Strategic Plan FY19-22 Version 2This DISA Strategic Plan fiscal years 2019-2022, Version 2, is a refresh of Version 1 of the plan; which was released in 2019. This refresh incorporates updates to our priorities in light of a changed strategic environment characterized by rapidly shifting global and cyberspace landscapes. In this era of technological advancement in the cyber domain, DISA is continually seeking new ways to meet the needs of the end user that demands responsive, resilient, secure and high-quality IT services. We have learned from the lessons of this past year combatting our invisible adversary, COVID-19, to sharpen our attention on critical initiatives to deliver capabilities to our mission partners, and to care for and cultivate our workforce. At the same time, DISA’s mission has grown over the past few years, and we are focused on building capability to move into the future. The future incorporates new technologies such as fifth generation (5G) mobile networks and cloud computing. DISA recognizes that we must accelerate technology modernization to continue to meet our joint warfighters’ ever-increasing information exchange needs.This strategic plan outlines mutually reinforcing programs, projects and initiatives that link our three goals to our mission. Our goals are to operate and defend; adopt before we buy, and buy before we create; and enable people and reform the agency. These goals enable DISA to conduct DoDIN operations for the joint warfighter to enable lethality across all warfighting domains in defense of the nation. DISA’s strategic plan articulates our vision of a combat support agency that is the nation’s trusted provider to connect and protect the warfighter in cyberspace. It demonstrates our commitment to provide our mission partners with improved customer service in the delivery of their services and capabilities, and it provides our workforce with the ability to set goals and build toward a common future. DISA will review and update the strategic plan at the beginning of each fiscal year to ensure its services and capabilities contribute to a more lethal, resilient and innovative joint force. We will support the joint forces’ ability to win against any adversary, adapt to unexpected changes, sustain any campaign and maintain readiness to address the next challenge.Defense Information Systems AgencyDISA_e0be573e-6abf-4d9d-90be-bc698f7dbb5eNancy A. NortonVice Admiral, United States Navy; Director, DISA Commander, JFHQ-DODINDISA WorkforceWho is this plan for, and how is it intended to be used? This document serves multiple purposes as a reference for internal and external audiences. This strategy helps our workforce align activities, set future goals and see the utility and value of our contribution to an overarching DoD information technology mission.DISA PartnersWe hope that mission partners will see the breadth and diversity of our services and determine new ways to better leverage DISA as the nation’s premier IT combat support agency.Defense Industrial BaseAdditionally, we hope that members of the defense industrial base will gain a clear understanding of our priorities, and spark new ideas of ways to collaborate with us to jointly fill capability gaps.Department of DefenseThe strategic plan is an overarching framework that informs planning priorities, resource allocation and assessment criteria. It provides a framework to explore technologies that will contribute to a more secure, seamless and cost-effective architecture for DoD. DISA’s strategic plan continues to align to national and defense-level strategies, namely The National Security Strategy, National Cyber Strategy, National Defense Strategy, DoD Cyber Strategy and DoD Digital Modernization Strategy. The DoD’s long-term cyber-strategic approach is based on mutually reinforcing lines of effort to build a more lethal joint force, compete and deter in cyberspace, expand alliances and partnerships, reform the department and cultivate talent. Collectively, these strategies guided the development of the strategic plan and support DoD’s goal to strengthen the security and resilience of networks and systems that contribute to current and future U.S. military advantages.To be the trusted provider to connect and protect the warfighter in cyberspace_2103c496-34e6-11eb-b6e4-63881083ea00To conduct Department of Defense Information Network operations for the joint warfighter to enable lethality across all warfighting domains in defense of our nation._2103c7ac-34e6-11eb-b6e4-63881083ea00CREEDWe are a combat support agency. We unite diversity of Talent through Respect, Unity, Service, and Teamwork, leading innovation and success for the warfighter in defense of our nation.TalentRespectUnityTeamworkInnovationVALUESDuty that Inspires Service and Accountability.DutyInspirationServiceAccountabilityOperation & DefenseDeliver secure, available and reliable services and capabilities to mission partners_2103c98c-34e6-11eb-b6e4-63881083ea001In today’s landscape of increasing cyberthreats, the ability to deliver services and capabilities across all domains – land, air, sea, space and cyberspace – allows mission partners to maintain global leadership and to deny unwanted advantages to adversaries. DISA understands these requirements, and our desired end state is to deliver secure, available and reliable services and capabilities to mission partners in a contested and rapidly changing cyberspace environment. Our support to crisis and combat operations takes on many forms, such as employing tool suites to provide real-time, robust monitoring of an infrastructure to lessen interrupted service, or developing interagency and international partnerships to strengthen protection of critical assets. We are focused on maximizing information sharing to enable a threat-based approach to defensive cyberspace operations, and continually improving our readiness to support DoD campaigns. DISA is on the leading edge of deploying, operating and sustaining cyber tools, capabilities and expertise to maximize DoDIN operations that support multi-domain operations and enhance lethality.InfrastructureModernize the Infrastructure_2103cd06-34e6-11eb-b6e4-63881083ea001.1Consistent with the 2018 National Defense Strategy’s charge to reform the department, DISA modernizes the infrastructure to improve the security, resiliency and capacity for DoD networks. One focus of our modernization initiatives is to standardize configurations for greater performance and affordability. Another focus is to consolidate and converge data centers, networks, service desks and network operation centers into a secure, integrated and improved environment. A modern infrastructure reduces the cost and complexity to operate while improving customer service with transparency. Over the fiscal years 2020-2021, DISA is focused on achieving objectives under the following major lines of effort:Network EnhancementsConsolidate infrastructure by developing common architectures and sharing resources_2103cf5e-34e6-11eb-b6e4-63881083ea001.1.1Network enhancements support an everything-over-internet protocol architecture to eliminate obsolete technology, optimize network efficiencies and service delivery and provide multi-path survivable infrastructure. DISA is pursuing related Defense Information Systems Network evolution initiatives in networking, collaborations, satellite communications, mobility, enterprise operations and network management, and cybersecurity capabilities. Within these capabilities there are common goals to enhance the infrastructure of network elements to better the overall DISN functional architecture. We are evolving toward the next generation DISN Infrastructure to deliver high bandwidth, agile, survivable and secure networking capabilities. A main focus of our enhancement initiatives is to consolidate infrastructure by developing common architectures