Ministry of Defence Head of Operate and Defend Alan Hill interview

Brigadier Alan Hill, the Head of Operate and Defend at the Ministry of Defence, is responsible for providing IT services and cyber protection to 250,000 people.

Some are on ships, submarines, vehicles or helicopters, in different countries, terrains and temperatures. Others are deployed in battle relying on such technologies to stay alive, while some are sitting behind a desk in an office in Whitehall.

But Brigadier Hill is tasked with making sure they all have the technology services they need to do their jobs, whatever their surroundings.

Meanwhile, he is currently working to boost skills within ‘Information Systems and Services’ – the MoD’s secretive Wiltshire-based IT branch that protects military interests in cyberspace – to help it move to the cloud and bring more IT services in-house.

Hill, who was previously CIO and Head of Information Superiority at the British Army, is also helping to replace the department’s ageing core infrastructure and prepare it for inevitable, regular cyber attacks. He has about 300 people reporting to him and he reports to Mike Stone, the MoD’s CIO, who joined in May 2014.

‘Always a challenge’ to find the right skills

The main task is moving from a contracting organisation to a “real IT organisation”, Hill says.

The department will shortly start to provide its own service integration and management after decades of outsourcing these functions to private suppliers.

The IT department will “take on a far more frontal role that takes a real cultural change,” he says.

Like most Whitehall departments, the MoD is splitting its large IT contracts into smaller, and, it hopes, more manageable ‘Tower’ deals with multiple suppliers, based on open systems and standards.

“Once we get the processes in place, the tooling in place and the people upskilled, then re-competing towers is a relatively quick and far cheaper affair,” Hill explains.

However success will rely in large part on the department’s ability to improve in-house skills, he says, something it is currently trying to do “right across the organisation”.

Hill says it is “always a challenge” to find design architects who understand new cloud and data centre technologies, not to mention people who can help run change management programmes and aren’t too daunted by the complexity of the MoD.

He says work to improve skills is the part of his job that is most front-of-mind.

“We’re taking on new responsibilities, we’re no longer a contract management organisation, and it’s our ability to get with the plan and stand up and take it, to be a mature enough organisation, such that we can do integration and management coherently.

“Now, we’ve got a lot of work to do with preparations, exercises and rehearsals, but it is a challenge. If it was easy it wouldn’t be worth doing I suppose,” he says.

The push to improve skills is already paying off, Hill says, in the change of status and understanding of IT within the department.

“It’s no longer a burden; it’s actually creating value throughout the department. And that’s an important switch.”

‘Cloud is the answer’

One of the reasons the department needs more modern IT skills is the department is currently examining the potential savings, benefits and risks of moving to cloud, he explains.

“Cloud is the answer. I think at the very least we’ll get to an MoD private cloud. Why would you not do that? The next is what you can do at government cloud level, a sort of hybrid solution,” Hill says.

However, Hill says the issue is a little more challenging “in the battle space”.

“So what does cloud look like in the battle space? If you have no access to the service, can you still operate? We’re working that through, trying to understand it,” he adds.

The fact the department understandably places so much emphasis on security also makes the move to public cloud more complicated, Hill says.

Defence as a Platform

The move to cloud is a small part of an overarching strategy called ‘Defence as a Platform’ recently set out by CIO Mike Stone, Hill explains.

The idea is to move from multiple siloed systems with duplicated functions to a unified, common architecture with shared components and a single department supporting all end user services, over the next year.

It is similar to the Government Digital Service’s plan for all Whitehall departments, but on a smaller scale.

The ‘DaaP’ plan will help to replace the MOD’s core network for all armed forces and civil service users: the Defence Information Infrastructure.

The system launched in 2010 after months of delays and costing hundreds of millions more than expected. It was developed by the ‘ATLAS’ consortium of HP, Fujitsu, Airbus Defence and Space and CGI.

Despite the fact implementation finally completed last year, the DII is “fundamentally old technology”, according to Hill.

It will be replaced by Office 365, thin client IT and smaller contracts for specific bits of tech, but in the meantime the department is trying to ensure it gets value for money from the existing contract.

A crucial part of ensuring the department does not repeat some of the problems with implementing DII will be how it procures and sets up the new contracts.

As part of this the MoD is moving to an “agile method of procuring” for IT, which will help to get away from a history of buying technology in the same way it buys battleships, Hill says.

Breaking the contract down into a number of shorter, more manageable deals, plus bringing the integration in-house, will make life much easier for the IT department and save the MoD millions, it hopes.

The pressure is on. Hill says he has “very clear targets to make by the end of this year” to support the replacement of existing IT deals. “Failure is not an option,” he adds.

Cyber security the ‘paramount concern’

Hill says his “paramount concern” is getting a slick cyber security operation up and running which has well-rehearsed, well-understood procedures for recovery, especially in the case of an emergency, like the leak of 21 million people’s details from the US Office of Public Management.

This is about ensuring you have easily repeatable, clear procedures for recovery with one person in charge of directing the response, he says.

“I’m now quite clear in my mind that planning for recovery is critical for when the cyber effects hit you; what are you going to do? There’s no point waiting until the day it happens. In commercial organisations sometimes it’s cheaper not to think about it until it happens, and then it’s going to cost you millions,” Hill adds.

He hopes a process-driven approach will ensure a clear, coherent response to breaches.

“It just happens, and there are no more arguments, ‘I didn’t get this’, ‘why did you do that?'” Hill says.

However this also links into the push to improve skills within the department, specifically within security.

“Cyber unit reserves are very important to me now. These are people who have decided to join the reserves with an existing skill set…frankly they’re going to help train us.

The focus for these recruits is not their fitness or ability in the field but their aptitude, skills, training and intellect. They could be literally anyone from any background, provided they have the right skills and attributes. “That is a huge change for the military,” Hill says.

Combat Radio replacement

Another major transition for the CIO’s team will be replacing its Bowman combat voice and data system, which has been in service for over a decade. It is likely to be a complex, incremental multi-year project, according to Hill.

The departments has to decide whether to replace it with a 4G network or a radio frequency network. It has to understand how to achieve very high availability whether it be on a ship, helicopter, on individuals in the field or vehicles, and has to figure out how to physically connect the network in an austere environment.

The MoD is facing many of the same issues as the project to replace mobile comms for the emergency services.

“I never cease to be amazed by how complicated it all becomes,” Hill admits.

“When 4G signal is available, you’ve got streaming video; when it’s down to 2G, you know you’ve got slow web browsing, and when it’s down to H, you just give up and just use voice don’t you. That sort of scaling is the challenge for live operations, but planning how to operate when there is no signal requires practice and initiative.”

“If you think about in the battlefield, how do you create that network? Is it off the vehicles? What if there are no vehicles? Can it still work?”