Defense authorization bill boosts cybersecurity

The House Armed Services Committee is moving forward on a fiscal 2015 defense authorization bill that would meet the Pentagon’s $5.1 billion request for cybersecurity operations.

The Pentagon has prioritized building up the federal cyber workforce, with Defense Secretary Chuck Hagel recently calling for more than 6,000 professionals to work in support of the National Security Agency by 2016. In relatively austere times for the Pentagon, cybersecurity has been one of the few areas to see a boost in funding.

The measure would “direct the secretary of Defense to establish an executive agent to coordinate and oversee cyber training and test ranges, critical to operationalizing and improving our DOD cyber forces,” according to a summary of the IT provisions included in the portion of the bill approved last week by the Subcommittee on Intelligence, Emerging Threats and Capabilities.

The defense authorization bill, which the full committee began debating May 7, “fully” supports the broader IT requests in President Barack Obama’s budget and tasks the Government Accountability Office with reporting on insider threats to IT systems, the summary said. GAO is also tasked with reporting on “opportunities to improve services contract processes,” as part of a larger move toward acquisition reform. The legislation also would require “assessments” of DOD’s Joint Information Environment, an effort to standardize IT operations across the department.

An amendment by Rep. Tulsi Gabbard, D-Hawaii, and approved in the May 7 markup, focused on bettering “situational awareness” at U.S. Cyber Command. The amendment directs the command to coordinate with the undersecretary of Defense for acquisition, technology and logistics to submit a plan for “improving cyber situational awareness tools” to congressional defense committees by March 1, 2015. That plan should include a “common, open cyber situational awareness architecture” that includes privacy and civil liberty protections, the amendment said. 

The amendment singles out “net flow data, host-based monitoring, anomaly detection, audit logs and agent-based algorithms” as cyber tools for DOD to consider focusing on.