and sharing resources. In our ongoing work to modernize the SATCOM gateway, for example, we are converging disparate management tools into one platform that will provide a continuous, accurate and real-time SATCOM situational awareness to the user communities.Internet Protocol v6Convert to an IP-based architecture and implement Internet Protocol version 6_2103d134-34e6-11eb-b6e4-63881083ea001.1.2The goal of this initiative is to employ a global converged network infrastructure by converting to an IP-based architecture and implement Internet Protocol version 6, where fault isolation and dynamic routing of network traffic enable enhanced service delivery and prevent service interruption to the end user. A global converged network infrastructure improves interoperability, security, resilience and compliance with DoD net-centric directives and lowers sustainment costs while enhancing responsiveness to new requirements. DISA is working to enable DISN core hardware by 2021 and to enable all DISA catalogue services and external IT systems by 2025. Network OperationsImprove reliability and availability of delivered services_2103d486-34e6-11eb-b6e4-63881083ea001.1.3DISA enhances operations to ensure mission partners have secure, available and reliable services and capabilities to achieve their mission in a contested cyberspace environment. DISA enhances operations through the operation and defense of the DISA-managed portion of the DoDIN, management of the Cyber Security Service Provider program, direct support to combatant commands and support of Joint Force Headquarters-Department of Defense Information Network and United States Cyber Command in their missions to achieve cyberspace superiority. Our aim is to improve reliability and availability of delivered services by conducting mission assurance and critical infrastructure protection assessments focused on reducing or eliminating infrastructure potential points of failure.SpectrumImprove holistic spectrum situational awareness_2103d6d4-34e6-11eb-b6e4-63881083ea001.1.4DISA is transforming DoD joint electromagnetic spectrum operations to improve holistic spectrum situational awareness through improved data capture models, processes and capabilities. This improves lethality and survivability for spectrum-dependent systems supporting the wireless portion of the DoDIN. We are developing technical frameworks that enable promising new electromagnetic spectrum access technologies to improve full-range spectrum access for the warfighter. During this strategic time frame, we are developing initial system requirements and architecture for Electromagnetic Battle Management capabilities, and supporting DoD and national spectrum sharing and reallocation initiatives.End User SupportProvide end user and desktop support_2103d9c2-34e6-11eb-b6e4-63881083ea001.2Office of the Secretary of DefenseJoint StaffDoD Field ActivitiesCombatant CommandsDefense AgenciesAs DoD pursues the National Defense Strategy, the agency has a number of initiatives in support of reform and enhanced security. These include end user or desktop support for most elements within the Pentagon and its geographically distributed organizations, as well as most organizations within the Fourth Estate. The Fourth Estate is comprised of DoD agencies and field activities that are not part of the military branches. These organizations include the Office of the Secretary of Defense, the Joint Staff, DoD field activities, the combatant commands, and defense agencies.Fourth Estate Network OptimizationManage all applications, tools, processes and the contracts necessary to support the Fourth Estate organizations_2103dd46-34e6-11eb-b6e4-63881083ea001.2.1Fourth Estate OrganizationsThe purpose of this program is to modernize DoD’s IT architecture, consolidate networks, reduce costs, improve business practices and mitigate operational and cyber risks. DISA’s objectives are to manage all applications, tools, processes and the contracts necessary to support the Fourth Estate organizations and their day-to-day common IT functions. We are actively delivering consolidated enterprise services, end-user devices, desktop support and local and wide area network connectivity. We are onboarding 14 organizations between fiscal years 2020-2025 onto DoDNet, and 800 IT government personnel will join DISA over a period of six years.Pentagon and National Capital RegionProvides DoD IT services to the Pentagon and National Capital Region_2103e07a-34e6-11eb-b6e4-63881083ea001.2.2DISA’s Joint Service Provider provides a full range of DoD IT services to the Pentagon and National Capital Region to meet mission and business requirements. DISA JSP’s work is prioritized under three strategic areas: 1) Optimize the Customer Experience, 2) Operate, Defend and Harden the Network, and 3) Enable People and Improve Processes. Under its first priority, DISA JSP is focused on enabling maximum mission effectiveness for the customer through a Gold Standard level of service, and better aligning DISA and Fourth Estate Network Optimization service offerings for increased transparency. Under its second priority, DISA JSP is focused on modernizing the enterprise network and improving cybersecurity. Finally, DISA JSP is working to automate pipelines, tools and standards needed to support rapid development. This includes moving to a Defense Working Capital Fund compliant financial model by fiscal year 2022 to establish consistent service taxonomy and standardize delivery to customers.Command CapabilitySupport the National Leadership Command Capability framework_2103e250-34e6-11eb-b6e4-63881083ea001.2.3DISA is proud to support the National Leadership Command Capability framework. Our work supports three key areas: Presidential and senior leader communications, continuity of operations and government communications, and Nuclear Command, Control and Communications. Our goals are to modernize and sustain senior leader communications, as well as ensure they are enabled with the latest cybersecurity protection. DISA will continue to provide centralized management and configuration control of select NLCC command and control capabilities as directed by the DoD Chief Information Office and Council on Oversight of NLCC Systems.Computing CentersModernize computing centers to enterprise standards_2103e5e8-34e6-11eb-b6e4-63881083ea001.3The agency continues to support computing requirements with its data centers now called Computing Ecosystems. The ecosystem has expanded its number of computing sites under the direction of DoD CIO to take ownership of key service-managed computing centers. The intent is to modernize them to enterprise standards.Computing EcosystemImplement and optimize the computing ecosystem_2103e854-34e6-11eb-b6e4-63881083ea001.3.1DISA continues to implement and optimize the computing ecosystem to streamline command and control of mission-critical applications and to improve information-sharing capabilities. During this strategic time frame, we will host critical traditional systems, divest outdated legacy computing systems, and where appropriate, shift to cloud-based alternatives. We are actively onboarding new mission-critical applications and working toward an infrastructure technical refresh for NIPRnet and SIPRnet in 2021.CloudDeploy and expand milCloud 2.0 over the Sensitive but Unclassified Internet Protocol Data Network_2103ea5c-34e6-11eb-b6e4-63881083ea001.3.2For those unclassified systems requiring on-premise cloud solutions, milCloud 2.0 over the Sensitive but Unclassified Internet Protocol Data Network is deployed and expanding. For cloud-ready systems classified at the secret level, milCloud 2.0 is currently being deployed. Cyber DefenseEliminate known vulnerabilities and field new capabilities for defense-in-depth and incident response analysis_2103edfe-34e6-11eb-b6e4-63881083ea001.4Defensive Cyber Operations – Internal Defensive Measures -- We are expanding resiliency through the implementation of Defensive Cyber Operations-Internal Defensive Measures for rapid identification of new vulnerabilities. The purpose of our efforts is to eliminate known vulnerabilities and field new capabilities for defense-in-depth and incident response analysis. Enhancements must target the complete spectrum of technologies from end-point to internet and every tier in between. DCO-IDM missions are conducted at global and enterprise levels and within DISA-operated portions of the DoDIN to preserve its confidentiality, availability and integrity. During this strategic time frame, we are continuing to implement effective controls as measured through DoD’s CIO Cyber Hygiene Scorecard, and to extend Cyber Security Service Provider service offerings to higher security classification levels.ReadinessStrengthen readiness by expanding exercise planning and participation to build proficiency, improve interoperability and establish mutual trust among mission partners_2103f092-34e6-11eb-b6e4-63881083ea001.5DISA is focused on strengthening readiness by expanding exercise planning and participation to build proficiency, improve interoperability and establish mutual trust among mission partners. We are actively incorporating lessons learned from directly supporting named military operations and globally integrated exercises into the integrated planning and exercise lifecycle. This information feeds our annual contingency planning documents, including combatant command campaign plans, global campaign plans and DoD top-priority contingency plans. Facilities and infrastructure management is strategically important to supporting agency mission readiness. Properly maintained and operated facilities support the nation’s critical infrastructure requirements and address the evolving needs of the workforce. Therefore, DISA continuously assesses the need for facility improvements and capital investments, and we are actively engaged in the military construction planning and programming process to fulfill requirements in fiscal years 2021-2022 and beyond.Adoption, Acquisition & CreationImproves the speed of delivery of services and capabilities for DoD_2103f286-34e6-11eb-b6e4-63881083ea002The Adopt Before We Buy and Buy Before We Create process improves the speed of delivery of services and capabilities for DoD. When a mission partner requests a solution, the agency uses this process to determine the best way to meet the requirement. First, the agency determines if the solution already exists within DoD and if it is scalable to meet the mission requirement. Second, if the solution is not available or scalable, the agency buys it from industry partners. If the solution is not available from DoD or industry partners, the third and least agile method to fulfill the requirement is by creating a custom solution. When this is required, the agency provides short-term solutions to fill the capability gap, while the long-term solution is developed and implemented. This process strengthens mission partner collaboration by developing and delivering a customized service or capability solution based on the specific requirements.EnterpriseOptimize for the Enterprise_2103f632-34e6-11eb-b6e4-63881083ea002.1CloudEstablish DISA as the thought and product delivery leader for cloud integration and sustainment_2103f8da-34e6-11eb-b6e4-63881083ea002.1.1Our vision is to establish DISA as the thought and product delivery leader for cloud integration and sustainment. We are seeking to develop a cloud-advisory framework to outline operational benefits, costs and potential drawbacks for approved DoD commercial-cloud offerings. This process requires proactive engagement with mission and industry partners to evolve department cloud-based offerings to meet changing mission requirements. DISA is leveraging the benefits of cloud across all services and capabilities by investing in commercial cloud capabilities and supporting DoD’s cloud initiative to modernize the IT enterprise. Working in accordance with DoD cloud-adoption goals, our objective is to build enterprise identity and authentication for DoD cloud environments. The team is enabling commercial-cloud access to prepare for integration of Joint Enterprise Defense Infrastructure specific common services, as well as outside the continental United States and tactical cloud access. DISA is deploying a third generation cloud access point construct and evolving internet connectivity to approved Impact Level 4/5 commercial cloud offerings. Another important cloud initiative is the implementation of a Voice Cloud Access Point solution. This positions DISA to be the provider of choice for cloud voice over internet protocol connections to the DoD Impact Level 5 cloud tenants. The VCAP solution optimizes routing of voice traffic while providing a secure DoDIN anchor point for all mission partner IL5 cloud hosted solutions. DISA has implemented initial capability, and will expand to additional sites in fiscal year 2021 to get to full operational capability. Collaboration & ProductivitySupport DoD’s enterprise collaboration and productivity services strategy to replace existing DoD capabilities_2103faf6-34e6-11eb-b6e4-63881083ea002.1.2Defense Enterprise Office Solution -- Defense Enterprise Office Solution is an enterprise commercial-cloud service offering that supports DoD’s enterprise collaboration and productivity services strategy to replace existing DoD capabilities. The program acquires and implements common enterprise applications and services for joint use across DoD, standardizing cloud adoption and enabling cross-department collaboration. DEOS will be deployed and implemented using a multifaceted approach for NIPRNet and SIPRNet environments. In this strategic time frame, we will facilitate migration from legacy enterprise services to DEOS, and sunset legacy services. This includes standing up, testing and authorizing NIPRNet services within the continental United States, as well as initiating OCONUS and SIPRNet services.MobilityMake data accessible to every owner from anywhere at any time_2103feac-34e6-11eb-b6e4-63881083ea002.1.3Mobility Offering -- COVID-19 and maximum telework has accelerated DISA’s goal to make data accessible to every owner from anywhere at any time. DoD mobility offers services that ensure interoperability, increased security, and reliable access to information for our mobile workforce. Strategic focus areas are mobile device policy and standards, development of mobile web and apps, and enterprise mobility for unclassified and classified use. DoD mobility capabilities are being pursued at the unclassified, secret and top-secret levels to enable government-owned mobile devices access to authorized information services.TestingRigorously test all services and capabilities before implementation_2104015e-34e6-11eb-b6e4-63881083ea002.1.4Joint Interoperability Test CommandDISA’s goal is to use Joint Interoperability Test Command for all operational tests, evaluations and assessments to rigorously test all services and capabilities before implementation. This reduces duplicative testing efforts and overall programmatic costs to realize cost savings to our mission partners. We are also finding new ways to gain efficiencies in the testing enterprise. For example, we are currently pursuing the concept of an Enterprise Integration and Assessments Environment to replace the Distributed Development Test Enterprise with a more operationally relevant test environment. This effort increases automation and data management within a centralized framework. We anticipate that this will improve test and evaluation capabilities to help accelerate the pace of modernization activities undertaken by Distributed Common Ground/Surface Systems Programs of Record.CybersecurityStrengthen