Booz Allen Extends Contract with DISA
On Jul. 22, the Defense Information Systems Agency (DISA) announced a six-month extension of its “Other Transaction Agreement” (OTA) to Booz Allen Hamilton for the execution of a Thunderdome Prototype, a zero trust security model that leverages commercial technologies such as Secure Access Service Edge (SASE) and Software Defined-Wide Area Networks (SD-WAN).
This increases the pilot to a total of 12 months with an expected completion in January 2023. The six-month OTA extension is essential to allow DISA additional time to expand the Thunderdome pilot to include the Secure Internet Protocol Router Network (SIPRNet), and complete development, testing and deployment planning for the original unclassified prototype. Thunderdome SIPR prototype development The onset of the war in Ukraine has highlighted the importance of SIPRNet and the need to ensure the U.S. Department of Defense (DOD) has a modernized classified network that will securely protect data.
SIPRNet is used by DOD and military services around the world to transmit classified information, up to and including, information classified as secret, however, the framework is antiquated and needs updating. “DISA has made clear that we will not forget that the ‘fight’ is fought on SIPRNet,” said Christopher Barnhurst, DISA deputy director. “While we have been working on developing a zero trust prototype for the unclassified network, we realized early on that we must develop one, in tandem, for the classified side.
This extension will enable us to produce the necessary prototypes that will get us to a true zero trust concept.” While SIPRNet is undergoing a number of modernization efforts led by DISA, the Thunderdome prototype is an important part of the SIPR redesign process and will provide SIPRNet with the security benefits of a zero trust architecture.
During this extension period, DISA will design and implement a SIPR zero trust production solution that is focused on improving and better securing the SIPRNet core infrastructure. This will provide DISA with improved visibility to ensure that people cannot access documents that they do not have the need to see. Leveraging OTAs By leveraging an OTA for Thunderdome, DISA learned and has been able to further appropriately scope the project as needed. OTAs have allowed DISA to be more agile and flexible to accomplish the objectives of an initial enterprise-wide zero trust solution.
The OTA also permits DISA’s Thunderdome program to collaborate and have more meaningful contract requirement discussions with vendors and sub-vendors in real time to successfully prototype a solution that could be taken into production. These ongoing conversations can better inform the program’s direction and can be revisited over the agreement's period of performance. Integration with other DISA capabilities Thunderdome will incorporate greater cybersecurity, centered around data protection, and integrate with existing endpoint and identity initiatives aligned to zero trust.
Thunderdome will be a completely comprehensive and holistic approach to how the network operates – a major shift from the current architecture. As such, the extension will provide more time for better integration of DISA’s zero trust supporting capabilities. Thunderdome’s SASE will integrate with DISA’s Cloud Defensive Cyber Operations (DCO) situational awareness tool, Enterprise Comply to Connect (C2C) and Identity, Credential, and Access Management (ICAM) solutions. This increase in scope enables DISA to provide a more inclusive and complete enterprise deployment of zero trust capabilities for the DOD.
Looking to the future While Thunderdome will modernize DISA’s cybersecurity infrastructure to improve its security posture, DISA continues to thwart adversaries and outside forces that affect its operations. “This extension allows us additional time to better control the overall risk of deploying zero trust capabilities, prior to deployment,” said Jason Martin, director of DISA’s Digital Capabilities and Security Center. “With this additional time, we can conduct operational and security testing that was not originally planned for in the initial pilot. It will also permit us the necessary time to strategize on the best way to transition current Joint Regional Security Stacks (JRSS) users who will be moving to Thunderdome.”
Last year, the department made the decision to phase out the JRSS and transition to a new zero trust security and network architecture. DISA is actively developing a department-wide strategy where mission partners will transition from current cybersecurity solutions, such as JRSS, to Thunderdome or other zero trust implementations. The extended Thunderdome OTA will provide more time to better plan for transitioning JRSS users that will be migrated to an enterprise-wide offering of Thunderdome.
Focused on the warfighter DISA remains steadfast in deterring our adversaries and accelerating our efforts to connect and protect the warfighter in cyberspace. We are taking bold and decisive action to ensure that the information technology supports our current and future warfighters and that our weapons systems are protected anytime, anywhere.
Thunderdome will help us to modernize our network and leverage industry advances in technology to deliver IT solutions that enhance security and data protections. Working shoulder-to-shoulder with our mission partners, we are focused on providing secure capabilities to the warfighter at a velocity of action to win.