The Defense Information Systems Agency, the Pentagon’s IT services arm, is planning for a busy 2020.
Stephen Wallace, systems innovation scientist and head of the agency’s emerging technology directorate, laid out DISA’s technology priorities in November at its annual Forecast to Industry event.
Among the key priorities for DISA are to leverage DevSecOps principles of security testing and automation, not just for software development but also for IT infrastructure more broadly.
“What we want to do just beyond the development principles and code development that comes with DevSecOps, we want to take those principles and apply them to the way that we actually deploy infrastructure,” Wallace said, according to FedScoop.
Wallace said that with similar devices across the agency, it makes sense for DISA to treat the devices as code. By doing so, DISA can easily share information across its programs and be better prepared for re-accreditation of its devices.
However, DevSecOps is not the only area DISA plans to invest in for the DOD. Others include artificial intelligence, blockchain, mobile and desktop convergence and 5G wireless networks.
DISA Interested in a Wide Range of Emerging Tech
Nextgov reports that DISA plans to award nearly 100 new contracts for technology-focused services in fiscal year 2020, with a dozen valued at more than $100 million. That will include telecommunication services under the Enterprise Infrastructure Solutions contract from the General Services Administration.
One of the contracts DISA is likely to take advantage of is EIS, which will enable it to start deploying 5G networks. Wallace said that 5G will enable faster data transport for war fighters and better communication at the tactical edge on the battlefield and in bases, according to Fifth Domain.
DISA is also considering using network splicing, enabling the creation of multiple virtual networks for specific network activities on top of a common shared physical infrastructure. Network splicing will allow DISA to “change the way that we basically ship traffic across the carriers’ networks,” Wallace said, according to Fifth Domain.
Another area of focus is going to be AI and machine learning, especially for projects that are constantly validating user identity, according to Fifth Domain. “It’s a technology enabler,” Wallace said. “You will see it pop up in a number of things.”
AI and ML will come into play in another area DISA is interested in: security orchestration, automation and response. SOAR helps automate cybersecurity and incident response, an area of keen interest to the DOD. “Our adversaries are better leveraging automation, ML/AI,” Wallace said. “We need to get more in the game of automating our response.”
DISA is also testing distributed ledger — a.k.a. blockchain — in one of its data centers to “explore the technology.” Fifth Domain reports that DISA thinks blockchain could be useful “in the logistics realm with data set sharing, simplifying database management by removing the need for a centralized database access.”
And DISA will continue to explore zero-trust cybersecurity architectures, which would enable DISA to use new indicators to verify users’ identity, such as the device the user is using, the time of day and the credential, according to Fifth Domain. “We think that we can take many of those concepts ... and apply [them] to what we do for the department,” Wallace said.
Wallace called on vendors to be open and realistic about the promise and limitations of emerging technologies, in the hope of having “very transparent and open conversations,” FedScoop reports.
“Please don’t come promising the world, because everything’s got its challenge,” Wallace said. “Every one of these technologies … every one of them has its own independent challenges. But we can work through that and we want to work through that with you.”