Information Systems Security Program
Abstract
The DoD CIO information systems security program (ISSP) provides focused defense cybersecurity and information assurance technology and technical solutions research, development, testing, and integration critical to meet the Title 10 U.S. Code Section 2224 (10 U.S.C. §2224) (Defense Information Assurance Program); Public Law 113-283 (Federal Information Security Modernization Act of 2014); Office of Management and Budget (OMB) Circular A-130; DoD cybersecurity-related instruction series, such as 8500, 8510, 8520, 8530, and 8540; Executive Order 14028, “Improving the Nation’s Cybersecurity”; National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2022, Section 1528; National Cybersecurity Strategy (March 2023), OMB M-22-09, “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles”; National Security Memorandum 8, “Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems”; 2022 National Defense Strategy, and 2022 DoD Zero Trust (ZT) Strategy requirements. ISSP supports the DoD CIO and its mission partners on: architecture, engineering, and technical matters to develop governance processes and structures; evolving and enabling a more integrated and synchronized DoD information environment that provides a shared core enterprise services network to integrate information sharing, collaboration, and close identified gaps across all mission areas; national security system protection; adopting ZT cybersecurity principles and attaining target level ZT (at a minimum) by the end of FY 2027, by providing strategic guidance, oversight, comprehensive training, and assessing proposed ZT solutions meeting target or advanced level ZT; developing the U.S. Government’s ability to prevent and defend against adversarial and/or commercial information and communications technology supply-chain attacks on its mission critical systems, networks, and devices; overseeing cybersecurity risk life-cycle management; and integrating cybersecurity standards, methods, and procedures across the DoD to achieve a robust and resilient cybersecurity posture.
Document Details
- Document Type
- R2 Budgetary Justification
- Publication Date
- Oct 01, 2025
- Source ID
- 0303140D8Z_7_0400_PB_2025
- Change Summary Explanation
- The FY 2024 program included $70 million for one-time ZT initiatives (native ZT pilots). The $9.494 million increase in the FY 2025 base program from the FY 2024 PB to the FY 2025 PB submission is due to ZT development requirements and implementing cybersecurity reference architecture.
- Service Agency Name
- Office of the Secretary Of Defense
Entities
Organizations
- Office of the Secretary of Defense
Related Documents
- Child Project: Information Systems Security Program (ISSP)
- Child Accomplishment: Information Systems Security Program Plans and Accomplishments
- Child Cost Item: dd93c4dc17139b366b198529c58c573f
- Child Cost Item: dba9fa5a1969f3e5e16975d159cbac87
- Child Cost Item: 0dc45be3df6caf9e5470c22df15e993a
- Child Cost Item: de4cb7be90ac37ff290c1627848b04ad
- Child Cost Item: d7a614de32f865078bdf0890d572aeef
- Child Cost Item: 93d1d6efc52ac1769b2c855cd7aadb79