The Defense Information Systems Agency wants industry to help it optimize the tech it already has rather than starting from scratch with new systems, the agency’s leaders said during an industry day event Friday.
During DISA’s Forecast to Industry event Friday, top brass previewed their desires to better agency operations by improving cybersecurity through zero trust, automating business practices and enhancing management of software licenses and IT products.
The requests come as DISA is restructuring to better work with industry and be less “complex.” The agency now has four centers with specific mission areas, instead of two units dividing up business and operations. The new structure brings with it new priorities and business opportunities for contractors.
Roger Greenwell, DISA’s CIO and director of its new Enterprise Integration and Innovation Center, said his group will be looking at “how we actually utilize our existing tools in a more robust fashion.”
Don Means, director of the Operations and Infrastructure Center, echoed that stance: “How do we optimize what we already have out there? What have we bought that we are not using to its full potential?”
During the event, DISA overviewed a number of programs underway across the agency. One of the programs senior officials expressed great excitement for is Thunderdome, an effort to implement the zero-trust security architecture on DISA’s network.
Thunderdome is both a means to improve DISA’s cybersecurity and also a pilot of sorts for a broader Defense Department push to implement the principles of zero trust, in which network operators assume hackers have already infiltrated systems and require continuous validation of users.
“We are extremely excited and encouraged by the response we see from industry around Thunderdome,” Steven Wallace, DISA’s new CTO, said during the event.
Thunderdome is not the “be all end all” of the strategy, Wallace said, even teasing an updated version of the zero-trust reference architecture that is in the works.
Another “big focus” for DISA is software license management, Greenwell told the audience, as well as finding new tools to manage the agency’s IT products.
“Every product does licenses a little bit different,” making it difficult to track all the tools within DISA’s tech tool chest, Greenwell said.
Other tech that remains on the horizon and on DISA’s “tech watch list” includes quantum-proof encryption, data fabrics, Infrastructure as Code, identity management, and breach and attack simulations, Wallace said. Some of those emerging concepts will soon become reality, he said, adding that DISA is closely watching for innovative technologies that could impact its core mission areas like command and control and communications systems.