Cybersecurity

Congress wants oversight of DOD cyber ops

sphere of binary data 

New legislation offered in the House would require the Department of Defense to provide congressional defense committees with details of DOD cyber weapons and sensitive cyber operations.

The bill from the House Armed Services Committee calls for the secretary of defense to provide notice to the armed services committees within 48 hours of conducting a "sensitive military cyber operation."

The bill defines such an operation as one that "is carried out by the armed forces or by a foreign partner in coordination with the armed forces; and is intended to cause effects outside a geographic location where United States armed forces are involved in hostilities."

Such actions can be offensive operations or "a defensive cyber operation outside the Department of Defense Information Networks to defeat an ongoing or imminent threat."

In a statement announcing the legislation, House Armed Services Committee Chairman Rep. Mac Thornberry (R-Texas) said that while programs need to remain classified, Congress still has a responsibility to conduct oversight "in order to protect our security and our essential freedoms at the same time.

"This proposal to enhance congressional oversight of sensitive military cyber operations and cyber weapons will help achieve that balance by promoting greater transparency and accountability for some of the most classified elements of our national defense," he said.

"Drawing on lessons we've learned from the oversight of more traditional DOD sensitive activities outside of areas of active hostilities, this bill will enable Congress to provide additional support and oversight for these activities as they continue to develop as an essential component of U.S. military power," said Ranking Member Rep. Adam Smith (D-Wash.).

The legislation states that congressional committees shall take steps to prevent disclosure of classified information provided to them. The bill adds that "in the event of an unauthorized disclosure of a sensitive military cyber operation … the Secretary shall ensure, to the maximum extent practicable, that the congressional defense committees are notified immediately of the sensitive military cyber operation concerned."

The bill specifically exempts from the notification requirement "a training exercise conducted with the consent of all nations where the intended effects of the exercise will occur," or covert actions under Title 50.

In addition to requiring notification of cyber operations, the bill calls for details on cyber weapons, including information on whether such cyber weapons comport with international law under DOD's internal rules.

About the Author

Sean Carberry is an FCW staff writer covering defense, cybersecurity and intelligence. Prior to joining FCW, he was Kabul Correspondent for NPR, and also served as an international producer for NPR covering the war in Libya and the Arab Spring. He has reported from more than two-dozen countries including Iraq, Yemen, DRC, and South Sudan. In addition to numerous public radio programs, he has reported for Reuters, PBS NewsHour, The Diplomat, and The Atlantic.

Carberry earned a Master of Public Administration from the Harvard Kennedy School, and has a B.A. in Urban Studies from Lehigh University.


The Fed 100

Read the profiles of all this year's winners.

Featured

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group