Lawmakers declined to add a mandate for a White House Cyber Director position, citing jurisdictional issues.
The Cyberspace Solarium Commission's report is influencing the 2021 defense policy bill being marked up in the House Armed Services Committee, but key recommendations including the a mandate for a top White House cyber leader, are going to have to wait.
The Subcommittee on Intelligence and Emerging Threats adopted a markup June 22 that includes provisions directing the Department of Defense to assess the national security risks posed by quantum computing, assess the impact of greater private-public collaboration between government and critical infrastructure owners and operators, clarify the cybersecurity capabilities and interoperability of the National Guard and expanding a program authorizing DOD employees to use paid leave for cybersecurity education.
Lawmakers approved a number of other cyber-related changes, including provisions to consolidate budget data for cyber mission and operations forces, authorize other military services to create counterparts to the Navy's Cyber Warfare Development Group and a requirement for the Secretary of Defense to report monthly on cross-domain compromises within the Defense Information Network.
Earlier this year, members of the Solarium Commission targeted the NDAA as a likely vehicle for implementing defense-related Solarium recommendations, but the version approved by the subcommittee contained only a handful of the approximately 80 issued in the report.
Following the hearing, a committee staffer told FCW that the Intelligence and Emerging Threats Subcommittee is expected to be the primary vehicle for defense-related Solarium provisions, but "the possibility does exist" that other subcommittees could introduce additional recommendations in the Chairman's final mark.
The panel didn't back a provision compelling the White House to establish a Cybersecurity Director position with staff to focus and coordinate digital security issues across the federal government. As FCW reported earlier this year, proponents of that provision have expressed concern it does not fit neatly into the NDAA or the jurisdiction of defense committees and will likely need to be implemented through another committee or standalone legislation.
"This is one [area] where the rules of the House of Representatives make it such that the cross-jurisdictional challenges are in a much different place than they are for the Senate Armed Services Committee and how they address it," said a HASC committee aide during a June 19 press briefing. "At no point is the mark a reflection of the views on the National Cyber Director but rather a reflection of the way we maneuver the bill through the process."
Solarium co-chair Angus King said last year that commission didn't work directly with the White House while developing its recommendations, though it did get input from a number of federal agencies.
In April, Rep. Jim Langevin (D-R.I.), who chairs the Subcommittee on Intelligence and Emerging Threats and served on the Solarium Commission, also indicated that there is "resistance" from the Trump administration over creating a Senate-confirmed position on the National Security Council with its own budget authority.
"There's going to be resistance coming from the White House. No one from 1600 Pennsylvania Avenue likes Congress telling them how to do their job, how they should be structured, but the fact of the matter is it's necessary," Langevin said.