solutions.

Smith's office will ensure NSA's "scarce resources" are devoted to the primary SIGINT and information security missions. Accordingly, Hayden said the ITIS office would help the agency avert the information processing problems it experienced in January.

"The root cause [is] we had a software anomaly and the system went 'bang," Hayden said. "That's true. But why did the system go bang? The reason the system went bang was prior to that time we did not have a central office responsible for information technology backbone.

"By default almost, our IT backbone was parsed out inside each of [the agency's directorates]. Each of those [directorates] is driven by the demands of day-to-day operations. And so they expanded the IT system to meet daily, recurrent mission needs. And no one was charged with, and therefore no one was responsible for, adding up the cumulative effects of each of these daily operational decisions, seeing what its impact was on the ability of the systems to handle that load, and then make the tough decisions to say, 'We can't do that. I know it's operationally needed, but the system can't sustain that over time.' That was not done. That was an acultural approach. Our cultural approach was [to use] the IT you needed to do the mission. And you didn't have the charge, nor the time, nor the ability, to look behind the screen and to see what each of these individual decisions were doing with the overall IT structure.

"The first fix was to put someone in charge of the system . . . and to say no to legitimate daily operational needs because the system can't handle it. That is the big change," Hayden said.

"That's what we've done by taking all those IT professionals and all the IT money and all the IT systems and taking them out of the key components and saying they belong [in ITIS]."

Hayden does not expect that his transformation of the agency's upper echelons, much of it carried out under his "100 Days of Change" initiative, will be difficult to implement.

"To make this happen, I think this is actually relatively easy. . . . I think the merits [of the corporate restructure] will become so obvious so fast that it's not going to be real hard to do," he said. 

_source: Inside the Air Force
_date: June 23, 2000
_issue: Vol. 11, No. 25

© Inside Washington Publishers

Inside the Air Force, June 23, 2000


Richard Lardner

The National Security Agency is planning to hire its first-ever senior acquisition executive to steer the agency's massive information infrastructure modernization program, a move that shows the organization recognizes the significant technological challenges it faces as well as NSA's lack of expertise in the procurement field, DOD officials said last week.

In a June 13 interview, NSA Director Lt. Gen. Michael Hayden said he is looking outside the agency for qualified applicants to fill the newly created post. The new hire, he said, could come from industry or government, but ideally would have substantial acquisition experience in both sectors.

"It could be somebody from the intel community, somebody from the defense community, and it could be somebody from industry," he said.

Hiring an SAE is "necessary because acquisition is not a natural strength of a SIGINT or information assurance organization," Hayden said. "It isn't something that you develop naturally here. And given the technological challenges we had to meet . . . combined with limited resources, we have to be really good at acquisition processes."

NSA is working to modernize its aging information technology backbone, which processes and distributes the signals intelligence collected by various platforms as well as its internal communications systems. The agency, however, faces a significant number of challenges in accomplishing that task. In its fiscal year 2001 intelligence authorization report, the Senate Select Committee on Intelligence noted that as NSA's budget has dropped over the past decade, the agency  "systematically has sacrificed infrastructure modernization in order to meet day-to-day challenges. Consequently, the organization begins the 21st century lacking the technological infrastructure and human resources needed even to maintain the status quo."

According to the House Permanent Select Committee on Intelligence, a January computer failure at the agency underscored the scope of the problem. The failure was caused by a software anomaly and affected the processing of intelligence information for about three days, forcing the agency to use back-up systems (Inside the Air Force, Feb. 4, p11). In its FY-01 intelligence authorization report, the committee said a lack of resources for infrastructure modernization was a factor. However, "the mismanagement of outdated information technology resources, and the lack of sufficient acquisition processes and expertise" were also factors.

NSA has long relied on its own workforce for technological solutions, a practice that must change given the sweeping and rapid advances being made in the commercial telecommunications world, the House intelligence committee added. "NSA must be organized and operated as a single, cohesive enterprise, within a common tasking, processing, exploitation and dissemination framework," the committee wrote. "NSA must also take a hard look at the extent to which a relatively small number of government engineers, however talented, can be expected to keep up with the massive and dynamic commercial industry."

As the agency looked to change the way it did business, Hayden said it became clear a senior executive with substantial authority would be needed to make sure NSA buys the right equipment for the right price. It also became clear, he said, that "there's nobody within NSA today that would fit" the SAE job description. "I've made the judgment, right or wrong, that we haven't grown anyone that should be at the top of that organization. We do, by the way, have great people," he said.

The SAE, who will report directly to Hayden, will be charged with deciding whether certain systems should be built by NSA or by the private sector and expanding the agency's contractor base. Other duties will include ensuring systems acquired meet requirements and schedule and cost goals.

The SAE will be responsible for "all those questions about cost, schedule, milestone decisionmaking, whether or not you're meeting requirements, the buy vs. make decision [and] the expansion of what has been criticized, I think accurately, as a very narrow contractor base," Hayden said.

Hayden is conducting a broad search for his new SAE.  Prior to placing an advertisement for the position in the June 11 edition of The Washington Post, he had narrowed a list of 30 candidates to six. "I'm interviewing those now and we'll see what comes with the ad," he said.

The ad notes that a "dedicated senior acquisition executive is essential to address acquisition deficiencies within the NSA and issues such as process improvement, workforce development, oversight enhancement and reporting effectiveness. This individual must be the one who authorizes the expenditures of funds within the acquisition management process (acquisition decision points).

"Successful future mission accomplishment at the National Security Agency, as well as the magnitude of acquisition in both technology and dollars, requires a dedicated acquisition executive," the ad reads.

_source: Inside the Air Force
_date: June 23, 2000
_issue: Vol. 11, No. 25

© Inside Washington Publishers