According to Civilian Deputy for the Defense Information Systems Agency (DISA) Services Directorate (SE) Jeff VanBemmel, securing connections is one of the bigger challenges Defense Department Information Networks (DODIN) are facing today after years of a “castle-defense mentality.”
“As we move into a more cloud-based world and a more mobile world, there’s a lot more information that goes in the DODIN on your mobile devices, it’s portable,” said VanBemmel at the DefenseOne Tech Talks virtual event. “I think one of the challenges our customers are having is understanding where their data sits and how it goes back and forth making those connections and then securing those connections.”
In terms of vulnerabilities, VanBemmel said there are different security concerns for Federal IT programs versus industry IT programs, but by working together and partnering with industry, both sectors can help each other get secure.
“Moving in partnership with industry, I think really helps both of us get secure and I think that’s really kind of a growing relationship,” said VanBemmel. “As we go through this evolution to sort of a more cloud-based community, you’ve got to stay in close partnership with [industry partners].”
Elsewhere during the conversation, VanBemmel said that DISA and other DoD components need to work faster in acquiring software to keep up with foreign adversaries who may be working commercial speed, while DoD components work with a hybrid style of acquisition.
“What DISA is doing in the attempt to speed up the acquisition or the iteration of defense software – it’s largely through BPAs [blanket purchase agreements], instead of having everyone in the department going out acquiring individual contracts, we try to do one large contract that everyone can take advantage of,” said VanBemmel.
Depending on the requirements, these BPAs are done with both large and small companies, VanBemmel says, and DISA has been starting to leverage more and more acquisition authorities than it has in the past.