The Defense Information Systems Agency isn't getting rid of the embattled Joint Regional Security Stacks just yet. But it is working on a transition plan as it brings Thunderdome online.
Transition plans for the Joint Regional Security Stacks program are still being developed, according to a defense IT official. But future progress will hinge on Thunderdome's delivery of minimally viable products.
The Defense Information Systems Agency awarded the nearly $7 million Thunderdome contract to Booz Allen Hamilton in January with the aim of developing a prototype of a zero trust architecture this year. Moreover, that prototype will also help the agency transition from the Joint Regional Security Stacks program, which has suffered from latency and security concerns.
Jason Martin, the director for DISA's Digital Capabilities and Security Center, told reporters April 27 that while transition and implementation plans are still in development, the goal is to harmonize all parties involved in the move to better assess the impact to users. Part of that started with unifying the JRSS and Thunderdome program offices under DISA's Cybersecurity and Analytics Directorate to provide "synergy" and an "overall single approach across the mid-tier boundary."
Martin declined to give a tentative timeline on when plans to transition JRSS would be complete. But he said no "significant overhauls to anything JRSS" are expected in the coming weeks.
"We have a mission, number one, which is network security, operationally sound and then as we introduce more testing capabilities that will help us change and direct that. But there's not going to be a wholesale, one time JRSS change," Martin said during a media roundtable at AFCEA TechNet Cyber in Baltimore.
DISA is also in process of identifying and defining the minimally viable products it wants from Thunderdome and the agency is planning to go over priorities and resources needed to develop those alongside short and long-term targets for specific capabilities, like software defined wide area networks and secure access service edge.
Ultimately, JRSS will see "strategic shifts" that look at how changes will affect current customers and mission partners.
"It's a high level planning process now," Martin said. "It's going to become very detailed very quickly. As we know what's happening with the pilot itself, how we're impacting this capability, this capability, this capability. What does that really mean for the end user behind that existing JRSS stack? At what point do we start to look at those transitional components?"
DISA is working with multiple partners to begin the transition including the Defense Department chief information officer and the agency's Joint Service Provider.
"So not a lot of details, of course, because we're very early on the Thunderdome side of things. But we do know that we will leverage real time JRSS users as part of our pilot to determine what needs to be done but also what happens on the user experience side and what that really means and how we would plan accordingly to ensure that we're rolling out an optimal capability," Martin said.