Skip to content
Fiscal Receipts

Information Systems Security Program

DISARDT&EPartial Reconciliation0303140K
What it is
Information Systems Security Program — a research & development program run by DISA.
What changed
-$8.19M FY25→26
Who gets it
No award linkage at high confidence.

Budget Figures

FY24 Actuals
$8.03M
FY25 Total
$31.4M
FY26 Request
$23.2M
FY25→26 Change
-$8.19M
Budget Trajectory
FY24: $8.03MFY25: $31.4MFY26: $23.2MFY24FY25FY26
FY24
$8.03M
FY25
$31.4M
FY26
$23.2M

FY2026 award data is a partial year — USASpending awards are reported on a rolling basis and the fiscal year does not close until September 30. why →

No research dossier for this program — dossiers cover 50 of 326 programs, ranked by FY2026 requested dollars. why →

Budget Line Items(workbook-cited)

Exhibit R-1

AccountOrgTypeAmount
Research, Development, Test and Evaluation, Defense-WideDISAFY24 Actuals$8.03M
Research, Development, Test and Evaluation, Defense-WideDISAFY25 Enacted$31.4M
Research, Development, Test and Evaluation, Defense-WideDISAFY25 Total$31.4M
Research, Development, Test and Evaluation, Defense-WideDISAFY26 Disc. Request$23.2M
Research, Development, Test and Evaluation, Defense-WideDISAFY26 Total$23.2M

Budget Details(R-2/P-40 facts)

ProjectAll Prior YearsFY24 ActualsFY25 TotalFY26 BaseFY26 Request
IA3: Information Systems Security Program$100.7M$8.03M$31.4M$23.2M$23.2M
Program Element$100.7M$8.03M$31.4M$23.2M$23.2M

Program Narratives

MissionInformation Systems Security Program

Cyber Security & Analytics enables mission operations for global partners and the warfighter by providing communications through the delivery of optimized cyber infrastructure solutions. The intent is to be dominant in providing strategic and innovative cyber infrastructure to support Department of Defense (DoD) missions. Cyber Security & Analytics ensures enterprise services evolve support for a joint information assurance model. The joint information assurance model manages risks related to the use, storage, and transmission of information and supports a broad range of information sharing policies across the unclassified and classified communities. The enhancements to SIPRNet and its enablers will help to secure devices on the network. Cyber Security & Analytics will: • Test and develop active defensive capabilities. • Test and integrate software defined networking and orchestration closed-loop security, which through analytics, monitors and assesses network activities to improve network performance and mitigate negative network occurrences. • Perform research, development, and engineering of emerging cyber situational awareness technologies. • Improve the network performance by providing architecture support, systems engineering and analytical functions.

MissionInformation Systems Security Program

Cyber Security & Analytics enables mission operations for global partners and the warfighter by providing communications through the delivery of optimized cyber infrastructure solutions. The intent is to be dominant in providing strategic and innovative cyber infrastructure to support Department of Defense (DoD) missions. Cyber Security & Analytics ensures enterprise services support a joint information assurance model. The joint information assurance model mitigates risks related to the use, storage, and transmission of information and supports a broad range of information sharing policies across the unclassified and classified communities. Cyber Security & Analytics will: • Test and develop active defensive capabilities. • Test and integrate software defined networking and orchestration closed-loop security, which through analytics, monitors and assesses network activities to improve network performance and mitigate negative network occurrences. • Perform research, development, and engineering of emerging cyber situational awareness technologies. • Improve the network performance by providing architecture support, systems engineering and analytical functions.

Accomplishments & Planned Programs (5)

Zero Trust Architecture (ZTA)

The ZTA project supports the effort to create a Zero Trust Commercial Cloud Lab (ZTCCL). The ZTCCL is an environment that provides an integration space to develop, test, and mature concepts, capabilities, and technology to benefit the DoD Information Network (DoDIN). These concepts, capabilities, and technologies will increase the DoDIN’s ability to prevent, detect, respond, and recover from malicious cyber activities while proving scalability to enterprise levels. The ZTCCL will: • Provide a test and development environment to test ZT capabilities within a cloud lab environment. • Provide automations for customer research and development with an activity template to include standard IT domain builds, three tiered applications that improve scalability and availability, and "Gold images" that provide a consistent system baseline for common Operating Systems deployments. The ZT project stemmed from a FY 2018 initial Zero Trust Reference Architecture effort with US Cyber Command, NSA, and DoD-CIO.

Automation Technical Integration and Engineering in Cyberspace

This program provides research and development, conducts technology assessments, and provides data to drive real time automation integration decisions and enterprise solutions, ultimately improving the user experience. As DISA moves towards a shared transparency of understanding, automation of technical solutions promotes increased information sharing and improved understanding of interdependencies underlying service operations and mission activities. Emerging information technology must support the current and next-generation warfighters to ensure systems are protected while also leveraging advances in automation to deliver capabilities. Ultimately, these efforts support the achievement of an optimized IT environment to protect against threats in cyberspace that remain dynamic and persistent.

SIPRNet Endpoint Management

DISA will provide an enterprise Unified Endpoint Management (UEM) suite of tools that will be available to the Department to help secure devices on the network. DISA will invest in people, processes and policy coordination and work with vendors, such as Microsoft and others, to bring Impact Level 5 (IL) security tools over to the Impact Level (IL6) environment that secures the SIPRNet. By porting tools supporting Unified Endpoint Management, DISA and the DoD gain advantages at scale by having a shared UEM solution that ensures endpoints are operating at a common security level across the SIPRNet domain. Without these tools, the enterprise is left to less efficient and disparate methods for updating devices which leads to varying software versions on the network.

Endpoint License and Support

DISA, at the request of the United States Strategic Command (USSTRATCOM) and in support of National Security goals established by the President, has purchased a capability from industry that takes data from Endpoint tools and centralizes it for monitoring and roll up for all Endpoint Security System (ESS) solution(s). This solution will provide data points for network administrators and security personnel with intelligence to prevent, detect, track, report, and remediate malicious computer-related activities and incidents across all DoD networks and information systems.

Public Key Infrastructure (PKI)

Provide non-reputable digital identities of users, devices, applications, and services for both DoD and external mission partners using hardware and software-based certificate/key pairs, and a suite of capabilities that uses interoperable industry standards (OCSP/CRLs) to enable real-time revocation status of those identities. Enable secure communication at OSI 5/6.

No follow-the-dollar view — this program's awards haven't been crosswalked at high confidence (flows cover 17 of 326 programs). why →

Primary Sources