The strategic landscape facing the Defense Information Systems Agency (DISA) is very different than it used to be – and that is having a big effect on agency priorities.
“We very clearly … are in a different space today than we were just a few years ago, with adversaries that are in a different place,” Vice Adm. Nancy Norton, DISA Director and Commander, JFHQ-DODIN, told reporters at a press briefing held during the agency’s annual “Forecast to Industry” conference.
Rather than facing a “great powers” competition, now the United States is dealing with insurgency; the IT era has given many countries hostile capabilities that do not require huge capital outlays.
“A lot of the competitive advantages we had after the Cold War we let go as part of the peace dividend,” Norton said. “There were a lot of things we just didn’t have a concern about for a long time.”
She said DISA now has to focus on maintaining a level of resilience that allows the Department of Defense to undertake its work knowing the capabilities will be available. “It’s understanding what is critical to support the critical missions we have,” she said, such as assessing circuit redundancy or how to maintain normal connectivity in active-combat situations.
This is one reason DoD gets actively engaged in search and rescue operations after natural disasters around the world, Norton said – they provide an environment to test solutions in difficult real-world situations.
Another example of protecting resilience is considering supply chain risks. For instance, Jacob Marcellus, portfolio manager, DoD Mobility, said the agency used National Information Assurance Partnership (NIAP) approved devices. “This is something I can actually put in a contract,” he said.
DISA’s involvement in and commitment to artificial intelligence and machine learning is another area the agency is pursuing.
“We see AI/ML as supporting technologies,” said Stephen Wallace, system innovations scientist. “Particularly in our cyber directorate we see a lot of use for machine learning and AI … the number of alerts we get per day is just astounding.”
Malcolm Harkins, Chief Trust Officer at Cylance agreed about the potential for AI within DISA. “AI and ML are really just analytics writ large,” he said. “There’s a lot of scope for development and application for AI-powered tools in securing endpoints.”
David Bennett, Director of Operations and CIO at the agency, said network operations and cyber operations have something in common – the broadest need for tools.
“On the ops side, we don’t develop the tools, we just use the tools. And we’ve got too damn many,” Bennett said. “So for about 18 months or so the agency has been on a tear [looking for] a tool it could use on the network side of the house to manage the DISN, but also on the cyber side to monitor it.”
He noted that monitoring the network end-to-end requires input from numerous places to create a composite image. “We used to worry mostly about the core [and] ignore the edges, [but] a lot of effort is taking place … to drive to a single set of tools,” said Bennett.
“DISA is taking a measured and sensible approach to improving the nation’s cybersecurity, although they probably won’t want to drive to a single set of tools,” Harkins noted. “Getting inputs from several different sets of tools and combining it with the output from AI to get the broadest possible view of the network in context will definitely help DISA achieve a far more robust posture.”