The government's 'Fusion' plan is about bringing national security capabilities together. Here, PA Consulting examines the likelihood of success
It’s been another year of big anniversaries. So far in 2019, we’ve marked the first moon landing, D-Day and the fall of the Berlin Wall, and with it the end of the Cold War. That last milestone, in 1989, resonates personally for me because it signalled the start of dramatic changes in Britain’s Armed Forces, which I was serving in at the time. But this isn’t just nostalgia talking. I believe the changes that were triggered then for defence contain valuable lessons for the wider national security community as the government grapples with a new idea it’s calling ‘Fusion’. As the name suggests, it’s about bringing national security capabilities together to ensure the whole is greater than the sum of the parts. But that could be a lot less simple than it sounds.
So, what corner did the armed forces turn in 1989? The UK expected the end of the Cold War to yield a peace dividend by diverting funding away from defence. Then, shortly afterwards, the first Gulf War showed the separate structures of the Navy, Army and Air Force weren’t right for what was a very different type of expeditionary conflict. The armed forces accepted they had to overhaul how they were structured and deployed.
The result was a fundamental shift in organisation and ethos. For joint (multi-service) and combined (multi-national) operations, the force elements of the three single services were brought under the command of a new Permanent Joint Headquarters – effectively, the commanders of each service ceded decisions about operational deployments to the Joint Commander, whilst they retained responsibility for generating combat-ready units at the appropriate readiness and sustainability. Also, there was a lot of organisational de-layering. By the time of the second Gulf War in 2003, 17 command-level formations[1] had become just three ‘Front Line Commands’ (later four with the addition of Joint Forces Command from 2010). And the armed forces were, and are, much more effective for it.
Threats converge
Now, it’s the UK government as a whole that’s rethinking how it operates. The country faces new challenges that cross the boundaries of government departments. The threat of cyber-attack, for instance, doesn’t just confront one part of the public sector, but many. We expect the Department of Transport and the Department of Health to field a unified response to attempts to hack the road network or hospital IT systems, for example. That makes public money go further by removing duplication of effort and scarce, high-value skills. And it extracts maximum value from both departments’ work.
That’s the kind of thinking behind Fusion. Championed by the Cabinet Office and following on from the 2018 National Security Capability Review, it sees the UK pooling its full-spectrum national security capabilities to meet the strategic objectives of protecting our citizens at home and abroad, promoting economic prosperity and projecting the UK’s influence globally.
It’s a big demand on a government that’s often focussed on departmental objectives; pursuing their own goals in their own ways. Departments rise to the challenge of collaboration in a crisis, but this isn’t persistent. But it’s far from inconceivable that they could rewire themselves. The example of post-Cold War defence restructuring is powerful because it shows how very different organisations, each with their own distinct culture, history and ways of working, can adjust relatively quickly to a joint ethos.
It also shows how change on this scale is possible if there is an imperative for change and everyone involved understands the personal and collective benefits.
Joining forces
The evolution of the National Cyber Security Centre shows the approach starting to take hold in government. It’s a relatively small and nimble organisation that presents a ‘single front door’ to channel and co-ordinate the collective effort envisioned by proponents of Fusion. The UK’s response to counter-terrorism is another strong example, fusing the collective resources of security and intelligence agencies, police and armed forces.
More recent examples show similar moves in the right direction, with the increasingly joint efforts by the Home Office, Department for Digital, Culture, Media & Sport, National Crime Agency and Police, supported by intelligence agencies, industry and third sector organisations to counter online harms, although this response currently lacks that ‘single front door’ to orchestrate the collective response.
Changing heads, hearts and habits
These examples suggest there’s a base to build on to make Fusion work. But making that happen will be about changing heads, hearts and habits. The ‘heads’ part is about realising and accepting the need for change, as the Armed Forces did in the 1990s. When it comes to operating effectively in the information age, and fighting cyber threats, the Government’s immediate challenge is to confront the shortage of people with advanced digital engineering and cyber skills. The growth of the digital economy is creating a war for talent, with the draw towards higher private sector salaries counterbalanced in part by the mission and purpose offered by national security roles. There are pockets of brilliance, such as Government Communications Headquarters’ cyber apprenticeship scheme, but this takes only a small proportion of the annual applicants. Extending the Fusion approach to talent management would enable Government departments, the armed forces, agencies and police to attract, recruit, train, develop, manage and retain these highly skilled people centrally. And this process would engender a strong ‘Fusion ethos’ in the recruits – and future leaders – it takes on.
Similarly, government is investing heavily in the technical infrastructure and tools to manage data acquisition, analysis and knowledge management for defence, the UK’s intelligence and law enforcement communities, borders and immigration, and the cyber security realm. Despite sharing common data exploitation challenges, these environments have five different infrastructure solutions, driven perhaps by the fact each is governed by separate legal regimes and policy constraints that permit different levels of intrusion according to the threat and harm. Rather than paying repeatedly to design and build similar data architectures, ‘total Fusion’ would permit departments to ‘build once and use many times’, with the focus of unique investment shifting from physical infrastructure to legality, policy and data ethics.
Of course, these organisations, and the people in them, need to want to work like this. This is where ‘hearts’ come in. In the armed forces, it became clear that the people who invested fully into the new joint ethos unlocked opportunities to progress faster and further to higher command and the most highly-prized leadership roles. A joint services command and staff college reinforced the value of this approach to mid-ranking officers and officials, whilst single-service recruit training preserved the underlying pride and association with the unique culture and values of each Service. Making Fusion a reality will need a similar combination of training and incentives to re-gear how people think, work and interact with each other.
Habits are closely related. Once hearts are won and the value of collective working becomes ingrained, the actions that make change happen come more naturally. They shift people progressively towards thinking and acting differently. Even so, it will take some ‘nudges’ to help this process along. For the forces, these small adjustments happened over several years. One example was the growing emphasis on ‘network enabled capability’ (NEC), the idea that embedding connectivity and interoperability between systems was the key to more effective operational performance. Embracing NEC became a must in funding pitches. And the result was a stream of ideas that wouldn’t have happened otherwise - a classic case of a constraint that liberates.
Committing to Fusion
So, the government stands at a tipping point. It’s shown signs of being able to adopt a new way of thinking. But the all-out commitment is missing. By the early 1990s, the armed forces were facing a ‘burning platform’ - the political expectation of a peace dividend and a chastening battlefield experience had made the case for change unarguable. In contrast, today’s situation facing the wider security community is more like a ‘cooling bath’ - it’s getting ever more uncomfortable, but without the imperative to get out. The situation isn’t changing noticeably enough to spark decisive action, but it is changing nevertheless. Does the nation need to wait for a deeper public spending squeeze before making a change? Or will it take the opportunity now?
You can read more insights from PA Consulting here, or download their free report on new strategies for combatting online CSEA here.
[1] In 1989, the Royal Navy and Royal Air Force each had two operational commands; the Army had three (one in the UK, one in Germany and one in Northern Ireland) plus each had their own single-service personnel, training and logistics commands.