DISA streamlines operations centers

The Defense Information System Agency is focusing on unifying the Department of Defense Information Network by consolidating tools, operations and cyber practices.

DODIN is defined as a globally interconnected set of information capabilities for collecting, processing, storing, distributing and managing information. A restructured and renamed successor to the venerable Defense Information System Network that has been a DISA priority in recent years, DODIN includes a number of communications and computing systems and services, software, applications and security services.

“We are fundamentally changing how we are to be computing from a data center perspective,” said David Bennett, DISA CIO and director of its Center for Operations, at a Jan. 12 AFCEA D.C. event.  In order to become more efficient, Bennett said, DISA has already begun moving operations to one computing environment with a single set of tools and process. “That’s a huge monumental change from the agency perspective,” he said.

DISA is also looking to change how the agency operates and defends its $24 billion network. This includes restructuring and standardizing network operation centers, the enterprise engineering and the day-to-day operation of the network. As is, Bennett said, DODIN is a conglomeration of networks that have been implemented over time, and DISA wants to transform it into a dynamic environment capable of reacting to cyber threats as they occur.

DISA wants the network to respond and react to “known or unknown” threats or problems and then heal itself, Bennett said. The agency is also looking for resiliency and agility in its response and analysis of a cyber threat. This would require all operation centers to seamlessly work together, and DISA is looking to industry for a capabilities-as-a-service solution to do so.

Bennett said he’d like to restructure personnel, too. “I don’t think we can afford the manpower to say, ‘You’re a DevOps person, you’re a cyber-ops person,’” he said. “We’ve got to integrate these capabilities.” Ideally, he suggested, a single operator would be able to monitor the environment at large and know how to respond and react to cyber threats.

Consolidating DODIN’s operational components to a single organization makes DISA’s activities, allocation of resources and ability to facilitate change “a much simpler equation than it’s ever been,” Bennett said. It will allow the agency to better implement, sustain, operate and defend DODIN.

And as DISA prepares for MilCloud 2.0, an upgrade to the MilCloud on-premise cloud solution built with commercial technology, the agency wants to make sure it supports connectivity with DODIN. According to DISA’s John Hickey, director of Cyber Development Directorate, this means figuring out how to leverage commercial cloud components and reuse existing tools by standing up a security stack that maintains the agency’s application licenses.

MilCloud 2.0 will be a hybrid cloud environment, but Hickey said that moving forward, he’d like to position operational support so that both DevOps and cyber defense capabilities report back to DODIN’s operation center. Ultimately, the agency wants to maintain visibility in the public cloud, understand the activity in the environment and implement an efficient cyber defense layer so it can protect DODIN.