Congress could take more oversight of DoD cyber activities. (SAUL LOEB / AFP/Getty Images)
Congress would get greater oversight authority over Defense Department operations in cyberspace if language that a House Armed Services Committee subcommittee issued makes it into the 2015 National Defense Authorization Act.
The language calls on defense leaders to provide further information on numerous cyber activities, including cyber test and training ranges, the cyber workforce and cyber authorities and relationships with other federal organizations.
In one section of the Intelligence, Emerging Threats and Capabilities Subcommittee’s proposed legislation, lawmakers direct the defense secretary to designate a senior DoD official to coordinate and oversee Pentagon cyber test and training ranges.
“The committee is aware that a number of cyber ranges currently exist, but the department’s Test and Evaluation Strategic Plan has identified a number of capability gaps that need to be addressed in order to provide sufficient and adequate cyber test and training,” lawmakers wrote. “Though there has been significant growth of cyber personnel to fulfill critical defensive and offensive missions for the department, the capacity for training in a realistic environment has not kept pace.”
In another section, the Air Force secretary and the director of the National Security Agency are directed to jointly report on the service’s cyber spending and workforce.
The directive calls for a report to congressional defense committees “that captures the aggregate Air Force investment in cyber, laying out where the various elements of Air Force cyber are nested, and how those elements are integrated within the overall Air Force and Department of Defense cyber enterprises.”
Beyond orders for the defense secretary, the Air Force and the NSA, the language also calls on the DoD comptroller to provide additional clarity regarding U.S. Cyber Command. Among the requested information is further detail related to CyberCom’s long-term mission as well as its organizations, missions, authorities and relationships with geographic combatant commands and other federal agencies. The language also asks for more details on CyberCom’s offensive and defensive rules of engagement.
Proposed sections of the bill face markup on April 30 in subcommittee for inclusion in the full 2015 NDAA.