Cybersecurity_21040384-34e6-11eb-b6e4-63881083ea002.2National Security AgencyU.S. Cyber CommandDoD CIOThe current cyber domain is a dynamic, complex and contested battlespace constantly under attack by an ever-evolving array of highly competent adversaries. These malicious actors seek to leverage the characteristics of the cyber domain to their advantage and compromise our ability to operate effectively in cyberspace. In order to defend against these evolving threats, we are pursuing actions across domains and transport layers that will enhance, standardize and centralize the defense of our cybersecurity environment. We want to enhance the defensive architecture with a focus on defending against both external and internal attacks, detecting lateral movement and fully incorporating more robust endpoint capabilities in a synchronized and standardized defensive implementation. One of the ways we are pursuing a robust defensive architecture is through our “zero trust” architecture program that acts as an enabling attribute to tie together all security solution sets. DISA is working in partnership with the National Security Agency, U.S. Cyber Command, and DoD CIO to develop a dynamic zero trust lab environment able to replicate existing and near-state technologies to test zero trust capabilities. There are currently three layers of defense in the DISN architecture that fall into DISA’s Defensive Cyberspace Operations capabilities: boundary defense, regional defense and endpoint security. Boundary DefenseSupport boundary defense_21040848-34e6-11eb-b6e4-63881083ea002.2.1The boundary defense layers include internet access points at the edge of the unclassified DoDIN. DISA conducts the majority of its DCO from the boundaries with multiple defensive capabilities. In this strategic time frame, we are working on several programs in support of boundary defense, to include: * Threat Intel – This refers to using more actionable threat intelligence to block malicious behavior. This comes from internally sharing information with devices at the Internet Access Provider level, or gaining additional threat information from vendors. Our projected end state is in fiscal year 2022. * Cloud Based Internet Isolation – This is a tool that allows our machines to remotely browse internet traffic while keeping malicious traffic external to our network. Our projected end state is in fiscal year 2021.Regional DefenseMonitor network access points to defend against potential network attacks_21040b2c-34e6-11eb-b6e4-63881083ea002.2.2The Joint Regional Security Stack is the regional security solution that helps DoD effectively monitor network access points to defend against potential network attacks. This equipment suite provides many network security capabilities to include firewall functions, intrusion detection and prevention, and enterprise management. JRSS consolidates multiple geographic locations into regional entities and is designed to allow multiple organizations to utilize the same DCO capabilities. In alignment with JRSS Senior Advisory Group direction, JRSS’ efforts for fiscal years 2021-2022 are focused on sustaining the existing JRSS architecture and optimizing implementation through technical refreshes.Endpoint SecurityEnhance endpoint security to defend against external and internal attacks, detect lateral movement and synchronize defensive endpoint capability implementation_21040d52-34e6-11eb-b6e4-63881083ea002.2.3Endpoint security focuses on the security of the end-user’s workstation or device. In this strategic time frame, DISA supports JFHQ-DODIN to enhance endpoint security to defend against external and internal attacks, detect lateral movement and synchronize defensive endpoint capability implementation. Additional major initiatives include sunsetting legacy systems, Comply to Connect, user activity monitoring and Enterprise Patch Management Service. Our efforts to modernize endpoint security began in fiscal year 2020 to sunset legacy host systems, with planned migration through fiscal year 2022. DISA is standing up the Comply to Connect Program management office. The Comply to Connect Program is a DoD CIO Cyber and Digital Modernization initiative to transform cyber and network security. This enables DoD components to have control over what endpoints are allowed to connect to DoD networks, and provides an overall better understanding of endpoint security compliance. The Enterprise Patch Management Service hosts third-party patches to cut upfront time for components to go to websites to search for patches and pay for services. DISA is currently procuring the capability for user activity monitoring for the Fourth Estate in 2020, with planned full operational capability in fiscal year 2021. InnovationDevelop and integrate innovative capabilities_21041144-34e6-11eb-b6e4-63881083ea002.3Drive Innovation -- DISA’s ability to develop and integrate innovative capabilities is critical to provide cutting-edge solutions for mission partners. As DoD embraces industry leading technologies, DISA must balance security with access to support real-world operational requirements. AutomationDevelop an automation framework_2104141e-34e6-11eb-b6e4-63881083ea002.3.1Automation of repeatable migration and sustainment processes are pursued today on an individual, organizational basis. DISA has prioritized the development of an automation framework, incorporating leading concepts across government and industry to integrate and sustain an enterprise automation solution. Our key priorities are: cloud automation, infrastructure as code, cybersecurity and business processes.SoftwareEnable programs to support a resilient and flexible delivery pipeline that can speed migration to cloud-based environments_2104164e-34e6-11eb-b6e4-63881083ea002.3.2Development, Security, Operations/Agile Software Development will enable programs to support a resilient and flexible delivery pipeline that can speed migration to cloud-based environments inline with DoD goals. DevSecOps can improve a number of DISA migration, operation and sustainment activities. DISA’s framework will offer a high degree of transparency to report a given system’s state, fusing data through technology insertion, data standardization, process automation and cultural evolution. Key objectives during the fiscal year 2021-2022 time frame are: * Establish a DoD DevSecOps Community of Practice. * Define DevSecOps framework, closely aligned to Risk Management Framework principles. * Develop a concept of operations for all stages of the pipeline orchestration. * Develop dashboards for visualizing DevSecOps metrics across the ecosystem. ^ DevSecOps is facilitated through the software-defined enterprise concept, which represents a paradigm shift in the traditional computing model for development, deployment and management. Industry EngagementsSupport the Defense Industrial Base_21041a5e-34e6-11eb-b6e4-63881083ea002.3.3Defense Industrial BaseThe Defense Industrial Base is a critical infrastructure sector consisting of a worldwide industrial complex that enables purchased services to meet DoD requirements, research and development, design, production, delivery and maintenance of military weapons and software systems. WarfightersFrom innovation to development, testing and implementation, our partnership with industry is essential to achieving success for our warfighters. DISA offers industry the opportunity to meet with leadership, senior executives and program managers year-round.Industry RepresentativesIndustry representatives may also seek assistance by posing questions that are collaboratively addressed.AFCEAAdditionally, DISA hosts industry representatives, in person or virtually, at our annual one-day conference, Forecast to Industry, and participates in AFCEA events throughout the year.DISA SeniorsDISA seniors and program managers inform industry about DISA’s plans for the future and provide