DISA rethinks its security strategies

Defense Department’s net-centric data policies expose weaknesses in operational awareness

DARPA explores future

As Defense Department officials seek to enhance their ability to detect service outages and security breaches on military networks, the Defense Advanced Research Projects Agency is looking for better ways to do that in the future.

DARPA said military networks’ increasing size makes it hard to identify security threats as soon as they occur. “As a result, many conventional approaches to defending our networks will not be sustainable,” according to a DARPA statement.

DARPA’s Scalable Network Monitoring program will develop new strategies that DOD can use regardless of a network’s size, officials said.

— Sebastian Sprenger

The Defense Department is taking new steps to detect traditionally hard-to-pinpoint performance outages and security breaches on DOD networks. Officials said a test program to
begin later this month is part of a departmentwide effort to improve awareness of network incidents or trouble spots.

The Defense Information Systems Agency will initiate the test program, which will lead to establishing an information sharing operations center (ISOC) early next year, said Anthony Montemarano, DISA’s program executive officer for information assurance and network operations.

The center’s purpose will be to collect data on the status of services that feed information to DOD networks for various applications.

The military is moving toward a services-based environment, but DOD’s ability to detect anomalies in the performance of each of those services is limited, said Michael Krieger, director of information policy in DOD’s Office of the Chief Information Officer.
The data that those services feed to applications could be as simple as the time of day or as complex as a geospatial map.

“You can’t go to a computing center and say, ‘It’s on, so it’s working,’” Krieger said. “It may be on, but it may not be responding to your requests.”

John Grimes, DOD’s CIO, recommended establishing an ISOC in an August 2006 progress report on the implementation of the department’s network-centric data strategy. DOD officials have traditionally used software agents, which are tiny computer programs, to monitor the performance of services on the military’s networks. The ISOC would attempt to monitor the health of a large number of those services simultaneously.

“There are two types of systems: systems that are down and systems that are going to go down,” Montemarano said, highlighting the need for a picture of the operational status of those systems.

He added that DISA plans to eventually integrate the ISOC with the agency’s Global Information Grid Common Operational Picture program.
In the past several years, DOD officials have accepted the notion that military networks will always operate in a somewhat degraded state rather than at peak performance and with uncompromised security.

That recognition has prompted officials to seek ways to improve their situational awareness of incidents on DOD’s networks.
“The focus has gone away from higher walls and wider moats with more alligators,” said Linton Wells, a former assistant secretary of Defense in the CIO’s office. Wells said projects such as the ISOC are essential for securing DOD’s networks.

DISA officials are evaluating sites for housing the ISOC, including an agency facility in Columbus, Ohio, and a secret facility that the intelligence community uses, Montemarano said.

The test program will begin in early October and continue for about 60 days. After that, officials will decide what kinds of equipment, how much money and how many employees they will need to create the ISOC.

During the testing phase, DISA officials will experiment with data and services from the Maritime Domain Awareness Community of Interest. That group is a collaborative effort by several federal agencies to collect and distribute data that tracks ships near U.S. coasts.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.


  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group