Navy Vice Adm. Nancy Norton – DISA Forecast to Industry 2018


[♪♪♪] NARRATOR: Through strategic
innovation and customer service, DISA is the trusted provider
to connect and protect the warfighter in cyberspace
for the Department of Defense. It is through trusted
partnerships with industry that DISA delivers what warfighters
require for mission success. When warfighters encounter
a problem or identify an opportunity for improvement that could
benefit from an IT solution, they look to DISA. Once the requirements are clear, we determine if a solution already
exists in the DISA service catalog. When the required capability
is not readily available or adoptable, DISA’s procurement services directorate
is fully engaged to facilitate strategic sourcing initiatives
to buy the right solution relying on our relationship with industry
to solve the warfighters’ problems. DISA works through program offices,
the Small Business office and tech firms to create a unique
product for the mission partner. [♪♪♪] No matter the scope of the requirement, DISA relies on large and small businesses to provide new and creative ideas
that lead to innovative capabilities. Once the path to the right
solution is determined, the collaboration process
kicks into high gear to deliver the capability
to our warfighters. The DISA team works to conduct
testing and certification, evaluate security vulnerabilities, administer authority
to operate on the DODIN and provision and deliver services. When these pieces come together, a capability that began
as an idea becomes a reality. Warfighters rely on DISA and industry
to fulfill their IT requirements. As a result, solutions are available to our mission
partners across the entire enterprise. We support the warfighter. Trusted partnerships between DISA, mission partners and industry
make it happen. When you enter
into a partnership with DISA, you are supporting warfighters
and missions around the world. [♪♪♪] NANCY NORTON:
The video that you just saw depicts
this year’s theme, trusted partnerships. Technology is constantly evolving and DISA is committed
to strengthening our partnerships with industry to pace that change. I would like to read a quote from
the SecDef, General Mattis just last week, “As the old saying goes,
there’s strength in numbers. When nations pool resources
and share responsibility, their burdens become lighter. It also gives the U. S. a better chance
to advance its interests and maintain a balance of power
that will keep enemies from thinking twice about aggression. The stability that comes
from alliances and partnerships can also generate
much needed economic growth. So what if we replace nations
with DISA and industry partners?” Let me read that again. “When DISA and industry partners pool
resources and share responsibility, their burdens become lighter. And the stability that comes
from those partnerships can generate
much needed economic growth.” As an IT agency, we need our industry partners
to help us focus on the big picture of driving innovation,
fostering collaboration and helping us achieve a common goal. Industry has a lot of expertise,
research and experience. All of which can help
DISA develop solutions that solve the warfighters’ problems
and keep pace with our adversaries. Our theme, “Trusted Partnerships,”
embodies the way we work closely with industry
to develop solutions for the DoD. Only by working together
can we expand our capabilities and support to those protecting
our great nation. Be our partner. We can achieve great things together. So who are we? Well, I serve in a dual-headed role
as the Director of DISA and the Commander
of the Joint Force Headquarters Department of Defense Information Network
or Joint Force Headquarters DODIN. Both organizations play a critical
role in providing our warfighters, the Department of Defense
and national level leaders with the best communications and
information technology services worldwide. DISA conducts DODIN operations
for the joint warfighter to enable lethality across
all warfighting domains in defense of our nation. Joint Force Headquarters DODIN
provides command and control of DODIN operations and defensive
cyberspace operations’ internal defensive measures globally
across all 43 DoD components in order to synchronize
the protection of DoD capabilities to enable power projection and freedom
of action across all warfighting domains. Everything these two organizations
do is to support the warfighter and increases the ability
to accomplish their assigned missions. Together, we support
the Secretary of Defense’s national defense strategy
and his three lines of effort: to increase lethality for our warfighters,
to strengthen partnerships and to reform the department. Partnerships with industry are a key
component in the national defense strategy and in what DISA does
for all those we support. The Executive Branch,
the Office of the President, the White House
and the National Security Council, the Legislative Branch in the Congress, the federal government
including the State Department, Department of Homeland Security, the Office of Personnel Management and all military services,
every combatant command and the DoD agencies and field activities. Our mission is focused on securing,
operating and modernizing our networks, applications
and systems with innovative tools to counter threats, minimize risks
and maintain a competitive advantage. Our field offices and commands
located around the world have a significant role
in how the agency supports our combatant commands
and their components. They provide direct support in their
respective areas of responsibility. Our field offices and commands serve as
advocates for DISA’s portfolio of services and identify ways DISA can help
support a combatant command. They also advocate to DISA headquarters
on behalf of the combatant command to translate their warfighting needs,
mission requirements and other activities as well as provide recommendations
for future services and capabilities. Whether unique
to that combatant command or an enterprise service across