a comprehensive list of contracting opportunities (refreshed biannually). Attendees can participate, ask questions and engage with seniors, program managers and agency subject matter experts during the events. Other resources, such as DISA’s current premier contracts list, are also made available.DISA Program ManagersSmall BusinessesAlthough DISA’s Office of Small Business Programs works with businesses of all sizes, we support the goals in the current DoD Small Business Strategy, and are actively working to cultivate and sustain a healthy small business sector. We recognize that small businesses are a critical part of the DIB because they can offer cutting-edge, creative solutions to our nation’s toughest technological problems. DISA supports small businesses through outreach programs and ensures that first consideration is given to see how they can address our mission requirements. DISA recently awarded the Systems Engineering, Technology, and Innovation and ENCORE III contract vehicles, which are available to 45 small businesses. These contract vehicles support our mission essential capabilities and total in capacity to $25 billion over the next 10 years. These contract awards are targeted to increase the DIB footprint over the coming years. Office of the Under Secretary of Defense for Acquisition and SustainmentCybersecurity Maturity Model Certification -- DISA supports the Office of the Under Secretary of Defense for Acquisition and Sustainment in its efforts to enhance the protection of controlled unclassified information within the supply chain. OUSD(A&S) is the champion for a program called Cybersecurity Maturity Model Certification, which is targeted to begin implementation within DoD in fiscal year 2021 and be fully implemented over the next five years.DoD StakeholdersOUSD(A&S) is working with DoD stakeholders, federally funded research and development centers, university affiliated research centers and industry to develop five cybersecurity maturity levels, establish the accrediting body and create training for DoD and DIB.Federally Funded Research and Development CentersUniversity Affiliated Research CentersIndustryContracting OfficialsThe CMMC will review and combine various cybersecurity standards and best practices to create five cybersecurity maturity levels that range from basic cyber hygiene to advanced. Once implemented, each level is characterized by associated controls and processes, and these will reduce the risk against cyber threats. DISA is closely monitoring OUSD(A&S)’s development and implementation of the CMMC program. In the near term, we plan to participate in DoD-sponsored training activities, and to perform internal use cases for applicable contracts. We will work across contracting, program managers and requirements generators to ensure that providers demonstrate the capabilities necessary to meet DoD’s cybersecurity requirements.Program ManagersRequirements GeneratorsNot surprisingly, telecommunications and IT are identified as critical infrastructure industries, which makes DISA’s support of the DIB essential to meeting our mission. DISA is focused on several key initiatives in the fiscal year 2021-2022 time frame to strengthen our ties with the DIB. These include formal industry engagements, support to small businesses and support to the Cybersecurity Maturity Model Certification program.AcquisitionUse innovative contracting strategies_21041d2e-34e6-11eb-b6e4-63881083ea002.3.4Innovative Acquisition -- DISA supports DoD better buying power initiatives by using innovative contracting strategies like Joint Enterprise License Agreements. JELAs improve efficiency, cut costs and standardize implementation by consolidating technology and increasing collaboration across DoD’s Enterprise. DISA has issued three JELAs to provide enterprise-wide contract vehicles for commonly-used software and hardware products. DISA continues to partner with DoD and industry to ensure effective implementation of JELAs. As we gather data that reveals a strong case for new DoD JELAs, DISA will lead additional joint agreements. Another innovative contracting tool that DISA is utilizing is the Other Transaction Authority. OTAs offer a streamlined method for carrying out DoD prototype projects and transitioning successes into follow-on production to get capabilities into the field faster. DISA currently has three prototype OTAs and two production OTAs ongoing. If and when any of the prototypes prove to be successful, they will transition to production OTAs: * Identity, Credentialing and Access Management – 1 prototype. * Field Deployable Alert Notification System – 1 prototype. * Artificial Intelligence and Machine Learning – 1 prototype. * Cloud Based Internet Isolation – 1 production system. * Mobile Endpoint Protection – 1 production system. ^ DISA will focus on the success of these OTAs during the fiscal year 2021 - 2022 strategic period, and pursue new OTAs as the need arises.IdentityMeet digital credential requirements_21041f86-34e6-11eb-b6e4-63881083ea002.3.5Assured Identity -- DoD form factors must evolve to meet shifts in digital credential requirements. DISA must advance the form factor beyond the common access card as the singular form factor for DoD digital credentials. Significant impacts of assured identity include spearheading the evolution of how all things identify and authenticate themselves on the network.Mobile/DesktopAssess continued advancements in mobile technologies and identify the benefits of migrating to a single platform_210423c8-34e6-11eb-b6e4-63881083ea002.3.6Mobile/Desktop Convergence -- DISA must assess continued advancements in mobile technologies and identify the operational, security and financial benefits of migrating to a single platform. The elimination of traditional desktop and laptop devices could reduce large-scale acquisitions of infrastructure, software and storage solutions. GatewayCreate a universal gateway to allow for a common platform for DISN services_21042a08-34e6-11eb-b6e4-63881083ea002.3.7Universal Gateway -- DISA’s goal is to create a universal gateway to allow for a common platform for DISN services. The universal gateway will consist of all enterprise infrastructure required to support terrestrial, mobile, and satellite communications services like voice, video and data for all DoDIN customers worldwide. DISA currently operates multiple gateways with similar architectures, but they have separate infrastructure and support structures. We will leverage NSA’s Commercial Solutions for Classified standards to develop a single architecture that can initially support DoD’s Enterprise Classified Travel Kit, DoD Mobility Capability Classified-Secret to enhance secure mobile communication, as well as other future mission partner requirements. Multiple mission partners have expressed a desire to migrate to a DISA-provided Enterprise CSfC system instead of continuing to sustain their own gateways. Our Universal Gateway – Generation 1 will consolidate these gateways into a single CSfC gateway offering. We are currently planning to perform modeling and traffic analysis for UG-1 deployment.People & ReformEnable People and Reform the Agency_21042c92-34e6-11eb-b6e4-63881083ea003DISA is a highly complex global organization of military, civilian and government contractor personnel. DISA supports many different missions within the Department of Defense and beyond, providing combat support to the warfighters across the globe. To effectively meet these demands, we recognize the importance of cultivating an innovative and diverse workforce with military and civilian talent leaders within every level of our organization. The Workforce Services and Development Directorate is focused on providing effective human capital management to propel DISA’s mission and workforce forward to meet our goals. Our goals are to: * Protect human capital assets