DISA could spend close to $1B on security over three years

The Defense Information Systems Agency (DISA) plans to spend $959 million on network and information systems security over the next three years, with an emphasis on protecting against insider threats and defending classified networks, according to 2008 budget documents.

Funding for DISA’s Information Systems Security Program (ISSP), from fiscal 2007-2009, includes $819 million in operations and maintenance and $140 million for procurements. DISA has budgeted $247 million for ISSP in 2007, with $251 million requested for 2008 and $319 million planned for 2009.

The ISSP budget calls for increased defense against internal security threats. The agency plans to deploy tools to 1,500 locations worldwide to analyze, detect and respond to insider threats against information and information systems, according to the budget documents.

DISA also is stepping up its defense of the Secret Internet Protocol Router Network. Unlike the Non-Classified Internet Protocol Router Network (NIPRNET), which has been under increasing attacks from the outside, the SIPRNET does not have any connections to the public Internet, making it less susceptible to attacks.

But DISA intends to deploy automated network access controls to prevent inadvertent or malicious connections of unknown or improperly configured devices to the SIPRNET, agency budget documents said.

DISA also plans to deploy a DOD-wide risk management system to verify that any connections made to the SIPRNET come from valid DOD users. The agency said it also plans to expand the use of isolated subnets called Demilitarized Zones (DMZs), which sit between the NIPRNET and SIPRNET and untrusted external networks

DISA said these DMZs will also improve the ability of authorized users, such as e-commerce partners, to exchange information with DOD agencies.


  • Elections
    voting security

    'Unprecedented' challenges to safe, secure 2020 vote

    Our election infrastructure is bending under the stress of multiple crises. Administrators say they are doing all they can to ensure it doesn't break.

  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.