DISA expanding industry partnerships, official says

The Defense Information Systems Agency wants to deliver new cloud-based technologies to military service members quickly and is aiming to expand collaboration with industry partners as part of the effort, a cyber official said on Wednesday.

Sharon Woods, director of DISA's Hosting and Compute Center, said at the agency's 2022 Forecast to Industry event that it’s in the process of establishing a fourth Cooperative Research and Development Agreement — a collaborative agreement between federal research labs and technology transfer partners like industry to develop new capabilities  —  to deliver infrastructure code complete with pre-accredited, pre-configured baselines. 

According to DISA’s website, CRADAs are the agency’s primary technology transfer tool to develop new applications. Because CRADAs aren’t technically an acquisition contract, they aren’t governed by the Federal Acquisition Regulation or the Defense Federal Acquisition Regulation Supplement, which means DISA doesn’t contribute funding to the research, but can offer resources like personnel, facilities or intellectual property to assist.  

The new code can help the military "create cloud environments in two to four hours rather than two to four weeks or months," Woods said, adding: "That's a really critical capability so that mission partners can get into the cloud quickly."

The HaCC is also creating new Development Security Operations tools to help improve software development and is piloting on-premise Containers as a Service to deliver offerings like security patching and automated configuration controls.

Woods said the center has been focused on aligning product offerings to the agency's 2022-2024 strategic plan, while collaborating with industry partners and the military to better understand what cloud adoption accelerators and private cloud services should be deployed, like account tracking and automation tools. 

"There isn't a one-size-fits-all for these types of capabilities and needs,” Woods said, noting that DISA was exploring hybrid cloud and other potential offerings. “All of these are opportunities – whether it's through subcontracting with our existing contractors using something like a CRADA, [or] even new contracting efforts if that's what makes sense – but I think all of these present opportunities at a broad-brush level for us to partner."

DISA officials have previously spoken up about issues at the combat support agency regarding harmonizing cybersecurity and user experience for military service members. Lt. Cmdr. Megan Silvester, product owner of DISA's account tracking and automation tool, said last month at a virtual event that the agency should aim to make its procurement processes more efficient to support cloud product offerings. 

DISA refreshed its previous three-year strategy to prioritize cyber defense and the role of cloud in 2022, and has since continued to emphasize those objectives in its most recent plan.