and resources. * Optimize facilities to address mission and personnel needs. * Improve human resource service delivery. * Develop the workforce and grow leaders. * Execute DISA’s global branding and recruiting in support of hiring. * Support the agency’s growth in trust and accountability. ^ We set these challenging goals because we know that the agency’s leadership and workforce have a strong desire to improve, and have what it takes to unite in solidarity to achieve positive change. It is vital to recognize that process improvement and cultural change is incremental and will be tracked over several years. Our short-term objectives under these goals are to: * Shorten hiring timelines. * Implement benefits or incentives, and training to retain personnel. * Continue implementation of Cyber Excepted Service Phase II. * Increase officer and enlisted manning fill rates for all services. * Continue team building and professional development events for military personnel. * Integrate with educational institutions to develop the IT pipeline. * Coordinate physical work space with the people and needs of the agency. * Maintain DISA headquarters open storage accreditation and expand Sensitive Compartmented Information Facility areas. ^ In addition to our internal growth goals, DISA is proactively focused on successfully implementing and supporting major joint programs such as the Fourth Estate Network Optimization, the Joint Artificial Intelligence Center and the Joint Enterprise Defense Infrastructure. DISA’s role in these programs goes beyond technical support and extends to human capital management. People are the greatest resource to achieving these challenging enterprise-wide goals, and our Workforce Services and Development Directorate is actively working across the department to smoothly integrate workforce members from migrating organizations. In the Fourth Estate Network Optimization, for example, there are 14 organizations onboarding to the DoDNet between fiscal years 2020-2025. This effort will result in more than 800 information technology government personnel joining DISA over a period of six years. While these personnel will for the most part continue to perform their present duties at their current locations, we will acclimate them to the agency and make them aware of all the benefits and programs available to them as new DISA employees. DISA has several new and exciting initiatives that are specifically designed to empower the workforce to take an active role in process and cultural change. The following sections of this strategic plan highlight the ongoing and future actions to achieve these goals and objectives.PeopleEnable People_21043228-34e6-11eb-b6e4-63881083ea003.1Trust & AccountabilityFoster employee engagement_2104355c-34e6-11eb-b6e4-63881083ea003.1.1Trust and Accountability Framework -- What drives engagement at DISA? Our theory is that people come to DISA to be a part of an inspirational mission, and then connect with each other and the work at the heart of that mission. We identified six agency themes to foster employee engagement around that connection: * Theme 1: Embrace Value Sharing – Knowledge, information and ideas are valued and shared. Engage with people anywhere, at any time. * Theme 2: Equitable and Balanced Performance Culture – Everyone is empowered for performance, accountable for behavior, valued and appreciated. Clarify expectations. Practice accountability. * Theme 3: Learning and Developing for a Lifetime – Reward and Invest in the continuous growth of employees in all career stages. Get better. * Theme 4: Redefine Talent and Resource Acquisition – Innovate to match talent to opportunities and lateral learning. Forge new paths internally and externally. * Theme 5: Integrated Community – Build trust across our community through collaboration, coordination and cooperation. Help everyone be their best. Create transparency. * Theme 6: Lead by Example – Talk Straight. Do the right thing for the right reasons. Inspire trust. Demonstrate character and competence. Be accountable. ^ Research points to a number of key themes among the intersections of mission, technology, people, the workplace, and ultimately, culture. DISA must evolve the agency culture into one of high trust and accountability through focus on our people, and the creation of a sustainable sphere of trust, innovation, collaboration and exploration. Recruiting/HiringStrive toward a population of military and civilians with diverse backgrounds and viewpoints_210437dc-34e6-11eb-b6e4-63881083ea003.1.2DISA’s success is dependent on having an innovative and diverse workforce to effectively meet the demands of our global mission. We strive toward a population of military and civilians with diverse backgrounds and viewpoints at every level of our organization. Diversity of talent in leadership is important at DISA, and it encompasses more than sex and ethnicity; it includes age, education, work experience, cultural background, geography, and expertise. DISA is implementing an agency-wide strategic outreach and talent acquisition approach to enable us to recruit and hire a diverse workforce that leads in innovation and brings success for the warfighter in defense of our nation. Our recruitment approach addresses the following: employment branding and marketing, technology and automation, outreach to academic and military institutions, referrals and partnerships, and DISA’s Ambassador Program.BrandingDevelop and administer an employment branding strategy_21043c46-34e6-11eb-b6e4-63881083ea003.1.2.1Employment Branding and Marketing -- DISA seeks to develop and administer a comprehensive employment branding strategy to promote the agency within the government, industry and academic communities. We are training the existing workforce to become ambassadors and spread the message that DISA is the employer of choice and we are hiring. We plan to utilize targeted digital media placements outside of USA Staffing to reach a new candidate pool of passive and active job seekers, as well as enhance our social media presence to extend our labor market reach. We expect this will be effective to persuade prospective job seekers to put their trust in DISA as an employer.AutomationUtilize technology to automate manual processes and expand our presence within our talent network in support of multiple hiring initiatives_21043f66-34e6-11eb-b6e4-63881083ea003.1.2.2Use of Technology and Automation We want to utilize technology to automate manual processes and expand our presence within our talent network in support of multiple hiring initiatives. We are leveraging productivity applications to collect, analyze and employ talent acquisition data to assist hiring managers to make the best hiring decision. In addition, virtual recruiting will be employed to continue outreach efforts while physical distancing mandates are in place. DISA utilizes its existing social media platforms – LinkedIn, Facebook and Twitter – to highlight agency vacancies, promote the internship program, advertise hiring fairs and events and educate key audiences about DISA partnerships with industry and academia. Additionally, social media promotion of industry and government outreach events allows those interested in employment with DISA to hear directly from agency leaders about programs, services and priorities.Academic OutreachRecruit and attract fresh perspectives and innovative thinkers_210441fa-34e6-11eb-b6e4-63881083ea003.1.2.3CollegesUniversitiesHigh SchoolsThe agency’s outreach is not limited to colleges and universities. DISA representatives, including seniors, also engage high school students at mentoring and other events to foster student readiness.SeniorsHigh School StudentsDISA will aggressively recruit and attract fresh perspectives and innovative thinkers to ensure we can address emerging technology challenges. We have a