Acting Defense Department (DOD) Chief Information Officer (CIO) Katie Arrington used her final public address in the role to announce that the Pentagon is moving to deploy Mission Network as a Service, an effort she said would unify the department’s secret-level systems, in under a year.
The initiative seeks to merge roughly 17 separate networks used by combatant commands into a single, secure environment intended to improve data sharing and interoperability across the DOD, which the Trump administration has rebranded as the Department of War.
During DISA’s annual Forecast to Industry conference on Monday, Arrington said the consolidated network is a significant cultural change and is designed to help the department defend against increasingly complex and simultaneous cyberattacks.
Lt. Gen. Paul Stanton, DISA’s director and commander of Cyber Defense Command, said the shift reflects a move to modern security principles that allows organizations to combine information quickly to support decision-making.
“This is a fundamental shift using modernized technology and modernized security principles to drive to … a data-centric approach to being able to put the right data together for multiple different organizations to support decision making at speed,” Stanton said.
A central element of the project is identity, credential and access management, or ICAM. Arrington said a unified identity – carried from active duty through civilian service and into retirement – would unlock systems based on validated credentials rather than location or network.
“[Your CAC] card will be your key to anything,” she said, noting that standardized identity data and zero-trust protections would allow users to access information they are authorized to see while cutting administrative overhead. She said the approach could save “hundreds of billions of dollars” over time.
During a media roundtable, DISA officials told reporters that the identity component is essential to making the unified network work across U.S., allied. and coalition environments.
Brian Hermann, director of DISA’s Program Executive Office Cyber, said the department must be able to determine who is accessing the network and the data within it.
“That demands that we understand the identity of the user,” Hermann said. “It’s a significant undertaking to make sure that we work with all of the allies and coalition partners [to] understand the status of their identity programs.”
The goal, he said, is to bring coalition users into the environment with appropriate access while minimizing risk.