Enable breadcrumbs token at /includes/pageheader.html.twig

DISA Moving Forward with OTA Contracts

Other Transactional Authority contracts focus on innovation, rapid acquisition.

The Defense Information Systems Agency (DISA) is increasing its focus on innovation and rapid acquisition through the use of other transactional authority (OTA) contracts.

Organizations across the Department of Defense and military services have begun using OTA contracts, which help cut much of the time and costs of developing technologies and acquiring systems. They also allow the military to work more closely with smaller, more agile startups and small businesses that may have creative products but don’t traditionally work with the government.

Vice Adm.Nancy A. Norton, DISA director and commander of the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), told the audience at the AFCEA TechNet Cyber Conference in Baltimore that the agency already is awarding such contracts with others in the works.

The agency’s first OTA contract was awarded to purchase a prototypical identity management system. “We moved assured identity from a vision to operational prototypes by partnering with industry to re-imagine identity protection,” Adm. Norton said.

The new system is expected to help the agency move beyond passwords, she added. “We all know that passwords and PINs [personal identification numbers] do not provide adequate security. We’ve seen it fail repeatedly with commercial data breaches and the OPM [Office of Personnel Management] data breach. Our vision is to eliminate passwords.

The prototype relies on biometrics data for authentication. “Continuous multifactor authentication will run seamlessly in the background, allowing access through biometric data distinct to each user,” Adm. Norton said. “The assured identity team and the industry partner developed a minimally viable product that will help us operationalize this concept and open the door to other innovative solutions.”

The admiral also reported the award of two additional OTAs in March for “cloud-based Internet browser isolation prototypes," which she described as “a new approach to web defense” that redirects “Internet browsing from a user desktop to a remote server external to the DODIN so that malicious activity does not impact DODIN operations.”

DISA has three more OTAs that will go into phase three negotiations. They are for assured identity on an iOS platform, machine learning and artificial intelligence to address cybersecurity challenges, and Global Command and Control-Joint Enterprise, or GCCS-JE.

The GCSS-JE will “modernize and improve aging GCCS-J architecture to provide near real-time situational awareness for a global common operational picture leveraging the latest cloud computing infrastructure and software development methodologies to meet present and future C2 [command and control] requirements,” she stated. “This new solution will improve performance, reliability and availability of the service.”