Background of the Project

The report grew out of an effort by the National Research Council (NRC) and other groups, such as the Institute of Electrical and Electronics Engineers (IEEE), to observe lessons from the Y2K experience that might be applied to CIP and other areas. The assumption was that there would be a number of critical, highly visible failures. Y2K could be studied as a surrogate for information warfare attacks, with the ultimate goal of making systems more resistant.

Planning meetings were organized in mid-1998. In mid-1999 NRC volunteers and staff began working with Air Force personnel from the Information Warfare Defense (a unit attached directly to operations in headquarters) and the Air Force Y2K Office (AFY2KO) to establish the case study. Interviews were conducted at a continental United States (CONUS) base and an outside the continental United States (OCONUS) base before and after the end-of-year rollover. These interviews involved not only base working groups but also policy-making units at the major command (MAJCOM) and headquarters (HQ) levels. Supporting telephone interviews were conducted throughout the project. On April 14, 2000, an all-day Air Force–wide Y2K Lessons Learned Workshop was held in Washington, DC.

Staff turnover at the NRC resulted in significant delays in the completion and publication of the report. Notwithstanding the delays, the author and the NRC believe that the insights generated by the project have long-term relevance and merit a wide audience.

The Air Force and Y2K: Shifts in Perception

ICT is critical to almost all Air Force mission and functional objectives, including maintaining readiness in the face of uncertainty. While information warfare, offensive and defensive, may be a unique element of the military management challenge, the Air Force’s concern that increased functionality and connectivity can lead to increased vulnerability is relevant for any technology-dependent organization. While security risks generally arise from outside threats to systems, threats to information assurance often emerge from internal system complexities.

The Air Force encompasses nine major commands and has a complex organization for managing and funding ICT. Responsibility lies in the Chief Information Officer’s office, but as in other large and diverse organizations, there is a wide gap between the executive agency and the distributed, frontline, operational management and use of ICT.

Ensuring the availability of experienced ICT personnel also presents challenges. For the Air Force, these include competition with the private sector and regular shifting of personnel (temporary duty, or TDY). As the Air Force is highly dispersed geographically, functional units may face very different environments, funding, and infrastructure, particularly CONUS versus OCONUS bases.

A variety of perceptions became attached to the Y2K problem, both before and after. The widespread attention and news coverage linking the event with the new millennium, along with frequent mention of possible catastrophic failures, fostered numerous misconceptions of the problem but was helpful in ensuring that resources were



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement