DISA takes on DOD cloud operations
- By Lauren C. Williams
- Jan 11, 2021
The Defense Information Systems Agency will be absorbing the Defense Department’s Cloud Computing Program Office (CCPO) by the end of January, the agency's director said.
DISA will become “the implementation arm for the DOD CIO’s cloud strategy,” said Vice Adm. Nancy Norton, DISA director and commander of the Joint Force Headquarters Department of Defense Information Network.
"Whether that's a general-purpose cloud or a fit-for-purpose cloud, all of those offerings are available through DISA," Norton said during a virtual keynote presentation with AFCEA NOVA on Jan. 7.
Control of the CCPO, which is responsible for the Joint Enterprise Defense Infrastructure program and other cloud efforts, has been under split with DISA having administrative control and the DOD CIO having operational control.
The move comes as DISA works to position itself as the IT provider for defense agencies and field activities, bringing them onto a common infrastructure and providing contract vehicles, such as the planned $11.7 billion Defense Enclave Services award, for common services.
"I think there's a lot of gains to be made across the Fourth Estate in more standardization and common use of enterprise solutions," Norton said. "I don't want them spending their time, energy and money on something that is not their core mission if they can get it from us."
DISA has also been working with DOD components and the military services on transitioning to Microsoft Office 365, building a special tenant for the Fourth Estate under the Defense Enterprise Office Solutions contract. Norton said each of the services will build their own tenant that may or may not be under the DEOS contract. However DISA is working with them on a common authentication solution for improved cybersecurity.
On the security front, Norton said there are more than a billion cyber events on DOD's networks each month and that DISA is working on a framework for zero-trust implementation that focuses on microsegmentation.
"The most recent activity that we've been working on is putting out our zero-trust reference architecture 1.0. So this is going to be an evolving architecture," she said, "but very much a framework that recognizes the need for microsegmentation and how we can incorporate the technologies and capabilities that we have today in our IT infrastructure into those zero-trust principles."
This article was first posted to FCW, a sibling site to GCN.
Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.