• Vice Adm. Nancy A. Norton, USN, director of the Defense Information Systems Agency (DISA) and commander, Joint Force Headquarters Department of Defense Information Network, reports that the interagency and international partnerships DISA has forged have strengthened the protection of critical assets around the world. Adm. Norton was the opening keynote speaker December 1 at AFCEA TechNet Cyber Conference, being held virtually through December 3.
     Vice Adm. Nancy A. Norton, USN, director of the Defense Information Systems Agency (DISA) and commander, Joint Force Headquarters Department of Defense Information Network, reports that the interagency and international partnerships DISA has forged have strengthened the protection of critical assets around the world. Adm. Norton was the opening keynote speaker December 1 at AFCEA TechNet Cyber Conference, being held virtually through December 3.

Doing Things Differently at DISA

December 1, 2020
By Kimberly Underwood
E-mail About the Author

The combat support agency seeks to drive innovation as it focuses on cybersecurity, infrastructure modernization and enterprise communications.


Like most organizations during the pandemic, the Defense Information Systems Agency, or DISA, is doing things a bit differently this year. Naturally, the agency is leveraging virtual events to increase its engagement with key mission partners, as well as government, industry and academia, including at the annual TechNet Cyber conference, noted Vice Adm. Nancy Norton, USN, DISA’s director and the commander of Joint Forces Headquarters for the Department of Defense Information Systems Network (JFHQ-DODIN).

Adm. Norton was the opening keynote speaker at AFCEA TechNet Cyber, which is being held virtually December 1-3. The director spoke about the agency’s updated strategic plan, released this week, and outlined DISA’s efforts.

“In response to the COVID-19 pandemic we are participating in this conference in a new way this year,” Adm. Norton said. “If 2020 has proven anything it's that we have to be ready for any crisis. When we released our Strategic Plan in 2019, we planned for crises and contingencies, but we didn't specifically plan for a pandemic, yet that is what we are dealing with. Years of planning and telework exercises enabled our own workforce to rapidly shift to maximum telework and still exceed all expectations from the challenge of changing our environment.”

During this time, the agency had to expand the critical communications support of the no-fail mission it provides to the Department of Defense (DOD) and the U.S. Combatant Commands as a combat support agency. And since it operates and defends DISA’s portion of the DODIN, it is preparing the supportive global enterprise to enable multidomain operations in an interconnected and contested battle space, the vice admiral said. As JFHQ-DODIN is the U.S. Cyber Command component for command and control, operational synchronization and defense of DODIN, DISA has also had to increase cybersecurity controls, Adm. Norton stated. The Cyber Command required new cyber measures to support the DOD components in the evolving telework environment.

“During the pandemic, JFHQ-DODIN’s top priorities were protecting DOD networks systems and DOD information while ensuring DOD core functions have the network access and tools they needed wherever they were working,” she shared. “We knew that our new maximum telework posture would increase opportunities for adversaries in cyberspace and potentially increase vulnerabilities across the attack surface of the DODIN. JFHQ-DODIN has worked to align the DODIN into an operational command centric framework for joint operations. The [U.S. Cyber] Command directed rapid actions to secure this modified operating environment and DISA rapidly developed new processes for tracking the operations of the environment while increasing defensive operations for key cyber terrain.”

Moreover, the agency implemented its Cloud-Based Internet Isolation program, also known as CBII. The tool enables warfighters—and those who support them—to have the necessary access to information on the web while protecting the network. The solution puts the browsing process into the cloud, effectively creating a secure environment between the Internet and the DODIN. CBII also reduces bandwidth demands associated with Internet browsing, the DISA director stated.

For the first time, DISA brought a prototype from an other transaction authority (OTA) contract to fruition—during the CBII program implementation, Adm. Norton stated.

“An OTA allows us to not spend two years refining the requirements but to very rapidly respond to a new, real-time need that the department has,” she explained. “That is what CBII did. We knew that we had significant issues with web browsing in particular as an attack vector. We knew that we had excessive use of our bandwidth through web browsing, both of which could be mitigated or reduced through the cloud-based Internet isolation tool. And so, the team jumped on this as a way to do some testing to figure out whether or not it was going to be effective at scale and at speed. They very quickly demonstrated that it was.”

To defend against “increasingly sophisticated foes who seek to exploit any vulnerabilities they can find in the cyber domain,” Adm. Norton—and DISA's incoming director, Lt. Gen. Robert Skinner, USAF—will build off of the agency’s updated Strategic Plan. The document will inform DISA’s priorities and guide resource allocation for the next year. The plan, which supports the confines of the National Defense Strategy as well as the DOD chief information officer’s digital modernization effort, centers on the use of cloud; artificial intelligence and machine learning; cyber; command, control and communications; and data.

Shortly, the agency plans on releasing its reference zero trust architecture (ZTA), Adm. Norton stated. The containerized, identity management-based cybersecurity architecture will allow both the industry and DISA’s mission partners to understand what the tools are that they will want to use in zero trust. It will also enable the agency to expand its ZTA laboratory testing.

“The DISA team has just been incredibly dedicated and committed in pushing through these kinds of solutions,” the vice admiral continued. “I could list a whole number of different innovative solutions that we have taken from a recognized need and turned it into an enterprise solution across the department to make capability available for our warfighters day in and day out.”

 

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Departments: 

Share Your Thoughts:

Doing things differntly at DISA. That is something I HOPE comes true at DISA. I would like to see something changed in the Government and Military in the USA. I believe we need to make changes at the
bottom line level connected to the WEB, or Internet.

I would like to see all computer systems behind the front line/bottom level systems changed from a MS Windows computer to a Linux Computer - System 76 or others that run lets say Redhat Linux OS with a VM that could run windows! I think we can secure those machines a whole lot better than MS Windows computers.

I understand the government has spent WAY TO MUCH money on Windows and is taking it in the AFT quarters with respect to security. I think we need a different breeze to push our ships on.

Sincerely,

Ryan Bertrand
DPC USN(ret.)
Tel: 337-224-2175
Email: ryanbertrand@cajuncpu.com

Share Your Thoughts: