The Defense Information Systems Agency (DISA) has encountered growing criticism over recent months. The Agency tasked with providing the global infrastructure for information sharing and communications to the Department of Defense has fallen behind the curve in terms of technological advancements. The problem of tech-debt is severe enough that officials are claiming that there are systems still in use that were created in the 1970s.

One may ask how they got into that position. Tech debt is felt across all industries and not everyone has the financial and technical expertise to continuously advance forward. As a result, new systems are build on top of old systems. Essentially setting in stone the archaic technology that is opening the door for cyber risk.

The one of the largest criticisms of the DoD in a technologically advanced world is that, as a whole, they do not keep up with the times. For example, many DoD centers still use floppy disks for operational tasks. Floppy disks are just a physical means for data storage and transfer, but what occurs when a fully digital and outdated system is used for operational and critical means? Vulnerabilities are then exposed. If found, these vulnerabilities can then be exploited by various threat actors.

How to avoid being a DISA-ppointment is on their mind. The information sharing network of DISA is extremely complex, to the point where those that are responsible for maintaining it have a hard time doing just that. To move forward, DISA has it’s sights set on simplifying the system at hand. Only then will they be able to modernize the system and be confident in their defensive posture.