targeted focus on academic outreach, and we are establishing partnerships with institutions that align with the DISA mission. DISA will attract students and recent graduates to create a long-term pipeline to grow future leaders within the agency.Military OutreachAttract and recruit highly qualified veterans_21044682-34e6-11eb-b6e4-63881083ea003.1.2.4VeteransDISA is implementing innovative talent acquisition efforts to attract and recruit highly qualified veterans. We are working to strengthen partnerships and employ qualified transitioning veteran candidates. ReferralsPromote and incentivize the use of our internal employee referral program, and promote direct-hire authorities within the agency_210449a2-34e6-11eb-b6e4-63881083ea003.1.2.6We will promote and incentivize the use of our internal employee referral program, and promote direct-hire authorities within the agency. The expected outcome is an increased talent pool where hiring managers have skilled candidates readily available.PartnershipsSeek new partnerships to recruit the best and brightest talent_21044c5e-34e6-11eb-b6e4-63881083ea003.1.2.7To support DoD’s Cyberspace Workforce Strategy that was signed by the Deputy Secretary of Defense in 2013, DISA is proactively seeking new partnerships to recruit the best and brightest talent. These partnerships allow us to share resources on productivity applications, training and professional development opportunities, and to co-host events. We are actively pursuing relationships with academia and other government agencies to fill civilian vacancies in the information technology and computer scientist job series. We will seek qualified and certified information technology and program management candidates by enhancing recruiting and technology training, particularly with companies and certification outlets specializing in CompTIA, ISC2 and ISACA certifications. Ambassador ProgramTrain DISA employees to be force multipliers to project our brand, and to attract talented, highly qualified professionals to our organization_2104510e-34e6-11eb-b6e4-63881083ea003.1.2.8DISA EmployeesThe goal of this program is to train DISA employees to be force multipliers to project our brand, and to attract talented, highly qualified professionals to our organization. We want to mobilize motivated and enthusiastic professionals who are able to describe the benefits of working at DISA, and able to describe the various hiring authorities that can be utilized for employment. RetentionPursue new ways to increase employee engagement and retain highly motivated and qualified talent_210454ec-34e6-11eb-b6e4-63881083ea003.1.3DISA leadership is pursuing new ways to increase employee engagement and retain highly motivated and qualified talent within the agency. This begins with listening and understanding the needs of the workforce. DISA is committed to fostering a healthy work environment, and values treating each other with dignity and respect. The agency champions diversity and inclusion initiatives in accordance with DoD guidance, leveraging the benefits that different experiences and perspectives provide our team in accomplishing DISA’s mission. We celebrate the achievements of our workforce over social media and in other forums to recognize the many unique ways that our workforce accomplishes the mission. The agency-wide Climate Synergy Group promotes employee engagement across DISA by serving as a feedback loop between senior leaders and employees, sharing best practices and recommending strategies. The group provides a resource and forum for employees to engage on issues that strengthen the organization and further support to mission partners and the warfighter. Ongoing commitments to the continuous development of the agency’s workforce will continue in fiscal years 2021-2022. These include the DISA Mentoring Program, and special emphasis and integration programs such as telework and wellness. These programs provide support and assistance to help employees enhance mental and physical well-being, and find assistance and support in times of need.TrainingStrengthen trust and accountability through innovative learning and development opportunities_21045794-34e6-11eb-b6e4-63881083ea003.1.4A large portion of the agency’s response to strengthen the trust and accountability framework is through innovative learning and development opportunities, including: * The Patriot Leadership and Team Building Training. * The 5 Languages of Appreciation course. * The agency-wide Leading at the Speed of Trust, where over 400 employees have been trained worldwide, and new facilitators have begun training. * Quarterly, agency-wide Supervisory Symposiums to provide continuous growth for supervisors. * A cadre of federal internal coaches to improve employees’ sense of purpose. motivation and morale. * Tailored training and development from accredited master instructors. ^ Operating in a rapidly evolving global information battlespace, DISA remains dedicated to providing employees the most recent and relevant mission-centered technical learning and development opportunities, to include nationally accredited IA/IT courses and professional certifications. DISA offers professional, leadership and personal-growth opportunities to develop and retain highly-motivated and qualified employees across the agency in support of the warfighter, to include competitive based opportunities for academic grants, as well as study programs with nationally prominent academic institutions. DISA is focused on the positive impact that training has on the organizational climate.Cyber Excepted ServiceProvide opportunities for qualification‐based promotions and rotational assignments_21045c3a-34e6-11eb-b6e4-63881083ea003.1.5Cyber Excepted ServiceDoD’s Cyber Excepted Service offers flexibilities for the recruitment, retention and development of high-quality cyber professionals across the department. CES does not change current salary, benefits and employee rights, but it provides opportunities for qualification‐based promotions and rotational assignments across DoD’s Cyber Community. In the fiscal year 2021-2022 time frame, DISA is implementing Phase II of CES and extending voluntary offers to convert to this personnel system. We will track the use of this system and will focus efforts to use CES recruiting flexibilities to streamline hiring highly qualified cyber professionals.ReformReform the Agency_21045fa0-34e6-11eb-b6e4-63881083ea003.2Business ProcessesModernize business systems to improve system solutions_21046252-34e6-11eb-b6e4-63881083ea003.2.1Business Process System Modernization -- DISA’s Service Development Program Management Office is modernizing business systems to improve system solutions. These modern technical solutions will support improvements in order provisioning, contract provisioning, human-resource functions and financial functions. The outcomes are intended to provide efficiencies in reporting and prevent DISA from funding outdated and antiquated legacy systems.Order ProvisioningRe-engineer business processes for simplified ordering, service management and reporting_21046720-34e6-11eb-b6e4-63881083ea003.2.1.1DISA is re-engineering business processes for simplified ordering, service management and reporting. DISA seeks to improve ordering timelines by modernizing DISA’s Storefront to integrate financial and contract systems. The program office is also working to show all DISA service offerings in the Storefront.Contract ProvisioningStreamline interactions between ordering, contract and financial business systems_21046aa4-34e6-11eb-b6e4-63881083ea003.2.1.2DISA is streamlining the interactions between ordering, contract and financial business systems to deliver services faster to our customers. For example, we are making technical upgrades to the Electronic Data Management System, and the Contract Support System. EDMS is DISA’s authoritative