To the Honorable Mr. Carey:

Bob! (May I call you Bob?) Bob, the many sailors who read my columns will attest to the fact I love you guys. When it comes to military network operations, I always bet on the squids — and that’s saying a lot when you realize I was one of the first four certified USAF information warfare crew chiefs.

You & I both know lives will someday hang in the balance for military network operations. I don’t think I can save my future airmen, but I do think I can save your future sailors. I’ll save your guys by telling you why my guys will perish.

An open letter to U.S. Navy CIO Robert J. Carey

I’ll use an “Airsop’s Fable” to help put you in the right context.

…Let’s say a pilot squadron invites the wing safety officer to a “beer call.” He flies a desk these days yet he remains a popular figure. The crowd shouts “Roast Beef!” as he walks into the officers’ club.

The squadron commander pipes up. “Hey, I don’t think you’ve met our new hot stick. Nosedive, meet Roast Beef.” The two shake hands. “The commander was just telling us about your Desert Storm days, sir,” the young pilot says with a smirk. “Ugh!” says Roast Beef. “I was your age back then, kid. And everyone who watched the cockpit video swore that herd looked like a convoy.”

Nosedive gets a weird look on his face. “Well, sir, I gotta head home. Great to meet you.” They shake hands … and Roast Beef finds himself holding a small slip of paper with “CZAR 52” written on it. He casually slips it into his pocket.

The wing safety officer soon heads for the bathroom. Standing in a stall, he pulls out the slip. On the back it reads “FALCON 44, Tues Noon.” He pockets it and returns to his colleagues as if nothing happened. Eventually he buys the last round and heads out the door.

On his way home, Roast Beef sidetracks to the flight operations center. The schedule includes a four-ship training mission on Tuesday with Nosedive flying as “FALCON 44.” As you might guess, the wing safety officer drops by for an unannounced visit on the day of the flight.

Standing on the tarmac, he asks Nosedive a straightforward question. “You think there’s an insti­tu­tional CRM failure going on, kid?” The pilot nods. “It’s Mad Dog. We’re all protecting him so he can keep flying.”

The wing safety officer remembers “Mad Dog” got his call sign at a previous base when he mistook a NATO pilot for an aggressor during a Red Flag exercise. “Mad Dog isn’t hotdogging or anything like that,” Nosedive assured him. “It’s just that … for maybe like five seconds after a break hard left, he just doesn’t act normal. He’s fine in any other direction, sir. But it’s white knuckles for the rest of us when he banks left.”

The wing safety officer ponders it. “And the Doc?” Nosedive shakes his head. “Mad Dog’s green on medical. Nobody wants to tell the Doc because he’ll just dee-niff Mad Dog.” Translation: fellow pilots know the flight surgeon will remove a pilot from flying status if he suspects anything.

Roast Beef knows he must ask the next question. “Do you know your commander trained under Mad Dog’s father?” Nosedive nods. “Do you think you’ll get punished for telling me this?” The young pilot looks him right in the eye. “He wrote that slip of paper. He can’t bear to hurt Mad Dog, but he can’t afford to go to his funeral…”

The crash of “CZAR 52” in 1994 cost four men their lives due to an insti­tu­tionalized failure of CRM, or crew resource management.

I insist USAF suffers from the same problem right now in its cybernetwork realm. Their middle managers cut their teeth in a server room, not in a cockpit or an operating room. They do not understand the life-or-death importance of CRM — and their lack of understanding only contributes to their muddled groupthink consensus. To paraphrase Defense Secretary Robert Gates:

"The Air Force does not have a clear, dedi­cated autho­rity respon­sible for the nuclearcyber enter­prise who sets and main­tains rigorous stan­dards of operations."

Sadly, I believe USAF’s muddled groupthink consensus will cost some airmen their lives. They’ll need to learn the hard way from a “CZYBER 52″ event before they truly realize the need for CRM in cyberspace.

You can save the lives of future sailors by helping today’s sailors understand the need for CRM in cyberspace. I’ll bet on you to succeed.

Most Sincerely,

Rob Rosenberger

PS: I wanted to write this open letter to USAF’s CIO … except he hasn’t updated the content of his website since he took office in December. Go figure.

Dear Mike (may I call you Mike?),

Let’s talk about the race between the military services to codify a DoD-centric cyberspace mission. As you know, USAF insists they hold the lead in cyberspace. But as I explained in a previous column, they have “no focused single vision for cyberspace.” Worse: USAF’s muddled groupthink creates a situation where the cyberspace mission serves the bureaucrats, not the other way around.

An open letter to USAF CIO Lt. Gen. Michael Peterson

Mike, I hateneed to say this… I know you can’t articulate a focused single vision for a DoD-centric cyberspace mission. (I can’t either, so don’t feel bad. Neither of us qualifies as the next Billy Mitchell.) But if you’ve got real guts, Mike, then you can do a lot for the Air Force — by demanding an aggressive single voice in cyberspace doctrines & policies.

