Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
DISA pushes efficiency, security virtues of DoD private cloud
Wednesday - 1/18/2012, 5:24am EST
That proved true just this past week, DISA officials said, when the enterprise email system it built for the Army allowed them to put the kibosh on an email-delivered malware attack that had begun to make its way into the DoD private cloud email service. It could have spread elsewhere in military networks if DISA hadn't found and quickly squashed.
"Where we used to be is that we had all these individual email servers with a little piece of the picture. Each network sensor had a little piece of the picture," Mark Orndorff, DISA's top IT security official, said in an interview. "Now, the thread we're able to pull is that we can see the pattern of those attempts. We can pull together a picture of the entire attack technique. Those attacks would have been essentially undetected if you just had little pieces of that picture scattered around the DoD cyber workforce."
Mark Orndorff, director, mission assurance and network operations, DISA (DISA.mil)
"I think the same logic applies, whether it's email, Sharepoint or across the board," he said. "But it's not just a given that moving to the cloud will improve your defense. It gives you the opportunity to improve your defense. You can choose to exploit that opportunity or not."
Developing and providing secure enterprise IT services that serve the entire Defense Department is DISA's number one focus, officials said at an AFCEA D.C. event Tuesday.
Private cloud best path forward
The agency believes its DoD private cloud approach to technology is the best path forward to improving a DoD network infrastructure that Gen. Keith Alexander, commander of the U.S. Cyber Command, called "not defensible" in a speech last week.
"To use Henry Ford's quote, some people say don't put all your eggs in one basket. I say put all your eggs in one basket and watch that basket very closely," said David Mihelcic, DISA's chief technology officer. "Today what we have is a very uneven architecture. It's very distributed, and we don't have any good centralized oversight of it. What we're trying to do is standardize and focus on those things we think are important."
Alfred Rivera, director, computing services directorate, DISA (DISA.mil)
Rivera said the development of other enterprise services is well underway, even as the Army, DISA's primary email customer, works through a Congressionally-mandated pause in its transition to the cloud. For example, all 14,000 members of the Army's Network Enterprise Technology Command around the world are using DISA's cloud-based Sharepoint service, which still is in an initial test phase.
Rivera said DISA also is working to develop the infrastructure to offer platform-as-a-service to DoD customers.
"This will push standardization to the next level," Rivera said. "We think it's going to provide the economies and the IT efficiencies that have been a mandate from the Secretary of Defense for a year now."
DoD needs to unite around It
But DISA's creation of those services is one thing. Getting the vast maze of decision makers in the DoD and in Congress to adopt them is another matter. Tony Montemarano, the agency's new director of strategic planning who formerly served as its top acquisition official, said the military services' top IT officials were working together like never before, but there's a lot more work to do.
"If I had one wish, I would have the Army, Navy, Air Force, Marine Corps and DISA unite-not physically-but in their approaches to IT," he said to applause from the industry crowd. "I wish we could have one IT infrastructure instead of five or seven."
Tony Montemarano, director for strategic planning and information, DISA (DISA.mil)
"If I need three contractors to help me do a job, tomorrow it's going to be two," he said. "But from a financial perspective, we're feeling pretty good. If sequestration arrives, we're all out of luck. But until that comes, we're fairly comfortable that we're spending the money in an appropriate manner."
Montemarano said DISA's recent completion of a successful audit on its working capital fund was evidence to Congress of its responsible stewardship of public money. But he said the agency needs industry's help to revive the message that IT is a force multiplier for the U.S. Military.
"I haven't been hearing that message lately," he said. "In a time of reduced funding, we need to show that the stuff you all provide is more efficient in fighting the fight than buying another airplane or another ship. If they hear it from DISA, it's not going to mean anything. They need to hear it from you all."