DISA could spend close to $1B on security over three years

The Defense Information Systems Agency (DISA) plans to spend $959 million on network and information systems security over the next three years, with an emphasis on protecting against insider threats and defending classified networks, according to 2008 budget documents.Funding for DISA’s Information Systems Security Program (ISSP), from fiscal 2007-2009, includes $819 million in operations and maintenance and $140 million for procurements. DISA has budgeted $247 million for ISSP in 2007, with $251 million requested for 2008 and $319 million planned for 2009.The ISSP budget calls for increased defense against internal security threats. The agency plans to deploy tools to 1,500 locations worldwide to analyze, detect and respond to insider threats against information and information systems, according to the budget documents.DISA also is stepping up its defense of the Secret Internet Protocol Router Network. Unlike the Non-Classified Internet Protocol Router Network (NIPRNET), which has been under increasing attacks from the outside, the SIPRNET does not have any connections to the public Internet, making it less susceptible to attacks.But DISA intends to deploy automated network access controls to prevent inadvertent or malicious connections of unknown or improperly configured devices to the SIPRNET, agency budget documents said.DISA also plans to deploy a DOD-wide risk management system to verify that any connections made to the SIPRNET come from valid DOD users. The agency said it also plans to expand the use of isolated subnets called Demilitarized Zones (DMZs), which sit between the NIPRNET and SIPRNET and untrusted external networksDISA said these DMZs will also improve the ability of authorized users, such as e-commerce partners, to exchange information with DOD agencies.