Let’s begin with a very simple example, Mike. Something like, oh, that logon banner every Chinese military hacker sees when he breaks into your networks. This rambling EULA has undergone too much bureaucratic pencilwhipping over the years. I’ll quote the mandatory banner in AFI 33-219 para A3.3.6:

This is a Department of Defense computer system. This computer system, including all related equipment, networks and network devices (specifically including Internet access), are provided only for authorized U.S. Government use. DOD computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, survivability, and operational security. Monitoring includes active attacks by authorized DOD entities to test or verify the security of this system. During monitoring, information may be examined, recorded, copied, and used for authorized purposes. All information, including personal information, placed on or sent over this system may be monitored. Use of this DOD computer system, authorized or unauthorized, constitutes consent to monitoring of this system. Unauthorized use may subject you to criminal prosecution. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal, or other adverse action. Use of this system constitutes consent to monitoring for these purposes.

Okay, Mike. Let’s rewrite it with an aggressive single voice, shall we?

Use this computer system only for authorized U.S. Government (USG) purposes. Any use of this system constitutes consent to monitoring. USG monitors its computers & related equipment, networks, and Internet access for all lawful purposes such as to detect unauthorized use. Authorized USG personnel may actively attack this computer to verify its security. USG may examine, record, and use for any authorized purpose any information including personal data if placed on or sent over this system. USG may use any evidence of unauthorized use for adverse administrative or criminal action.

You see, Mike? An aggressive single voice can say the same thing in half the words and can phrase it for the entire federal government, not just the Pentagon. I can show you how to rewrite USAF’s Cyberspace Policy Directive 13-3 if you need another example.

(Yes, Mike, I suppose you could apply an aggressive single voice to those mind-numbing daily SPINs. But please, let’s not get sidetracked by present-day aerial contributions to ONE/OEF/OIF. Follow the lead of your recently ousted Chief of Staff — stay focused on the pivotal role cyberspace will play in future wars.)

I know what you’re thinking, Mike. “HAF/JA won’t like your rewrite of the logon banner, Rob.”

C’mon, Mike: we both know lawyers don’t like anyone’s original words. They’ll change every draft document that touches their ornate mahogany desks. Those shysters would revamp the Bible, the Koran, and the Torah if they ever got the chance. “This Gospel of John is all well and good, Mike, but we need to change 3:16 from ‘gave’ to ‘sent’ before I’ll let it go up the approval chain for the LORD’s signature…”

Bureaucrats and lawyers alike hate an aggressive single voice. The mediocrity of their positions compels them to make even the most trivial changes to a draft document just so they can feel like they earned their sage wages. “This Happy and Safe Fourth of July email is all well and good, Mike, but we need to change ‘happy’ to ‘glad’ before I’ll let it go up the approval chain for the Chief of Staff’s digital signature…”

Mike, you probably think I blame bureaucrats and lawyers for screwing up USAF’s quest for a cyberspace mission. “You must believe they’ve got a Medusa-like writing style that turns to stone any document they look at.” As a matter of fact I do believe it — and you can do a lot for USAF by removing their dialects from cyberspace doctrines & policies.

Listen to me, Mike. Bureaucrats and lawyers speak & write in their own synthetic dialects, similar in many ways to a regional patois like the Cajun and Quebec dialects. Lawyers favor the Legalese English synthetic dialect, doctors favor the Medicinal English synthetic dialect, and bureaucrats favor the Bureau-American synthetic dialect. An aggressive single voice favors the E-Prime synthetic dialect. (Read Tongue & Quill pp.73-75 for starters.)

If we can say “a synthetic jet fuel is still genuinely a jet fuel,” then we can say “a synthetic dialect is still genuinely a dialect.” Synthetic or not, you must use the right fuel for a particular engine and you likewise must use the right dialect to express a particular concept. USAF has chosen the wrong dialects to express its concepts for cyberspace, Mike. You can change this if you’ve got the guts.

Mike, the great USAF visionaries like Billy Mitchell and John Boyd never spoke Legalese with a Bureau-American accent. Do you honestly think a great cyberspace visionary will talk like a bureaucrat?

Ask yourself an obvious question, Mike. “When I first saw this guy’s aggressively written logon banner, did I instinctively want to make ‘subtle but important’ changes to it?” If you answer “yes,” then it proves you speak & write in the wrong dialect for a DoD-centric cyberspace mission. Still, Mike, you can do a lot for USAF’s cyberspace doctrines & policies if you mandate the correct dialect.

If you do just this one thing, Mike, you’ll pave the way for the next Billy Mitchell. Do you have the guts it will take to mandate it?

(Uh, please don’t ask me to help you develop an aggressive single voice. No offense, Mike! I really do want to save myself for the next Billy Mitchell. He’ll need all the help he can get and I need to look clean & smell fresh when he beckons for me.)

Oh, wait! Perhaps I should ask two more obvious questions:

1. Is DoD itself in a race between the Cabinet secretaries to codify a cyberspace mission across the entire Executive branch?
2. Is the Oval Office itself in an even bigger race with the Legislative and Judicial branches to codify a sovereign cyberspace mission?

If you answer either question with a “yes,” then you can temporarily ignore the fact USAF needs an aggressive single voice for cyberspace doctrines & policies. Why? Because Washington will refuse to let the Pentagon implement its own focused single vision for cyberspace until all of the muddled USG bureaucracies finish all of their own little turf battles with each other.

Or until China reclaims Taiwan by exploiting USAF’s groupthink mentality in cyberspace. Whichever comes second…

Most sincerely,

Rob Rosenberger
SecurityCritics.org

cc: Mr. John Grimes, Pentagon CIO
cc: Mr. Robert Carey, Navy CIO
cc: Lt. Gen. Jeffrey Sorenson, Army CIO