the Department of Defense. This slide also depicts
our operation centers, special support commands,
data centers and satcom teleport sites around the country and the world that ensure continuously available
operational and security capabilities both tailored and global
that provide our warfighters with reliable and secure communications and information supporting
every mission in every domain. As a combat support agency
for the Department, DISA is uniquely positioned
to take on major tasks and initiatives to connect and protect
the warfighter in cyberspace. To change the way the Department secures
and protects its information networks, DISA has partnered
with the military services to deploy Joint Regional
Security Stacks. The JRSS platform enables
the greater DoD Community to review network
traffic, inspect data, retrieve threat and malware data
on the network, troubleshoot and take steps to patch,
protect and defend the network. By deploying JRSS, the security of the network
is centralized into regional architectures instead of locally
distributed architectures at every base, post,
camp or station. We are currently working
to complete installation, identify resources for continuous
implementation and deployment and migrate security services to JRSS. DISA’s command and control
portfolio supports the warfighter by providing secure access to capabilities
and seamless information-sharing needed to plan and execute
our joint operations. As you may know, Vice Admiral Retired
Jerry O. Tuttle passed away last week. He was the driver for JOTS,
the Jerry O. Tuttle System in the Navy that was the basis
for our current Global Command and Control System
Joint or GCCSJ. GCCSJ is the principal
foundation for our nation’s dominant battle space awareness providing an integrated,
near real-time common operational picture
of the battle space. Now, GCCSJ is being transitioned
to a cloud-based enterprise architecture. GCCS Joint Environment or JE. The most significant change in 30 years
from the original core JOTS system enabling Vice Admiral Tuttle’s vision
to become a more powerful, resilient combat-enabler for our national
and combatant command leadership. GCCSJE will provide rapid
presentation and aggregation of relevant data
for quick decision-making. With new ways to visualize data,
speed delivery of new capability and lower life cycle cost
across the Department. As a priority for the Department, DISA is leading efforts to support
a highly mobile workforce by providing secure access
to enterprise capabilities anywhere and at any time
for greater mission effectiveness. Mobility solutions support
operational readiness, increase productivity
and provide greater flexibility. The number of mobility
customers is growing steadily. And the agency is expanding
the availability of unclassified and classified mobile solutions. Specifically, DISA is looking to replace
desktops with mobile devices to expand and extend enterprise
solutions that ensure interoperability, increased security,
access to information and reliable service
to the mobile workforce. The agency is offering milCloud 2.0, a fit-for-purpose, on-premise
Cloud offering that provides secure commercial
services to DoD users. It will connect DoD networks to on-site
commercial Cloud environments. The solution provides mission partners
with the latest Cloud technologies at competitive prices
and uncompromised performance. DISA held a symposium last December and another one in May to help mission
partners from combatant commands, military services and agencies understand why Cloud
adoption matters to DoD and to learn more about the agency’s
current Cloud service offerings. DISA has a lot of Cloud experience. So it was important for us to work
closely with mission partners, guide them through the initial steps
of exploring a potential Cloud solution that’s applicable to their mission needs
and provide a seamless onboarding process. As we continue developing innovative
services and capabilities, there’s an ongoing effort
within the Department to modernize and consolidate networks. The agency is supporting this effort by deploying the JRSS
platform to secure the DODIN and migrating fourth estate
data centers to milCloud 2.0. This strategy will reduce
the Department’s data center footprint and support federal data center
optimization efforts. In the spring,
we announced our plan to reshape and evolve
the DISA computing ecosystem. Reducing DISA’s own physical data
center footprint around the world and identifying ways
to provide cost savings which will be passed on
to our mission partners. We are also modernizing
our DISN backbone by eliminating TDM
and low speed circuits moved on to high-speed IP circuits with
auto provisioning and network function virtualization through
software-defined networks and multi-protocol label switching. At the transport layer, this means a self-recovering
optical transport network with end-to-end encryption
increasing from a hundred to four hundred
gigabits per second. All this will result in a DISN
with reduced network complexity and number of devices, unsurpassed
bandwidth to support rapid growth in data usage and enhanced resiliency
of our network infrastructure. To drive anonymity out of the DODIN, the agency will pursue
the development of a shared identity to advance how federal
agencies continuously identify and authenticate users and devices. There’s a simultaneous effort
to address the form factor challenge presented with common access cards
or CACs in a mobile environment. The Department is actively working
solutions such as Purebred to leverage derived
credentials and other forms of continuous multi-factor
authentication. The defensive cyber operations’ mission requires constant vigilance,
improvement and innovation. As the agency continues operating
and supporting the warfighter, we have to minimize
our growth in footprint. One way we plan to achieve this is
by investing in cybersecurity capabilities that allow us to orchestrate
and automate our key defensive processes. To support this, our cybersecurity
