At the Defense Information Systems Agency’s recent Forecast to Industry event, Mark Orndorff, the head of Program Executive Office Mission Assurance and Network Operations, described DISA’s effort to develop an analytics cloud that will provide the DoD with enterprise cyber security capabilities. Based on a similar cloud-based approach to security used by the National Security Agency, DISA’s analytics cloud will be called ‘Acropolis,’ after the temple to Athena, the Greek goddess of wisdom and war. Once it is complete, Acropolis will provide continuous monitoring, cyber-attack analysis, insider threat analysis, and operations situational awareness for the entire Department of Defense, including the Military Departments and Combatant Commands (COCOMs). Mr. Orndorff’s public statement comes at roughly the same time as the Department of Homeland Security and General Services Administration’s announcement that awards have been made for a $6 billion Continuous Diagnostics and Mitigation, Tools, and Continuous Monitoring-as-a-Service contract that will enable all federal agencies to procure the latest in cyber security technology.
The fact that cyber security and cloud computing are being mentioned in the same breath more and more these days is no coincidence. Federal agencies are finding that they can easily leverage cloud-based solutions to address many of their cyber security requirements; from continuous monitoring and identity verification to digital certificate security. This is a trend that has been developing over the last few years, with the total contract value of awards in this area recently rising to more than $6 billion, thanks to the latest announcement from DHS/GSA.
To get a sense of what kinds of projects have been underway, the following table illustrates as best I’ve been able to determine when and to whom cloud contracts have been awarded for cyber security related requirements.
This data reflects the fact that 2011 was the breakout year for cloud computing in the federal and government. Not only did the total value of awarded contracts begin climbing that year, the variety of uses for cloud-based solutions also began to diversify. For example, the use of cloud solutions for cyber security requirements was one of those areas where that growth began to appear. This trend continued to gather speed in 2012 and 2013. As a result, I expect to see a lot more contract awards for cloud-based cyber security solutions in the years to come.