DISA taking over DOD cloud implementation

NOTE: This article first appeared on

The Defense Information Systems Agency is taking over the department's cloud office by the end of January, the agency's director said.

Vice Adm. Nancy Norton, who heads DISA and commander of the Joint Force Headquarters Department of Defense Information Network (JFHQ-DODIN), said the Cloud Computing Program Office will be completely absorbed into DISA.

"It really pulls together the rest of the cloud strategy that DISA becomes the implementation arm for the DOD CIO's cloud strategy. And whether that's a general purpose cloud or a fit for purpose cloud, all of those offerings are available through DISA," Norton said during a virtual keynote presentation with AFCEA NOVA on Jan. 7.

Control of the CCPO, which is responsible for the JEDI and other cloud efforts, has been under split with DISA having administrative control and the DOD CIO having operational control.

The move comes as DISA works to position itself as the IT provider for defense agencies and field activities, bringing them onto a common infrastructure and providing contract vehicles, such as the $11.7 billion Defense Enclave Services award, for common services.

"I think there's a lot of gains to be made across the Fourth Estate in more standardization and common use of enterprise solutions," Norton said. "I don't want them spending their time, energy, and money on something that is not their core mission if they can get it from us."

DISA has also been working with DOD components and the military services on transitioning to Microsoft Office 365, building a special tenant for the Fourth Estate under the Defense Enterprise Office Solutions contract. Norton said each of the services will build their own tenant that may or may not be under the DEOS contract. However DISA is working with them on a common authentication solution for improved cybersecurity.

On the security front, Norton said there are more than a billion cyber events on DOD's networks a month and that DISA is working on a framework for zero trust implementation that focuses on microsegmentation.

"The most recent activity that we've been working on is putting out our zero trust reference architecture 1.0. So this is going to be an evolving architecture," she said, "but very much a framework that recognizes the need for microsegmentation and how we can incorporate the technologies and capabilities that we have today in our IT infrastructure into those zero trust principles."

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

WT Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.