Five cybersecurity hotspots in a reorganized DISA

The beginning of this year saw the official start of DISA’s new organization, one that agency director Lt. Gen. Ronnie Hawkins says will mean a greater emphasis on cybersecurity.

One of the main aspects of the reorganization is the creation of the Development and Business Center, led by Alfred Rivera. This will be where new technology solutions are brought into the DISA (and by extension, DOD) environment.

Given this reorganization, there may be uncertainty as to where opportunities exist for cybersecurity vendors. With DISA’s emphasis on cybersecurity, I thought I’d take a look at where cybersecurity vendors should hunt for opportunities.

I’ll focus on the Infrastructure Development Directorate, a component of the Development and Business Center, because this is where many programs overseeing DISA’s largest cybersecurity initiatives and investments reside.

The Infrastructure Software Services Division is where you’ll find the Cloud Services Branch. This office is responsible for developing and deploying DISA’s private cloud, milCloud, as well as figuring out DISA’s role in support cloud services. Despite losing its cloud broker status, DISA is actively exploring ways for commercial cloud providers to host classified information for the rest of the department. In fact, any of DOD’s most sensitive programs of record will always be hosted within DISA’s storage infrastructure.

The Cyber Security Division is where offices overseeing end point security and configuration management ended up. DISA is currently looking for the next generation of end-point security, which is especially important as the DOD network becomes increasingly connected to outside cloud infrastructures.

The Cybersecurity Infrastructure branch also supports DISA’s big data analytics platform, the Cyber Situational Awareness Analytic Cloud (CSAAC). CSAAC aims to make sense of the data it receives from tools that operate and secure DOD’s network. In addition to security, this type of capability also comes with requirements centering on business intelligence, visualization, and data management solutions.

The Cyber Situational Awareness and Analytics Division addresses the need to maintain and improve awareness of what’s happening on DOD’s networks, and threats that may crop up. I imagine this is where you’ll also see network monitoring related requirements for the Joint Force Headquarters. The Joint Force HQ, led by outgoing Lt. Gen. Ronnie Hawkins, will work with DISA to expose and address vulnerabilities on the Defense Department’s network. These were day-to-day tasks that the U.S. Cyber Command performed but wants to take off its plate.

The Infrastructure Development directorate is also home to DISA’s Joint Regional Security Stacks (JRSS) Program Office. DISA partners with the Army and Air Force (soon to include Navy) on centralizing the DOD’s network security monitoring infrastructure. There is a lot of attention on the JRSS to see if the department can pull it off since it is the most tangible manifestation of the Joint Information Environment concept.

Last but certainly not least, is the Mobility Portfolio Management Office, which oversees mobility infrastructure and making sure cybersecurity policies are implemented. This office is at the center of the DOD Mobility program. Expect major activity as DISA ramps up deployment of approved mobile devices across the DOD enterprise.

The above-mentioned offices and projects reflect DOD’s commitment to shrinking its network infrastructure, improving situational awareness, and cultivating a more mobile workforce. These priorities are all part of the Joint Information Environment’s vision of common standards and ubiquitous interoperability and DISA is right in the middle of what’s happening. These five offices in the Infrastructure Development directorate will give you a head start in tapping into the stream of the Department of Defense’s top cybersecurity priorities.

The chart describes where these offices sit inside DISA's new organization.

~DOD cyber organization

About the Author

Lloyd McCoy is a manager on the Market Intelligence team at immixGroup, an Arrow Electronics company, which powers the future of public sector IT. The team utilizes a research-driven approach to help technology companies develop successful business strategies to sell to the public sector.

Reader Comments

Fri, Apr 24, 2015

DISA is mainly in commodity services businesses. If one dared to benchmark it--for costs and headcount--against "competitors," one would find mucho gravia gross over staffing compared with any carrier, or if need be, niche providers. Military needs and exigencies do not explain this. Rather, slothful, unmanaged organizational priorities has given rise to legions of free-range 0-5s and 0-6s. The staffing needs to be thinned out so the personnel can go to where they are needed--in customer organizations.

Fri, Apr 24, 2015 Winchester, VA

While I agree in part with previous comment, "excellent analysis and useful advice," I disagree in part as well. Most likely, DISA needed to be "broke" to be fixed (not unlike many of our Nation’s major bureaucratic organizations). I worked at DISA for three years active duty, in three different organizations. At that time, I was painfully aware many were buying their time and contributing little to mission accomplishment. Then the move to Fort Meade happened, and while many both good and bad were significantly impacted by the new commute, it could not rid the Agency of those merely hanging on for an unwarranted promotion or retirement, or simply the job security. I think what is happening within DISA is a "break fix action." Lt Gen Hawkins is no dummy -- he's a smart guy and wise! At this level and maybe I sometimes give too much credit, but these guys know what they are doing. Putting leaders in leadership positions (GS-15s, SES'ers and O-6s/O-5s) is the right thing to do. Leaders need to lead. Now, if those leaders do not lead, they'll be removed, and I'd expect demoted, etc. I really believe that, and isn't going to be easy. Ever heard of the 80/20-rule (aka Pareto principle)? No doubt it’s a reality in many organizations too—80% of the work, accomplished by 20% of the workforce. I think in the era of constrained budgets and right-sizing, this is the overall focus of the Director and his most trusted advisors. In addition, don’t think that his boss the DOD CIO isn’t aware—these things aren’t done in a vacuum, and DISA’s Combat Support Agency mission is too important. Lastly, it will take a while, but I think in the end DISA will be more effective, efficient, and INNOVATIVE! -- with one caveat, “along with Industry’s contributions.” I will remain optimistic.

Fri, Apr 24, 2015

Interesting analysis of yet another reorganization within DISA, and helpful to businesses trying to work with CyberCom. My major concern is DISA, a service provider, being in charge of its own security monitoring. CyberCom should keep that function out of the provider's hands and give it an agency within CyberCom that has no linkage to DISA. Otherwise security will be held secondary to operability as it has been in the past.

Thu, Apr 23, 2015

Excellent analysis and useful advice. No hats off to the director of DISA or the org's overseers. The organizational design is needlessly complex, leading to fragmentation of mission, utter confusion as to who does what (it began months ago when concept was unveiled), and how well things are going. It will amount to less bang for the buck and much more difficulty in determining if the missions are being fulfilled effectively. One more issue of the design is it seems to be crafted to support more GS-15s, SESrs, and 0-5s and above. This is wasteful. Congress will take it apart. If the SecDef tunes in on this, he should try to modify it before the waste magnifies.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

WT Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.