DLA looks to reduce cyber risks by slashing application footprint
The Defense Logistics Agency Director Lt. Gen. Darrell Williams is concerned about supply chain vulnerabilities and thinks reducing the number of applications on DLA's network will reduce risk.
The Defense Logistics Agency plans to have only a handful of independent applications for its supply chain management efforts to reduce cyber vulnerabilities.
"This is one of those areas that truly a concern: How do we mitigate any potential corruptions to our supply chain," said DLA Director Lt. Gen. Darrell Williams at the Association of the United States Army's land warfare morning event May 31.
"I think we're all very, very concerned about what cyber can do to all of our information systems and how that can impact the flow of supplies and logistics."
Williams said that a decade ago, DLA had about 1,200 different applications and in the last few years has gotten that number around 250. But the agency wants to go further and has a stretch goal to reduce the number of agency-run programs into the double digits by the end of 2019.
Additionally, DLA spokesperson Joseph Yoswa told FCW the agency is eventually looking to move to a capabilities-based platform portal that will provide a single-access point for work management applications. For example, users would be able to click a button that says "time card" rather than the program name.
All applications sit behind the defense firewall and DLA is "working aggressively" to move much of that data to the cloud. But the vulnerability of information systems, which tie the organization together, is one of Williams' biggest concerns.
Williams also said DLA was looking at its distribution network of warehouses to see where stocks are positioned, how much in a single location and its vulnerabilities to mitigate them.
DLA is much more reliant on distribution and operating in sync with the services using real-time data via information systems, he said.
"We can't just be considered a wholesale organization. We are side to side with the services providing the services that are required on a real-time basis."