2023 NDAA Has Cybersecurity Features

For the last several years the National Defense Authorization Act has contained a number of cybersecurity features, including some recommendations from the cyberspace solarium commission. This year’s bill includes:

• $44 million more for Cybercom’s ‘Hunt Forward’ operations. Hunt forward means offensive cyber operations and Cybercom has conducted several dozens operations in the last year.
• $168 million more for Cyber Mission Force, which includes intelligence operations.
• $56 million more for Cybercom’s Joint Warfighting Architecture development, which is an effort to synchronize cyberspace operations.
• The bill codifies and updates FedRAMP, which is a standardized approach to certifying system cybersecurity in the government.
• Protection of critical infrastructure allows the military to perform defensive cyber on critical infrastructure if approved by the President.
• Requires the DoD to create a five year roadmap to integrate AI into warfighter cyber missions.
• Requires a biennial, unclassified report to be produced through 2032 describing Cybercom’s efforts to ensure election security and counter election threats.
• Establishes a pilot program to share cyber capabilities with foreign partners.
• Requires the Secretary of Defense, on March 1st every year, to brief Congress on the relationship between NSA and Cybercom.
• Requires cyber protection for members of the intelligence community who are vulnerable to cyberattack.
• Requires the CIO of the intelligence community to conduct a yearly survey of each element of the IC on the use of proactive cybersecurity initiatives, active defense techniques and continuous activity security testing.
• And finally, it requires a study to understand if foreign built cranes at U.S. ports represents a threat and deliver that report to Congress.

Since the NDAA is a must pass bill every year, there is a lot of stuff that gets put into it and cybersecurity gets some of the benefits of that. Credit: CSO Online

by