source for acquisitions, and it recently underwent a technical refresh in spring 2020 from a client-based platform to a web-based platform. CSS is used as a tracking tool for DISA’s contracting actions, and it is scheduled for a technical refresh from a client-based platform to a web-based platform in 2021. Both of these technical refreshes are needed to meet security restraints, as well as enable user access in a web-based environment.Human Resource FunctionsMove to modern software solutions that leverage cloud-based technologies_21046d74-34e6-11eb-b6e4-63881083ea003.2.1.3Human resource business systems will move to modern software solutions that leverage cloud-based technologies. This will provide the capability to communicate directly between candidates, hiring managers and human resource customer account managers to ensure timely responses. This kind of capability will facilitate the transition of Fourth Estate employees because we will have real-time data access. This kind of information could potentially feed performance metric efforts, like the balanced scorecard, to enable DISA leadership to measure vacancy fill rates and describe onboarding. Financial FunctionsModernize Defense Working Capital Fund financial management_21047288-34e6-11eb-b6e4-63881083ea003.2.1.4DISA Chief Financial OfficerDISA’s Chief Financial Officer is modernizing Defense Working Capital Fund financial management with the implementation of One Fund. Historically, the agency has managed WCF financial operations in two separate entities. The principle objective of the One Fund Initiative is to transition DISA WCF operations from these two separate entities into a single simplified, homogenous and agile financial management environment. The One Fund will standardize business operations, as well as: * Provide an enterprise view across all DISA components of cost and revenue data. * Provide a standard cost allocation methodology across the enterprise. * Provide management insight to cost and revenue associated to specific service offerings and programs that will be used in product analysis and rate development. ^ • Establish a flexible structure to accommodate future growth and reporting requirements. • Maintain compliant business processes and financial reporting. • Reduce from two financial statements to one for the WCF. The One Fund Initiative will continue to leverage the significant effort, progress and investment that DISA has already achieved with the modernization of the WCF financial-management capabilities. This initiative will serve to continue standardization of business processes across the agency and reduce operational costs associated with hosting and sustaining funds in two operating environments.DataEstablish a data-governance board and an agencywide maturity assessment to develop a comprehensive action plan_2104760c-34e6-11eb-b6e4-63881083ea003.2.2As DoD embraces a number of data-management initiatives, DISA seeks to build a culture that values data as a strategic asset. When thoughtfully collected and analyzed, data can catalyze innovation and inform service delivery. Our intent is to establish a data-governance board and an agencywide maturity assessment to develop a comprehensive action plan. The desired end state is to develop and use metrics to measure applications, service and overall mission performance. In alignment with DoD guidance, we want to categorize our new data initiatives in terms of three major areas: data governance, data management and metrics. In the fiscal year 2021-2022 time frame, our objectives under each are:Data GovernanceIncrease accountability_210478e6-34e6-11eb-b6e4-63881083ea003.2.2.1Data Governance – Increase AccountabilityBoard & CouncilEstablish a governance board and council to coordinate the effective development, management, compliance, use and communication of the value of data._21047eb8-34e6-11eb-b6e4-63881083ea003.2.2.1.1Privacy & ConfidentialityAssign responsibility and practice accountability by prioritizing privacy and confidentiality in a protected environment to create and store secure data._210483ae-34e6-11eb-b6e4-63881083ea003.2.2.1.2Data ManagementManage data_21048660-34e6-11eb-b6e4-63881083ea003.2.2.2Data ManagementRe-Use & SharingEncourage data re-use and sharing across functional business units through interconnected systems._21048b1a-34e6-11eb-b6e4-63881083ea003.2.2.2.1Hyper-AutomationIncorporate data into the decision-making process through hyper-automation._21048e26-34e6-11eb-b6e4-63881083ea003.2.2.2.2ResourcesProvide resources to support the use of data._210491e6-34e6-11eb-b6e4-63881083ea003.2.2.2.3Learning, Leaders & ExpertiseInvest in learning, develop data leaders and pool expertise._210495b0-34e6-11eb-b6e4-63881083ea003.2.2.2.4MetricsMeasure what matters_210499e8-34e6-11eb-b6e4-63881083ea003.2.2.3Measure What Matters – MetricsApplications, Services & PerformanceIdentify the data needed to develop metrics to measure application, service and performance to inform business decisions._21049c40-34e6-11eb-b6e4-63881083ea003.2.2.3.1Parameters & CommunicationEstablish key performance parameters and effectively communicate insights to a broad set of audiences through the use of visualizations and balanced scorecards that reflects the agency’s overall mission performance and effectiveness. _2104a000-34e6-11eb-b6e4-63881083ea003.2.2.3.2Customer ServiceStrengthen customer service by building an understanding of mission-partner priorities through regular engagements and collaboration at all levels_2104a348-34e6-11eb-b6e4-63881083ea003.2.3DISA Mission Partner Engagement OfficeDISA’s Mission Partner Engagement Office is the principal representative to our mission partners to build trusted partnerships, enable transparency and inform leadership decisions. Our goal is to strengthen customer service by building an understanding of mission-partner priorities through regular engagements and collaboration at all levels. Specifically, the agency is pursuing improved customer service in the following areas: * Provide improved, consistent communication. * Increase transparency. * Reduce service delivery timelines. ^ DISA’s leadership is committed to increasing transparency and establishing consistent communication with our partners. The assistant to the director leads quarterly “Drumbeat” meetings with the military departments and agencies. The Mission Partner Engagement Office also conducts annual site visits to the combatant commands, and hosts periodic engagement meetings. DISA also hosts bi-monthly customer-engagement forums and actively looks to leverage feedback from its annual mission partner satisfaction survey. Based on feedback from our DoD and federal mission partners that these engagement events are valuable, we increased awareness of engagement offerings in fiscal year 2020, and expose them to a wider audience and agenda of topics. We also expanded the frequency and sample of partners and users surveyed on how and what services DISA provides, updating the Annual Mission Partner Satisfaction Survey to target satisfaction with the service delivery process. Internally, we are implementing a customer relationship management solution and process to increase customer satisfaction and case management. This tool will automate mission partner inquiries and project tracking to allow for shared customer-case management across the agency and increased transparency on all customer interactions. DISA is working to implement solutions to reduce provisioning timelines. These initiatives include DISA’s Storefront integration with software-defined enterprise capabilities to adopt industry-standard automation and orchestration practices to reduce time to deliver, reduce operational costs and increase operational scalability. 2018-10-012022-09-302020-12-02https://www.disa.mil/-/media/Files/DISA/About/Strategic-Plan.ashxOwenAmburOwen.Ambur@verizon.net