Defense Information Systems Agency (DISA) Director Vice Adm. Nancy Norton said today she expects to release reference architecture documents “very shortly” for DISA’s planned implementation of zero trust security concepts.
The DISA Director described the coming move to zero trust back in July. “Together, DISA and Joint Force Headquarters-DODIN [Department of Defense Information Network] defend the cyber domain while providing the tools necessary for our forces to deter or defeat aggression across every warfighting domain – cyber, land, air, sea and space,” she said. “That’s why we are embracing zero trust to prevent data breaches.”
Speaking at today’s AFCEA International TechNet Cyber 2020 virtual event, Adm. Norton said DISA’s reference architecture for zero trust “is coming out here very shortly.” Those documents, she said, will allow DISA’s mission partners to understand tools they want to use to implement zero trust.
She said DISA’s move to zero trust will try to maximize the tools that the agency already uses.
“We’re not going to have a greenfield approach and replace everything that we have,” Adm. Norton said. “We are not trying to go out and buy a box of zero trust.”
Asked during the same presentation whether DISA planned to hold a “bake-off” competition with the private sector for help with the zero trust initiative, Tony Montemarano, Special Assistant to the DISA Director, replied, “we are trying to evaluate the art of the possible.”
Montemarano is retiring from DISA later this month after 50 years in government service, including the U.S. Navy and 29 years at DISA.