Doing Things Differently at DISA

Like most organizations during the pandemic, the Defense Information Systems Agency, or DISA, is doing things a bit differently this year. Naturally, the agency is leveraging virtual events to increase its engagement with key mission partners, as well as government, industry and academia, including at the annual TechNet Cyber conference, noted Vice Adm. Nancy Norton, USN, DISA’s director and the commander of Joint Forces Headquarters for the Department of Defense Information Systems Network (JFHQ-DODIN).

Adm. Norton was the opening keynote speaker at AFCEA TechNet Cyber, which is being held virtually December 1-3. The director spoke about the agency’s updated strategic plan, released this week, and outlined DISA’s efforts.

“In response to the COVID-19 pandemic we are participating in this conference in a new way this year,” Adm. Norton said. “If 2020 has proven anything it's that we have to be ready for any crisis. When we released our Strategic Plan in 2019, we planned for crises and contingencies, but we didn't specifically plan for a pandemic, yet that is what we are dealing with. Years of planning and telework exercises enabled our own workforce to rapidly shift to maximum telework and still exceed all expectations from the challenge of changing our environment.”

VADM Norton @USDISA: “Great power competition requires an increased focus on cybersecurity, leveraging automation & AI to speed configuration patching & rapid incident response. We continue to improve on our endpoint management & security providing cyber S.A. to JFHQ #AFCEACyber pic.twitter.com/1DiIBs1Uun

— Kimberly Underwood (@Kunderwood_SGNL) December 1, 2020

During this time, the agency had to expand the critical communications support of the no-fail mission it provides to the Department of Defense (DOD) and the U.S. Combatant Commands as a combat support agency. And since it operates and defends DISA’s portion of the DODIN, it is preparing the supportive global enterprise to enable multidomain operations in an interconnected and contested battle space, the vice admiral said. As JFHQ-DODIN is the U.S. Cyber Command component for command and control, operational synchronization and defense of DODIN, DISA has also had to increase cybersecurity controls, Adm. Norton stated. The Cyber Command required new cyber measures to support the DOD components in the evolving telework environment.

“During the pandemic, JFHQ-DODIN’s top priorities were protecting DOD networks systems and DOD information while ensuring DOD core functions have the network access and tools they needed wherever they were working,” she shared. “We knew that our new maximum telework posture would increase opportunities for adversaries in cyberspace and potentially increase vulnerabilities across the attack surface of the DODIN. JFHQ-DODIN has worked to align the DODIN into an operational command centric framework for joint operations. The [U.S. Cyber] Command directed rapid actions to secure this modified operating environment and DISA rapidly developed new processes for tracking the operations of the environment while increasing defensive operations for key cyber terrain.”

Moreover, the agency implemented its Cloud-Based Internet Isolation program, also known as CBII. The tool enables warfighters—and those who support them—to have the necessary access to information on the web while protecting the network. The solution puts the browsing process into the cloud, effectively creating a secure environment between the Internet and the DODIN. CBII also reduces bandwidth demands associated with Internet browsing, the DISA director stated.

For the first time, DISA brought a prototype from an other transaction authority (OTA) contract to fruition—during the CBII program implementation, Adm. Norton stated.

“An OTA allows us to not spend two years refining the requirements but to very rapidly respond to a new, real-time need that the department has,” she explained. “That is what CBII did. We knew that we had significant issues with web browsing in particular as an attack vector. We knew that we had excessive use of our bandwidth through web browsing, both of which could be mitigated or reduced through the cloud-based Internet isolation tool. And so, the team jumped on this as a way to do some testing to figure out whether or not it was going to be effective at scale and at speed. They very quickly demonstrated that it was.”

DISA’s employment of its joint regional security stacks (JRSS) has helped enable more than a 1000% overall increase in Telework connections for joint partners around the globe, says VADM Norton @USDISA director & commander JFHQ DODIN #AFCEACyber @AFCEA.

— Kimberly Underwood (@Kunderwood_SGNL) December 1, 2020

To defend against “increasingly sophisticated foes who seek to exploit any vulnerabilities they can find in the cyber domain,” Adm. Norton—and DISA's incoming director, Lt. Gen. Robert Skinner, USAF—will build off of the agency’s updated Strategic Plan. The document will inform DISA’s priorities and guide resource allocation for the next year. The plan, which supports the confines of the National Defense Strategy as well as the DOD chief information officer’s digital modernization effort, centers on the use of cloud; artificial intelligence and machine learning; cyber; command, control and communications; and data.

Shortly, the agency plans on releasing its reference zero trust architecture (ZTA), Adm. Norton stated. The containerized, identity management-based cybersecurity architecture will allow both the industry and DISA’s mission partners to understand what the tools are that they will want to use in zero trust. It will also enable the agency to expand its ZTA laboratory testing.

“The DISA team has just been incredibly dedicated and committed in pushing through these kinds of solutions,” the vice admiral continued. “I could list a whole number of different innovative solutions that we have taken from a recognized need and turned it into an enterprise solution across the department to make capability available for our warfighters day in and day out.”