NDAA draft would slash number of CIOs in DOD, boost cyber workforce

House Armed Services Committee Chairman Mac Thornberry (R-Texas) would like to see the 2019 Defense authorization bill cut the number of DOD CIOs from 60 to "no more than five."

House Armed Service Committee Chairman Mac Thornberry (R-Texas) has set his sights on cutting the number of CIOs across the Department of Defense, while making it easier to hire cyber workers.

In his latest draft of the 2019 defense spending bill released May 7, the chairman calls for DOD to reduce the number of CIOs across the organization from 60 to “no more than five” by 2021 due to concern that “this number of senior personnel with this same responsibility injects duplication, redundancy, and slows the Department's ability to swiftly react” to IT needs and cyber domain of warfare incidents.

The measure also includes a provision that would increase the defense secretary’s hiring power. One section aims to give the defense secretary direct authority to hire civilians for “any position involved with cybersecurity,” acquisition, science, technology or engineering. That provision would sunset in September 2025. The mark also includes a section that would expand expedited hiring authorities to replete the acquisition workforce, particulary for such areas as IT modernization and cybersecurity.

The chairman's mark also threatens a short leash for the Pentagon's controversial cloud acquisition program JEDI – short for Joint Enterprise Defense Infrastructure. The bill seeks more information on the DOD's Cloud Executive Steering Group running the acquisition, spending on program administration, the relationship between JEDI and other DOD cloud efforts including milCloud 2.0, an estimate on how long it will take to move warfighting IT infrastructure to the cloud and an explanation of how the acquisition strategy "provides for a full and open competition." The bill includes a provision withholding half the funds allocated for the JEDI deal in FY2019 if the report called for in the bill is not supplied.

Thornberry’s previous recommendations, such as the elimination of the Defense Information Systems Agency, also made it into the latest version. DISA’s information technology, senior leader communications and acquisition functions would be transferred to other parts of DOD by January 2021.

The chairman’s mark also touches on national security policy. One provision seeks a government wide coordination effort to respond to foreign influence operations, particularly cyber-enabled efforts. Part of that effort would include amending the National Security Act of 1947 and tasking the National Security Council with coordinating the entire U.S. government’s response to information and cyber campaigns.

Additionally, the mark suggests a government-wide ban from using and hardware, equipment, components, software, firmware, services and telecommunications equipment from China-based companies Huawei and ZTE -- including their subsidiaries, successors, or affiliates -- effective by January 2021. The proposal follows a recent Pentagon directive instructing military exchange services and commissaries from selling products made by Chinese device manufacturers Huawei and ZTE.

The full committee will begin deliberating the chairman’s mark on May 9.