service provider team is exploring the use of enterprise tools, machine learning, robotics
and artificial intelligence to expand the effectiveness
or analysis with existing staff. These capabilities
will use our sensor data to help the agency readily identify
long-term cybersecurity trends, uncover changes in adversary behavior and develop algorithms
to identify suspicious activity and it will help the DISA
team expedite actions that are historically
performed manually. We must do this across cybersecurity
if we’re to pace the threat in cyberspace. Our team is committed
to understanding the complexity of attack vectors
and reducing them. Implementing a Cloud-based
internet isolation solution will help us protect our network
from browser-born threats. By taking the internet browser
off the workstation and placing it in a remote Cloud-based
server outside of the DODIN, we can review traffic from afar and protect the network while
preventing malware and cyber-attacks. We’re interested in hearing
from industry as we develop a solution for this part
of our cybersecurity portfolio. With these initiatives in mind, reducing the attack vector
is critical to our operations. In a given month, DISA executes roughly a billion defensive cyber
operations events. Automatically blocking most of those. We intervene in nearly a thousand
incidents and 420 phishing attacks and we conduct over 2,000 countermeasures. Our adversaries are becoming
more sophisticated. Their threats are becoming more complex and the number
of cyberattacks is increasing. All of the solutions
I’ve discussed reduce the attack vector
in the architecture itself, reduce the amount of cybersecurity attacks
that we have to manually respond to and ultimately ensure resiliency
to support mission accomplishment. As the agency continues to change
its roles and responsibilities, several things will transition
within the Department this year. The National Background
Investigation Services or NBIS is transitioning
to the Defense Security Services and both multinational
information sharing programs and commercial satellite communications
are transitioning to the Air Force. The Joint Service Provider has been
a part of DISA for a year now and the DoD’s fourth estate is moving
their applications to milCloud 2.0. You’ll hear more about these
from our speakers later. As the department continues to build
trusted partnerships with industry, all parties involved
have to be accountable and responsible to one another. Cybersecurity needs to be
at the forefront of our operations. Cyber is our battle space
and resiliency in that battle space is key for our networks,
applications and systems. The DoD must be able
to fight hurt in every domain, to sustain attacks
and continue operations. Implementing a mission
assurance cyber strategy helps the agency
maintain that resiliency and protect our capabilities
to continue operations. The agency is raising the bar
on our expectations for industry partners and we need you to implement cybersecurity
measures in all deliverables. You and others in industry
hold valuable DoD-related data and you are a target
for adversaries as much as DoD is. As a result, we will review how well
companies handle reporting security breaches and the steps
taken to prevent them. We will grade companies
on security incidents, your level of response
and outline consequences for putting data
and information at risk. As part of our partnership, we have to find ways to be good
stewards and identify meaningful and sustainable ways to deliver
cost savings to taxpayers. Section 921 of the 2019 National
Defense Authorization Act directs the Department to provide
a certification of cost savings to congressional
defense committees. To maintain a high level of trust
with the American public, we have to avoid excessive spending
and focus on providing value for the warfighter and the nation by developing innovative,
cost-saving capabilities. This is the reform
Secretary Mattis directed. Trusted partnerships between
the agency and industry representatives, large and small require transparency and must reflect high ethical
standards and behavior. Engaging and collaborating with industry
gives DISA the opportunity to create and modernize innovative solutions
and provides benefits for both parties. Our communication processes
and decisions must be transparent, fair and impartial so we can continue
maximizing support for our warfighter. Doing so assumes a level
of trust, drives growth, shows good intent and helps
us foster accountable and sustainable partnerships
now and in the future. When warfighters encounter a problem
or opportunity for improvement, they reach out to DISA
for information technology solutions. As shown in the opening video, for services and capabilities
that are not currently available, the agency relies on innovation
and collaboration with industry to take the best ideas
from concept to solution. This presents industry
with an opportunity to align its expertise in research and development
with the agency to put state-of-the-art
technologies in the hands of our warfighters. Your partnership is critical for us
to stay ahead of adversaries, to operate and defend the DODIN and enable
lethality across all warfighting domains. DISA is fortunate to have
a talented and diverse workforce dedicated to the mission including
many of the leaders you will see and have an opportunity
to engage with today. They embody the values
that DISA stands for. Duty that inspires service
and accountability. Creating trusted partnerships
supports DISA’s vision to be the trusted provider to connect
and protect the warfighter in cyberspace. I want you to share
that vision and our values to ensure success
in defense of our nation. We look forward to hearing from you
and gaining a better understanding of how you can support us
with our future requirements. Thank you again for being here today
and continuing to partner with DISA.

Leave a Reply

Your email address will not be published. Required fields are marked *